diff --git a/.github/workflows/swift.yml b/.github/workflows/swift.yml index 806e04e6c68..075a5505f39 100644 --- a/.github/workflows/swift.yml +++ b/.github/workflows/swift.yml @@ -16,6 +16,7 @@ on: branches: - main - rc/* + - codeql-cli-* push: paths: - "swift/**" @@ -30,6 +31,7 @@ on: branches: - main - rc/* + - codeql-cli-* jobs: # not using a matrix as you cannot depend on a specific job in a matrix, and we want to start linux checks diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index f77a14c328f..e5d2ae643bc 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. + ## 0.7.1 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md b/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md deleted file mode 100644 index 68421139e7d..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. diff --git a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md b/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md deleted file mode 100644 index be4c4e73ed0..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md b/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md deleted file mode 100644 index 5688945dc80..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md b/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md deleted file mode 100644 index b28167dc52d..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md b/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md deleted file mode 100644 index 8b562bd8357..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. diff --git a/cpp/ql/lib/change-notes/released/0.7.2.md b/cpp/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..4decad06ae8 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,15 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3f6482c1ebe..1982886c434 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.7.2-dev +version: 0.7.3-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/lib/semmle/code/cpp/Macro.qll b/cpp/ql/lib/semmle/code/cpp/Macro.qll index 4378cec4857..bd916d4bc4e 100644 --- a/cpp/ql/lib/semmle/code/cpp/Macro.qll +++ b/cpp/ql/lib/semmle/code/cpp/Macro.qll @@ -34,7 +34,7 @@ class Macro extends PreprocessorDirective, @ppd_define { * Gets the name of the macro. For example, `MAX` in * `#define MAX(x,y) (((x)>(y))?(x):(y))`. */ - string getName() { result = this.getHead().splitAt("(", 0) } + string getName() { result = this.getHead().regexpCapture("([^(]*+).*", 1) } /** Holds if the macro has name `name`. */ predicate hasName(string name) { this.getName() = name } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index 7f32a27287b..9a3fd679f23 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -1640,8 +1640,15 @@ predicate localInstructionFlow(Instruction e1, Instruction e2) { localFlow(instructionNode(e1), instructionNode(e2)) } +/** + * INTERNAL: Do not use. + * + * Ideally this module would be private, but the `asExprInternal` predicate is + * needed in `DefaultTaintTrackingImpl`. Once `DefaultTaintTrackingImpl` is gone + * we can make this module private. + */ cached -private module ExprFlowCached { +module ExprFlowCached { /** * Holds if `n` is an indirect operand of a `PointerArithmeticInstruction`, and * `e` is the result of loading from the `PointerArithmeticInstruction`. @@ -1692,7 +1699,8 @@ private module ExprFlowCached { * `x[i]` steps to the expression `x[i - 1]` without traversing the * entire chain. */ - private Expr asExpr(Node n) { + cached + Expr asExprInternal(Node n) { isIndirectBaseOfArrayAccess(n, result) or not isIndirectBaseOfArrayAccess(n, _) and @@ -1704,7 +1712,7 @@ private module ExprFlowCached { * dataflow step. */ private predicate localStepFromNonExpr(Node n1, Node n2) { - not exists(asExpr(n1)) and + not exists(asExprInternal(n1)) and localFlowStep(n1, n2) } @@ -1715,7 +1723,7 @@ private module ExprFlowCached { pragma[nomagic] private predicate localStepsToExpr(Node n1, Node n2, Expr e2) { localStepFromNonExpr*(n1, n2) and - e2 = asExpr(n2) + e2 = asExprInternal(n2) } /** @@ -1726,7 +1734,7 @@ private module ExprFlowCached { exists(Node mid | localFlowStep(n1, mid) and localStepsToExpr(mid, n2, e2) and - e1 = asExpr(n1) + e1 = asExprInternal(n1) ) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll index e21a83fcb54..960b373b4fa 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll @@ -60,7 +60,7 @@ private DataFlow::Node getNodeForSource(Expr source) { } private DataFlow::Node getNodeForExpr(Expr node) { - result = DataFlow::exprNode(node) + node = DataFlow::ExprFlowCached::asExprInternal(result) or // Some of the sources in `isUserInput` are intended to match the value of // an expression, while others (those modeled below) are intended to match @@ -221,7 +221,7 @@ private module Cached { predicate nodeIsBarrierIn(DataFlow::Node node) { // don't use dataflow into taint sources, as this leads to duplicate results. exists(Expr source | isUserInput(source, _) | - node = DataFlow::exprNode(source) + source = DataFlow::ExprFlowCached::asExprInternal(node) or // This case goes together with the similar (but not identical) rule in // `getNodeForSource`. diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 1314e6d7553..4991b66538f 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### New Queries diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql similarity index 99% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql index e787b596158..0d8648aac0a 100644 --- a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql @@ -4,10 +4,11 @@ * may result in a buffer overflow. * @kind path-problem * @problem.severity error + * @security-severity 9.3 + * @precision medium * @id cpp/overrun-write * @tags reliability * security - * experimental * external/cwe/cwe-119 * external/cwe/cwe-131 */ diff --git a/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md new file mode 100644 index 00000000000..32195223fcd --- /dev/null +++ b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `cpp/overrun-write`, to detect buffer overflows in C-style functions that manipulate buffers. diff --git a/cpp/ql/src/change-notes/released/0.6.2.md b/cpp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index bc68a7f14d5..aa0358a99ad 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -14,7 +14,7 @@ import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysi import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.dataflow.DataFlow -import PointerArithmeticToDerefFlow::PathGraph +import FieldAddressToDerefFlow::PathGraph pragma[nomagic] Instruction getABoundIn(SemBound b, IRFunction func) { @@ -42,21 +42,6 @@ bindingset[b] pragma[inline_late] predicate bounded2(Instruction i, Instruction b, int delta) { boundedImpl(i, b, delta) } -module FieldAddressToPointerArithmeticConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { isFieldAddressSource(_, source) } - - predicate isSink(DataFlow::Node sink) { - exists(PointerAddInstruction pai | pai.getLeft() = sink.asInstruction()) - } -} - -module FieldAddressToPointerArithmeticFlow = - DataFlow::Global; - -predicate isFieldAddressSource(Field f, DataFlow::Node source) { - source.asInstruction().(FieldAddressInstruction).getField() = f -} - bindingset[delta] predicate isInvalidPointerDerefSinkImpl( int delta, Instruction i, AddressOperand addr, string operation @@ -93,38 +78,96 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } -predicate isConstantSizeOverflowSource(Field f, PointerAddInstruction pai, int delta) { - exists(int size, int bound, DataFlow::Node source, DataFlow::InstructionNode sink | - FieldAddressToPointerArithmeticFlow::flow(source, sink) and - isFieldAddressSource(f, source) and - pai.getLeft() = sink.asInstruction() and - f.getUnspecifiedType().(ArrayType).getArraySize() = size and - semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and - delta = bound - size and - delta >= 0 and - size != 0 and - size != 1 - ) +pragma[nomagic] +predicate arrayTypeHasSizes(ArrayType arr, int baseTypeSize, int arraySize) { + arr.getBaseType().getSize() = baseTypeSize and + arr.getArraySize() = arraySize +} + +predicate pointerArithOverflow0( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + not f.getNamespace() instanceof StdNamespace and + arrayTypeHasSizes(f.getUnspecifiedType(), pai.getElementSize(), size) and + semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and + delta = bound - size and + delta >= 0 and + size != 0 and + size != 1 } module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - isConstantSizeOverflowSource(_, source.asInstruction(), _) + pointerArithOverflow0(source.asInstruction(), _, _, _, _) } - pragma[inline] + predicate isBarrierIn(DataFlow::Node node) { isSource(node) } + + predicate isBarrierOut(DataFlow::Node node) { isSink(node) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } module PointerArithmeticToDerefFlow = DataFlow::Global; +predicate pointerArithOverflow( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + pointerArithOverflow0(pai, f, size, bound, delta) and + PointerArithmeticToDerefFlow::flow(DataFlow::instructionNode(pai), _) +} + +module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { + newtype FlowState = + additional TArray(Field f) { pointerArithOverflow(_, f, _, _, _) } or + additional TOverflowArithmetic(PointerArithmeticInstruction pai) { + pointerArithOverflow(pai, _, _, _, _) + } + + predicate isSource(DataFlow::Node source, FlowState state) { + exists(Field f | + source.asInstruction().(FieldAddressInstruction).getField() = f and + state = TArray(f) + ) + } + + predicate isSink(DataFlow::Node sink, FlowState state) { + exists(DataFlow::Node pai | + state = TOverflowArithmetic(pai.asInstruction()) and + PointerArithmeticToDerefFlow::flow(pai, sink) + ) + } + + predicate isBarrier(DataFlow::Node node, FlowState state) { none() } + + predicate isBarrierIn(DataFlow::Node node) { isSource(node, _) } + + predicate isBarrierOut(DataFlow::Node node) { isSink(node, _) } + + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 + ) { + exists(PointerArithmeticInstruction pai, Field f | + state1 = TArray(f) and + state2 = TOverflowArithmetic(pai) and + pai.getLeft() = node1.asInstruction() and + node2.asInstruction() = pai and + pointerArithOverflow(pai, f, _, _, _) + ) + } +} + +module FieldAddressToDerefFlow = DataFlow::GlobalWithState; + from - Field f, PointerArithmeticToDerefFlow::PathNode source, - PointerArithmeticToDerefFlow::PathNode sink, Instruction deref, string operation, int delta + Field f, FieldAddressToDerefFlow::PathNode source, PointerArithmeticInstruction pai, + FieldAddressToDerefFlow::PathNode sink, Instruction deref, string operation, int delta where - PointerArithmeticToDerefFlow::flowPath(source, sink) and + FieldAddressToDerefFlow::flowPath(source, sink) and isInvalidPointerDerefSink2(sink.getNode(), deref, operation) and - isConstantSizeOverflowSource(f, source.getNode().asInstruction(), delta) -select source, source, sink, + source.getState() = FieldAddressToDerefConfig::TArray(f) and + sink.getState() = FieldAddressToDerefConfig::TOverflowArithmetic(pai) and + pointerArithOverflow(pai, f, _, _, delta) +select pai, source, sink, "This pointer arithmetic may have an off-by-" + (delta + 1) + " error allowing it to overrun $@ at this $@.", f, f.getName(), deref, operation diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index 07189cea9d9..610eb572d8c 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -81,8 +81,8 @@ predicate hasSize(HeuristicAllocationExpr alloc, DataFlow::Node n, int state) { * ``` * * We do this by splitting the task up into two configurations: - * 1. `AllocToInvalidPointerConf` find flow from `malloc(size)` to `begin + size`, and - * 2. `InvalidPointerToDerefConf` finds flow from `begin + size` to an `end` (on line 3). + * 1. `AllocToInvalidPointerConfig` find flow from `malloc(size)` to `begin + size`, and + * 2. `InvalidPointerToDerefConfig` finds flow from `begin + size` to an `end` (on line 3). * * Finally, the range-analysis library will find a load from (or store to) an address that * is non-strictly upper-bounded by `end` (which in this case is `*p`). @@ -180,13 +180,13 @@ predicate isSinkImpl( } /** - * Holds if `sink` is a sink for `InvalidPointerToDerefConf` and `i` is a `StoreInstruction` that + * Holds if `sink` is a sink for `InvalidPointerToDerefConfig` and `i` is a `StoreInstruction` that * writes to an address that non-strictly upper-bounds `sink`, or `i` is a `LoadInstruction` that * reads from an address that non-strictly upper-bounds `sink`. */ pragma[inline] -predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation) { - exists(AddressOperand addr, int delta | +predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation, int delta) { + exists(AddressOperand addr | bounded1(addr.getDef(), sink.asInstruction(), delta) and delta >= 0 and i.getAnOperand() = addr @@ -201,13 +201,13 @@ predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string o /** * A configuration to track flow from a pointer-arithmetic operation found - * by `AllocToInvalidPointerConf` to a dereference of the pointer. + * by `AllocToInvalidPointerConfig` to a dereference of the pointer. */ module InvalidPointerToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { invalidPointerToDerefSource(_, source, _) } pragma[inline] - predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _, _) } predicate isBarrier(DataFlow::Node node) { node = any(DataFlow::SsaPhiNode phi | not phi.isPhiRead()).getAnInput(true) @@ -237,17 +237,17 @@ predicate invalidPointerToDerefSource( } newtype TMergedPathNode = - // The path nodes computed by the first projection of `AllocToInvalidPointerConf` + // The path nodes computed by the first projection of `AllocToInvalidPointerConfig` TPathNode1(AllocToInvalidPointerFlow::PathNode1 p) or - // The path nodes computed by `InvalidPointerToDerefConf` + // The path nodes computed by `InvalidPointerToDerefConfig` TPathNode3(InvalidPointerToDerefFlow::PathNode p) or - // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConf`. - // This one is needed because the sink identified by `InvalidPointerToDerefConf` is the + // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConfig`. + // This one is needed because the sink identified by `InvalidPointerToDerefConfig` is the // pointer, but we want to raise an alert at the dereference. TPathNodeSink(Instruction i) { exists(DataFlow::Node n | InvalidPointerToDerefFlow::flowTo(n) and - isInvalidPointerDerefSink(n, i, _) + isInvalidPointerDerefSink(n, i, _, _) ) } @@ -321,7 +321,15 @@ query predicate edges(MergedPathNode node1, MergedPathNode node2) { or node1.asPathNode3().getASuccessor() = node2.asPathNode3() or - joinOn2(node1.asPathNode3(), node2.asSinkNode(), _) + joinOn2(node1.asPathNode3(), node2.asSinkNode(), _, _) +} + +query predicate nodes(MergedPathNode n, string key, string val) { + AllocToInvalidPointerFlow::PathGraph1::nodes(n.asPathNode1(), key, val) + or + InvalidPointerToDerefFlow::PathGraph::nodes(n.asPathNode3(), key, val) + or + key = "semmle.label" and val = n.asSinkNode().toString() } query predicate subpaths( @@ -335,8 +343,8 @@ query predicate subpaths( } /** - * Holds if `p1` is a sink of `AllocToInvalidPointerConf` and `p2` is a source - * of `InvalidPointerToDerefConf`, and they are connected through `pai`. + * Holds if `p1` is a sink of `AllocToInvalidPointerConfig` and `p2` is a source + * of `InvalidPointerToDerefConfig`, and they are connected through `pai`. */ predicate joinOn1( PointerArithmeticInstruction pai, AllocToInvalidPointerFlow::PathNode1 p1, @@ -347,37 +355,37 @@ predicate joinOn1( } /** - * Holds if `p1` is a sink of `InvalidPointerToDerefConf` and `i` is the instruction + * Holds if `p1` is a sink of `InvalidPointerToDerefConfig` and `i` is the instruction * that dereferences `p1`. The string `operation` describes whether the `i` is * a `StoreInstruction` or `LoadInstruction`. */ pragma[inline] -predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation) { - isInvalidPointerDerefSink(p1.getNode(), i, operation) +predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation, int delta) { + isInvalidPointerDerefSink(p1.getNode(), i, operation, delta) } predicate hasFlowPath( MergedPathNode source1, MergedPathNode sink, InvalidPointerToDerefFlow::PathNode source3, - PointerArithmeticInstruction pai, string operation + PointerArithmeticInstruction pai, string operation, int delta ) { exists(InvalidPointerToDerefFlow::PathNode sink3, AllocToInvalidPointerFlow::PathNode1 sink1 | AllocToInvalidPointerFlow::flowPath(source1.asPathNode1(), _, sink1, _) and joinOn1(pai, sink1, source3) and InvalidPointerToDerefFlow::flowPath(source3, sink3) and - joinOn2(sink3, sink.asSinkNode(), operation) + joinOn2(sink3, sink.asSinkNode(), operation, delta) ) } from - MergedPathNode source, MergedPathNode sink, int k, string kstr, + MergedPathNode source, MergedPathNode sink, int k2, int k3, string kstr, InvalidPointerToDerefFlow::PathNode source3, PointerArithmeticInstruction pai, string operation, Expr offset, DataFlow::Node n where - hasFlowPath(source, sink, source3, pai, operation) and - invalidPointerToDerefSource(pai, source3.getNode(), k) and + hasFlowPath(source, sink, source3, pai, operation, k3) and + invalidPointerToDerefSource(pai, source3.getNode(), k2) and offset = pai.getRight().getUnconvertedResultExpression() and n = source.asPathNode1().getNode() and - if k = 0 then kstr = "" else kstr = " + " + k + if (k2 + k3) = 0 then kstr = "" else kstr = " + " + (k2 + k3) select sink, source, sink, "This " + operation + " might be out of bounds, as the pointer might be equal to $@ + $@" + kstr + ".", n, n.toString(), offset, offset.toString() diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4df58a2da69..46dffc3e763 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - cpp - queries diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref deleted file mode 100644 index 21ced45de5d..00000000000 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref +++ /dev/null @@ -1 +0,0 @@ -experimental/Likely Bugs/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index e201ef15af9..7d3df8cb7cb 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -1,37 +1,46 @@ edges -| test.cpp:66:32:66:32 | p | test.cpp:66:32:66:32 | p | -| test.cpp:66:32:66:32 | p | test.cpp:67:5:67:6 | * ... | -| test.cpp:66:32:66:32 | p | test.cpp:67:6:67:6 | p | +| test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | +| test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | +| test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | +| test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | +| test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | +| test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | +| test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | +| test.cpp:70:33:70:33 | p | test.cpp:72:5:72:15 | access to array | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:26:77:44 | & ... | +| test.cpp:77:32:77:34 | buf | test.cpp:77:26:77:44 | & ... | +| test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | +| test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | nodes | test.cpp:35:5:35:22 | access to array | semmle.label | access to array | +| test.cpp:35:10:35:12 | buf | semmle.label | buf | | test.cpp:36:5:36:24 | access to array | semmle.label | access to array | +| test.cpp:36:10:36:12 | buf | semmle.label | buf | | test.cpp:43:9:43:19 | access to array | semmle.label | access to array | +| test.cpp:43:14:43:16 | buf | semmle.label | buf | | test.cpp:49:5:49:22 | access to array | semmle.label | access to array | +| test.cpp:49:10:49:12 | buf | semmle.label | buf | | test.cpp:50:5:50:24 | access to array | semmle.label | access to array | +| test.cpp:50:10:50:12 | buf | semmle.label | buf | | test.cpp:57:9:57:19 | access to array | semmle.label | access to array | +| test.cpp:57:14:57:16 | buf | semmle.label | buf | | test.cpp:61:9:61:19 | access to array | semmle.label | access to array | +| test.cpp:61:14:61:16 | buf | semmle.label | buf | | test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:67:5:67:6 | * ... | semmle.label | * ... | -| test.cpp:67:6:67:6 | p | semmle.label | p | +| test.cpp:70:33:70:33 | p | semmle.label | p | | test.cpp:72:5:72:15 | access to array | semmle.label | access to array | | test.cpp:77:26:77:44 | & ... | semmle.label | & ... | -| test.cpp:77:27:77:44 | access to array | semmle.label | access to array | +| test.cpp:77:32:77:34 | buf | semmle.label | buf | +| test.cpp:79:27:79:34 | buf | semmle.label | buf | +| test.cpp:79:32:79:34 | buf | semmle.label | buf | subpaths #select -| test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | -| test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | -| test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | -| test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | -| test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | -| test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | -| test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | -| test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:35:5:35:22 | PointerAdd: access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | +| test.cpp:36:5:36:24 | PointerAdd: access to array | test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | +| test.cpp:43:9:43:19 | PointerAdd: access to array | test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | +| test.cpp:49:5:49:22 | PointerAdd: access to array | test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | +| test.cpp:50:5:50:24 | PointerAdd: access to array | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | +| test.cpp:57:9:57:19 | PointerAdd: access to array | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | +| test.cpp:61:9:61:19 | PointerAdd: access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | +| test.cpp:72:5:72:15 | PointerAdd: access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp index 65ededa218c..a33f43bfa49 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp @@ -79,6 +79,15 @@ void testInterproc(BigArray *arr) { addToPointerAndAssign(arr->buf); } +#define MAX_SIZE_BYTES 4096 + +void testCharIndex(BigArray *arr) { + char *charBuf = (char*) arr->buf; + + charBuf[MAX_SIZE_BYTES - 1] = 0; // GOOD + charBuf[MAX_SIZE_BYTES] = 0; // BAD [FALSE NEGATIVE] +} + void testEqRefinement() { int arr[MAX_SIZE]; diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index 1487088ca9f..09c75e7369c 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -671,18 +671,410 @@ edges | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:15:350:19 | Load: * ... | | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:355:14:355:27 | new[] | test.cpp:356:15:356:16 | xs | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:31 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:359:16:359:31 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:363:14:363:27 | new[] | test.cpp:365:15:365:15 | p | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:371:7:371:7 | p | test.cpp:372:15:372:16 | Load: * ... | +| test.cpp:372:16:372:16 | p | test.cpp:372:15:372:16 | Load: * ... | +nodes +| test.cpp:4:15:4:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:5:15:5:15 | p | semmle.label | p | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:6:14:6:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:8:14:8:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:12:16:12:16 | q | semmle.label | q | +| test.cpp:16:15:16:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:17:15:17:15 | p | semmle.label | p | +| test.cpp:17:15:17:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:20:14:20:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:20:16:20:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:28:15:28:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:29:15:29:15 | p | semmle.label | p | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:30:14:30:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:32:14:32:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:36:16:36:16 | q | semmle.label | q | +| test.cpp:40:15:40:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:41:15:41:15 | p | semmle.label | p | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:42:14:42:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:44:14:44:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:48:16:48:16 | q | semmle.label | q | +| test.cpp:51:7:51:14 | mk_array indirection | semmle.label | mk_array indirection | +| test.cpp:51:33:51:35 | end | semmle.label | end | +| test.cpp:52:19:52:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:53:5:53:23 | ... = ... | semmle.label | ... = ... | +| test.cpp:53:12:53:16 | begin | semmle.label | begin | +| test.cpp:53:12:53:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:60:19:60:26 | call to mk_array | semmle.label | call to mk_array | +| test.cpp:60:34:60:37 | mk_array output argument | semmle.label | mk_array output argument | +| test.cpp:62:32:62:34 | end | semmle.label | end | +| test.cpp:62:39:62:39 | p | semmle.label | p | +| test.cpp:66:32:66:34 | end | semmle.label | end | +| test.cpp:66:39:66:39 | p | semmle.label | p | +| test.cpp:67:9:67:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:70:31:70:33 | end | semmle.label | end | +| test.cpp:70:38:70:38 | p | semmle.label | p | +| test.cpp:80:9:80:16 | mk_array indirection [begin] | semmle.label | mk_array indirection [begin] | +| test.cpp:80:9:80:16 | mk_array indirection [end] | semmle.label | mk_array indirection [end] | +| test.cpp:82:5:82:28 | ... = ... | semmle.label | ... = ... | +| test.cpp:82:9:82:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:82:17:82:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:83:5:83:30 | ... = ... | semmle.label | ... = ... | +| test.cpp:83:9:83:11 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:83:15:83:17 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:83:15:83:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:83:19:83:23 | begin | semmle.label | begin | +| test.cpp:83:19:83:23 | begin indirection | semmle.label | begin indirection | +| test.cpp:89:19:89:26 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:89:19:89:26 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:91:20:91:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:91:24:91:28 | begin | semmle.label | begin | +| test.cpp:91:24:91:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:91:36:91:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:91:40:91:42 | end | semmle.label | end | +| test.cpp:91:40:91:42 | end indirection | semmle.label | end indirection | +| test.cpp:91:47:91:47 | p | semmle.label | p | +| test.cpp:95:20:95:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:95:24:95:28 | begin | semmle.label | begin | +| test.cpp:95:24:95:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:95:36:95:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:95:40:95:42 | end | semmle.label | end | +| test.cpp:95:40:95:42 | end indirection | semmle.label | end indirection | +| test.cpp:95:47:95:47 | p | semmle.label | p | +| test.cpp:96:9:96:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:99:20:99:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:99:24:99:28 | begin | semmle.label | begin | +| test.cpp:99:24:99:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:99:35:99:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:99:39:99:41 | end | semmle.label | end | +| test.cpp:99:39:99:41 | end indirection | semmle.label | end indirection | +| test.cpp:99:46:99:46 | p | semmle.label | p | +| test.cpp:104:27:104:29 | arr [begin] | semmle.label | arr [begin] | +| test.cpp:104:27:104:29 | arr [end] | semmle.label | arr [end] | +| test.cpp:105:20:105:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:105:24:105:28 | begin | semmle.label | begin | +| test.cpp:105:24:105:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:105:36:105:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:105:40:105:42 | end | semmle.label | end | +| test.cpp:105:40:105:42 | end indirection | semmle.label | end indirection | +| test.cpp:105:47:105:47 | p | semmle.label | p | +| test.cpp:109:20:109:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:109:24:109:28 | begin | semmle.label | begin | +| test.cpp:109:24:109:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:109:36:109:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:109:40:109:42 | end | semmle.label | end | +| test.cpp:109:40:109:42 | end indirection | semmle.label | end indirection | +| test.cpp:109:47:109:47 | p | semmle.label | p | +| test.cpp:110:9:110:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:113:20:113:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:113:24:113:28 | begin | semmle.label | begin | +| test.cpp:113:24:113:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:113:35:113:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:113:39:113:41 | end | semmle.label | end | +| test.cpp:113:39:113:41 | end indirection | semmle.label | end indirection | +| test.cpp:113:46:113:46 | p | semmle.label | p | +| test.cpp:119:18:119:25 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:119:18:119:25 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:124:15:124:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:125:5:125:17 | ... = ... | semmle.label | ... = ... | +| test.cpp:125:9:125:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:126:15:126:15 | p | semmle.label | p | +| test.cpp:129:11:129:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:129:15:129:19 | begin | semmle.label | begin | +| test.cpp:129:15:129:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:133:11:133:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:133:15:133:19 | begin | semmle.label | begin | +| test.cpp:133:15:133:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:137:11:137:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:137:15:137:19 | begin | semmle.label | begin | +| test.cpp:137:15:137:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:141:10:141:19 | mk_array_p indirection [begin] | semmle.label | mk_array_p indirection [begin] | +| test.cpp:141:10:141:19 | mk_array_p indirection [end] | semmle.label | mk_array_p indirection [end] | +| test.cpp:143:5:143:29 | ... = ... | semmle.label | ... = ... | +| test.cpp:143:10:143:14 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:143:18:143:23 | call to malloc | semmle.label | call to malloc | +| test.cpp:144:5:144:32 | ... = ... | semmle.label | ... = ... | +| test.cpp:144:10:144:12 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:144:16:144:18 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:144:16:144:32 | ... + ... | semmle.label | ... + ... | +| test.cpp:144:21:144:25 | begin | semmle.label | begin | +| test.cpp:144:21:144:25 | begin indirection | semmle.label | begin indirection | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:152:20:152:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:152:25:152:29 | begin | semmle.label | begin | +| test.cpp:152:25:152:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:152:49:152:49 | p | semmle.label | p | +| test.cpp:156:20:156:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:156:25:156:29 | begin | semmle.label | begin | +| test.cpp:156:25:156:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:156:37:156:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:156:42:156:44 | end | semmle.label | end | +| test.cpp:156:42:156:44 | end indirection | semmle.label | end indirection | +| test.cpp:156:49:156:49 | p | semmle.label | p | +| test.cpp:157:9:157:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:160:20:160:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:160:25:160:29 | begin | semmle.label | begin | +| test.cpp:160:25:160:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:160:48:160:48 | p | semmle.label | p | +| test.cpp:165:29:165:31 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:165:29:165:31 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:20:166:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:166:25:166:29 | begin | semmle.label | begin | +| test.cpp:166:25:166:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:166:37:166:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:42:166:44 | end | semmle.label | end | +| test.cpp:166:42:166:44 | end indirection | semmle.label | end indirection | +| test.cpp:166:49:166:49 | p | semmle.label | p | +| test.cpp:170:20:170:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:170:25:170:29 | begin | semmle.label | begin | +| test.cpp:170:25:170:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:170:37:170:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:170:42:170:44 | end | semmle.label | end | +| test.cpp:170:42:170:44 | end indirection | semmle.label | end indirection | +| test.cpp:170:49:170:49 | p | semmle.label | p | +| test.cpp:171:9:171:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:174:20:174:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:174:25:174:29 | begin | semmle.label | begin | +| test.cpp:174:25:174:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:174:36:174:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:174:41:174:43 | end | semmle.label | end | +| test.cpp:174:41:174:43 | end indirection | semmle.label | end indirection | +| test.cpp:174:48:174:48 | p | semmle.label | p | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:188:15:188:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:189:15:189:15 | p | semmle.label | p | +| test.cpp:194:23:194:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:195:17:195:17 | p | semmle.label | p | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:197:8:197:8 | p | semmle.label | p | +| test.cpp:197:20:197:22 | end | semmle.label | end | +| test.cpp:201:5:201:5 | p | semmle.label | p | +| test.cpp:201:5:201:12 | access to array | semmle.label | access to array | +| test.cpp:201:5:201:19 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:205:23:205:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:206:17:206:17 | p | semmle.label | p | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:208:15:208:15 | p | semmle.label | p | +| test.cpp:209:12:209:14 | end | semmle.label | end | +| test.cpp:213:5:213:6 | * ... | semmle.label | * ... | +| test.cpp:213:5:213:13 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:221:17:221:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:222:5:222:5 | p | semmle.label | p | +| test.cpp:231:18:231:30 | new[] | semmle.label | new[] | +| test.cpp:232:3:232:9 | newname | semmle.label | newname | +| test.cpp:232:3:232:16 | access to array | semmle.label | access to array | +| test.cpp:232:3:232:20 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:238:20:238:32 | new[] | semmle.label | new[] | +| test.cpp:239:5:239:11 | newname | semmle.label | newname | +| test.cpp:239:5:239:18 | access to array | semmle.label | access to array | +| test.cpp:239:5:239:22 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:248:24:248:30 | call to realloc | semmle.label | call to realloc | +| test.cpp:249:9:249:9 | p | semmle.label | p | +| test.cpp:250:22:250:22 | p | semmle.label | p | +| test.cpp:254:9:254:9 | p | semmle.label | p | +| test.cpp:254:9:254:12 | access to array | semmle.label | access to array | +| test.cpp:254:9:254:16 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:260:13:260:24 | new[] | semmle.label | new[] | +| test.cpp:261:14:261:15 | xs | semmle.label | xs | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:31:262:31 | x | semmle.label | x | +| test.cpp:264:13:264:14 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:270:13:270:24 | new[] | semmle.label | new[] | +| test.cpp:271:14:271:15 | xs | semmle.label | xs | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:274:5:274:6 | * ... | semmle.label | * ... | +| test.cpp:274:5:274:10 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:280:13:280:24 | new[] | semmle.label | new[] | +| test.cpp:281:14:281:15 | xs | semmle.label | xs | +| test.cpp:290:13:290:24 | new[] | semmle.label | new[] | +| test.cpp:291:14:291:15 | xs | semmle.label | xs | +| test.cpp:292:30:292:30 | x | semmle.label | x | +| test.cpp:304:15:304:26 | new[] | semmle.label | new[] | +| test.cpp:307:5:307:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:11 | access to array | semmle.label | access to array | +| test.cpp:308:5:308:29 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:313:14:313:27 | new[] | semmle.label | new[] | +| test.cpp:314:15:314:16 | xs | semmle.label | xs | +| test.cpp:325:14:325:27 | new[] | semmle.label | new[] | +| test.cpp:326:15:326:16 | xs | semmle.label | xs | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:333:5:333:21 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:338:8:338:15 | * ... | semmle.label | * ... | +| test.cpp:341:5:341:21 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:341:8:341:17 | * ... | semmle.label | * ... | +| test.cpp:342:8:342:17 | * ... | semmle.label | * ... | +| test.cpp:347:14:347:27 | new[] | semmle.label | new[] | +| test.cpp:348:15:348:16 | xs | semmle.label | xs | +| test.cpp:350:15:350:19 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:355:14:355:27 | new[] | semmle.label | new[] | +| test.cpp:356:15:356:16 | xs | semmle.label | xs | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:26 | end | semmle.label | end | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:358:14:358:26 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:14:359:32 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:16:359:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:363:14:363:27 | new[] | semmle.label | new[] | +| test.cpp:365:15:365:15 | p | semmle.label | p | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:371:7:371:7 | p | semmle.label | p | +| test.cpp:372:15:372:16 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:372:16:372:16 | p | semmle.label | p | subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | -| test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:20:14:20:21 | Load: * ... | test.cpp:16:15:16:20 | call to malloc | test.cpp:20:14:20:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:16:15:16:20 | call to malloc | call to malloc | test.cpp:17:19:17:22 | size | size | | test.cpp:30:14:30:15 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:30:14:30:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | -| test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:42:14:42:15 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:42:14:42:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | -| test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:67:9:67:14 | Store: ... = ... | test.cpp:52:19:52:24 | call to malloc | test.cpp:67:9:67:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:52:19:52:24 | call to malloc | call to malloc | test.cpp:53:20:53:23 | size | size | | test.cpp:96:9:96:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:96:9:96:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | | test.cpp:110:9:110:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:110:9:110:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | @@ -699,3 +1091,6 @@ subpaths | test.cpp:333:5:333:21 | Store: ... = ... | test.cpp:325:14:325:27 | new[] | test.cpp:333:5:333:21 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:325:14:325:27 | new[] | new[] | test.cpp:326:20:326:23 | size | size | | test.cpp:341:5:341:21 | Store: ... = ... | test.cpp:325:14:325:27 | new[] | test.cpp:341:5:341:21 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:325:14:325:27 | new[] | new[] | test.cpp:326:20:326:23 | size | size | | test.cpp:350:15:350:19 | Load: * ... | test.cpp:347:14:347:27 | new[] | test.cpp:350:15:350:19 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:347:14:347:27 | new[] | new[] | test.cpp:348:20:348:23 | size | size | +| test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 2. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:372:15:372:16 | Load: * ... | test.cpp:363:14:363:27 | new[] | test.cpp:372:15:372:16 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:363:14:363:27 | new[] | new[] | test.cpp:365:19:365:22 | size | size | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp index b6741535e42..3711f272e76 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp @@ -350,3 +350,25 @@ void test24(unsigned size) { int val = *xs++; // GOOD [FALSE POSITIVE] } } + +void test25(unsigned size) { + char *xs = new char[size]; + char *end = xs + size; + char *end_plus_one = end + 1; + int val1 = *end_plus_one; // BAD + int val2 = *(end_plus_one + 1); // BAD +} + +void test26(unsigned size) { + char *xs = new char[size]; + char *p = xs; + char *end = p + size; + + if (p + 4 <= end) { + p += 4; + } + + if (p < end) { + int val = *p; // GOOD [FALSE POSITIVE] + } +} diff --git a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql index 84437827d0d..b5a86c23d97 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql @@ -40,14 +40,7 @@ bindingset[delta] private string getBoundString(SemBound b, float delta) { b instanceof SemZeroBound and result = delta.toString() or - result = - strictconcat(b.(SemSsaBound) - .getAVariable() - .(SemanticExprConfig::SsaVariable) - .asInstruction() - .getAst() - .toString(), ":" - ) + getOffsetString(delta) + result = strictconcat(b.(SemSsaBound).getAVariable().toString(), " | ") + getOffsetString(delta) } private string getARangeString(SemExpr e) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp index eed0a7d7e47..df29578409b 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp @@ -8,7 +8,7 @@ int test1(struct List* p) { int count = 0; for (; p; p = p->next) { count = count+1; - range(count); // $ range===count:p+1 + range(count); // $ range="==Phi: p | Store: count+1" } range(count); return count; @@ -18,7 +18,7 @@ int test2(struct List* p) { int count = 0; for (; p; p = p->next) { count = (count+1) % 10; - range(count); // $ range=<=9 range=>=-9 range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -29,7 +29,7 @@ int test3(struct List* p) { for (; p; p = p->next) { range(count++); // $ range=>=-9 range=<=9 count = count % 10; - range(count); // $ range=<=9 range=>=-9 range="<=... +++0" range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Store: ... +++0" range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -42,11 +42,11 @@ int test4() { range(i); // $ range=<=1 range=>=0 range(total); total += i; - range(total); // $ range=<=i+1 range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -57,11 +57,11 @@ int test5() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -72,7 +72,7 @@ int test6() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } return total + i; } @@ -93,12 +93,12 @@ int test8(int x, int y) { if (-1000 < y && y < 10) { range(y); // $ range=<=9 range=>=-999 if (x < y-2) { - range(x); // $ range=<=6 range=<=y-3 - range(y); // $ range=<=9 range=>=-999 range=>=x+3 + range(x); // $ range=<=6 range="<=InitializeParameter: y | Store: y-3" + range(y); // $ range=<=9 range=>=-999 range=">=InitializeParameter: x | Store: x+3" return x; } - range(x); // $ range=>=-1001 range=>=y-2 - range(y); // $ range=<=9 range=<=x+2 range=>=-999 + range(x); // $ range=>=-1001 range=">=InitializeParameter: y | Store: y-2" + range(y); // $ range=<=9 range="<=InitializeParameter: x | Store: x+2" range=>=-999 } range(x); range(y); @@ -127,12 +127,12 @@ int test10(int x, int y) { if (y > 7) { range(y); // $ range=>=8 if (x < y) { - range(x); // $ range=<=y-1 - range(y); // $ range=>=8 range=>=x+1 + range(x); // $ range="<=InitializeParameter: y-1" + range(y); // $ range=>=8 range=">=InitializeParameter: x | Store: x+1" return 0; } - range(x); // $ range=>=8 range=>=y+0 - range(y); // $ range=<=x+0 range=>=8 + range(x); // $ range=>=8 range=">=InitializeParameter: y+0" + range(y); // $ range="<=InitializeParameter: x | Store: x+0" range=>=8 return x; } range(y); // $ range=<=7 @@ -145,7 +145,7 @@ int test11(char *p) { range(*p); if (c != '\0') { *p++ = '\0'; - range(p); // $ range===p+1 + range(p); // $ range="==InitializeParameter: p+1" range(*p); } if (c == ':') { @@ -155,7 +155,7 @@ int test11(char *p) { if (c != '\0') { range(c); *p++ = '\0'; - range(p); // $ range=<=p+2 range===c+1 range=>=p+1 + range(p); // $ range="<=InitializeParameter: p+2" range="==Phi: c+1" range=">=InitializeParameter: p+1" } if (c != ',') { return 1; @@ -193,7 +193,7 @@ int test13(char c, int i) { unsigned int y = x-1; // $ overflow=- range(y); // $ range===-1 overflow=- int z = i+1; // $ overflow=+ - range(z); // $ range===i+1 + range(z); // $ range="==InitializeParameter: i+1" range(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- MISSING: range=>=1 range((double)(c + i + uc + x + y + z)); // $ overflow=+ overflow=+- overflow=- MISSING: range=>=1 return (double)(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- @@ -245,7 +245,7 @@ int test_unary(int a) { range(c); // $ range=<=0 range=>=-11 range(b+c); // $ range=<=11 range=>=-11 MISSING:range=">=- ...+0" total += b+c; - range(total); // $ range=<=0+11 range=<=19 range=>=0-11 range=>=-19 + range(total); // $ range="<=Phi: 0+11" range=<=19 range=">=Phi: 0-11" range=>=-19 } if (-7 <= a && a <= 11) { range(a); // $ range=<=11 range=>=-7 @@ -255,7 +255,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-11 range(b+c); // $ range=<=18 range=>=-18 total += b+c; - range(total); // $ range="<=- ...+18" range=">=- ...-18" range=<=0+29 range=<=37 range=>=0-29 range=>=-37 + range(total); // $ range="<=Phi: - ...+18" range=">=Phi: - ...-18" range="<=Phi: 0+29" range=<=37 range=">=Phi: 0-29" range=>=-37 } if (-7 <= a && a <= 1) { range(a); // $ range=<=1 range=>=-7 @@ -265,7 +265,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-1 range(b+c); // $ range=<=8 range=>=-8 total += b+c; - range(total); // $ range="<=- ...+8" range="<=- ...+26" range=">=- ...-8" range=">=- ...-26" range=<=0+37 range=<=45 range=>=0-37 range=>=-45 + range(total); // $ range="<=Phi: - ...+8" range="<=Phi: - ...+26" range=">=Phi: - ...-8" range=">=Phi: - ...-26" range="<=Phi: 0+37" range=<=45 range=">=Phi: 0-37" range=>=-45 } if (-7 <= a && a <= 0) { range(a); // $ range=<=0 range=>=-7 @@ -275,7 +275,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=0 range(b+c); // $ range=>=-7 range=<=7 MISSING:range="<=- ...+0" total += b+c; - range(total); // $ range="<=- ...+7" range="<=- ...+15" range="<=- ...+33" range=">=- ...-7" range=">=- ...-15" range=">=- ...-33" range=<=0+44 range=<=52 range=>=0-44 range=>=-52 + range(total); // $ range="<=Phi: - ...+7" range="<=Phi: - ...+15" range="<=Phi: - ...+33" range=">=Phi: - ...-7" range=">=Phi: - ...-15" range=">=Phi: - ...-33" range="<=Phi: 0+44" range=<=52 Unexpected result: range=">=Phi: 0-44" range=>=-52 } if (-7 <= a && a <= -2) { range(a); // $ range=<=-2 range=>=-7 @@ -285,9 +285,9 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=2 range(b+c); // $ range=<=5 range=>=-5 total += b+c; - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 } - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 return total; } @@ -310,7 +310,7 @@ int test_mult01(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=<=3+253 range=<=506 range=>=0 range=>=3+0 + range(total); // $ range="<=Phi: 3+253" range=<=506 range=>=0 range=">=Phi: 3+0" } if (3 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -326,7 +326,7 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=3-143 + range(total); // $ range=">=Phi: 3-143" } if (3 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=3 @@ -334,9 +334,9 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. -21 range(r); // $ range=<=-21 range=>=-143 total += r; - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" } - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" return total; } @@ -358,7 +358,7 @@ int test_mult02(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=>=0 range=>=0+0 range=<=0+253 range=<=506 + range(total); // $ range=>=0 range=">=Phi: 0+0" range="<=Phi: 0+253" range=<=506 } if (0 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=0 @@ -374,7 +374,7 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 + range(total); // $ range=">=Phi: 0-143" } if (0 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=0 @@ -382,9 +382,9 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 range=>=0-286 + range(total); // $ range=">=Phi: 0-143" range=">=Phi: 0-286" } - range(total); // $range=>=0-143 range=>=0-286 + range(total); // $range=">=Phi: 0-143" range=">=Phi: 0-286" return total; } @@ -453,7 +453,7 @@ int test_mult04(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= 0 && -13 <= b && b <= 23) { range(a); // $ range=<=0 range=>=-17 @@ -469,7 +469,7 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= 0 && -13 <= b && b <= -7) { range(a); // $ range=<=0 range=>=-17 @@ -477,9 +477,9 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -501,7 +501,7 @@ int test_mult05(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= -2 && -13 <= b && b <= 23) { range(a); // $ range=<=-2 range=>=-17 @@ -517,7 +517,7 @@ int test_mult05(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= -2 && -13 <= b && b <= -7) { range(a); // $ range=<=-2 range=>=-17 @@ -525,9 +525,9 @@ int test_mult05(int a, int b) { int r = a*b; // 14 .. 221 range(r); // $ range=<=221 range=>=14 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -541,7 +541,7 @@ int test16(int x) { while (i < 3) { range(i); // $ range=<=2 range=>=0 i++; - range(i); // $ range=<=3 range=>=1 range="==... = ...:i+1" SPURIOUS:range="==... = ...:i+1" + range(i); // $ range=<=3 range=>=1 range="==Phi: i | Store: ... = ...+1" } range(d); d = i; @@ -640,14 +640,14 @@ unsigned int test_comma01(unsigned int x) { unsigned int y1; unsigned int y2; y1 = (++y, y); - range(y1); // $ range=<=101 range="==... ? ... : ...+1" + range(y1); // $ range=<=101 range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+1" y2 = (y++, - range(y), // $ range=<=102 range="==++ ...:... = ...+1" range="==... ? ... : ...+2" + range(y), // $ range=<=102 range="==Store: ++ ... | Store: ... = ...+1" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+2" y += 3, - range(y), // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" + range(y), // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" y); - range(y2); // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" - range(y1 + y2); // $ range=<=206 range="<=... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" + range(y2); // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" Unexpected result: range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" + range(y1 + y2); // $ range=<=206 range="<=Phi: ... ? ... : ... | Store: ... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" return y1 + y2; } @@ -672,7 +672,7 @@ void test17() { range(i); // $ range===50 i = 20 + (j -= 10); - range(i); // $ range="==... += ...:... = ...+10" range===60 + range(i); // $ range="==Store: ... += ... | Store: ... = ...+10" range===60 } // Tests for unsigned multiplication. @@ -693,7 +693,7 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 0 .. 253 range(r);// $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range=<=506 range="<=(unsigned int)...+253" + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range=<=506 range="<=Phi: (unsigned int)...+253" } if (3 <= a && a <= 11 && 13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -701,9 +701,9 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 39 .. 253 range(r); // $ range=>=39 range=<=253 total += r; - range(total); // $ range=>=39 range=<=759 range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+39" + range(total); // $ range=>=39 range=<=759 range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+39" } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -722,16 +722,16 @@ int test_unsigned_mult02(unsigned b) { int r = 11*b; // 0 .. 253 range(r); // $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range="<=(unsigned int)...+253" range=<=506 + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range="<=Phi: (unsigned int)...+253" range=<=506 } if (13 <= b && b <= 23) { range(b); // $ range=<=23 range=>=13 int r = 11*b; // 143 .. 253 range(r); // $ range=>=143 range=<=253 total += r; - range(total); // $ range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+143" range=>=143 range=<=759 + range(total); // $ range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+143" range=>=143 range=<=759 } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -851,7 +851,7 @@ int notequal_type_endpoint(unsigned n) { n--; // 1 .. } - range(n); // $ range=<=n+0 // 0 .. 0 + range(n); // $ range="<=InitializeParameter: n+0" // 0 .. 0 } void notequal_refinement(short n) { @@ -946,7 +946,7 @@ void widen_recursive_expr() { for (s = 0; s < 10; s++) { range(s); // $ range=<=9 range=>=0 int result = s + s; - range(result); // $ range=<=18 range=<=s+9 range=>=0 range=>=s+0 + range(result); // $ range=<=18 Unexpected result: range="<=Phi: s+9" range=>=0 Unexpected result: range=">=Phi: s+0" } } @@ -974,7 +974,7 @@ void test_mod_neg(int s) { void test_mod_ternary(int s, bool b) { int s2 = s % (b ? 5 : 500); - range(s2); // $ range=>=-499 range=<=499 range="<=... ? ... : ...-1" + range(s2); // $ range=>=-499 range=<=499 range="<=Phi: ... ? ... : ...-1" } void test_mod_ternary2(int s, bool b1, bool b2) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp index 10b4c1a9a22..95e6474124a 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp @@ -16,8 +16,8 @@ int sum = x + y; // $ overflow=+- } else { if (y > 300) { - range(x); // $ range=>=302 range=<=400 range=<=y+1 MISSING: range===y+1 - range(y); // $ range=>=301 range=<=399 range===x-1 + range(x); // $ range=>=302 range=<=400 range="<=InitializeParameter: y+1" MISSING: range===y+1 + range(y); // $ range=>=301 range=<=399 range="==InitializeParameter: x | Store: x-1" int sum = x + y; } } @@ -39,9 +39,9 @@ } if (y == x - 1 && y > 300 && y + 2 == z && z == 350) { // $ overflow=+ overflow=- - range(x); // $ range===349 range===y+1 range===z-1 - range(y); // $ range===348 range=>=x-1 range===z-2 MISSING: range===x-1 - range(z); // $ range===350 range=<=y+2 MISSING: range===x+1 range===y+2 + range(x); // $ range===349 range="==InitializeParameter: y+1" range="==InitializeParameter: z-1" + range(y); // $ range===348 range=">=InitializeParameter: x | Store: x-1" range="==InitializeParameter: z-2" MISSING: range===x-1 + range(z); // $ range===350 range="<=InitializeParameter: y+2" MISSING: range===x+1 range===y+2 return x + y + z; } } @@ -56,7 +56,7 @@ while (f3_get(n)) n+=2; for (int i = 0; i < n; i += 2) { - range(i); // $ range=>=0 SPURIOUS: range="<=call to f3_get-1" range="<=call to f3_get-2" + range(i); // $ range=>=0 SPURIOUS: range="<=Phi: call to f3_get-1" range="<=Phi: call to f3_get-2" } } diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected similarity index 100% rename from cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected rename to cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref new file mode 100644 index 00000000000..1a418e6abc6 --- /dev/null +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref @@ -0,0 +1 @@ +Security/CWE/CWE-119/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp similarity index 100% rename from cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp rename to cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp diff --git a/csharp/documentation/library-coverage/coverage.csv b/csharp/documentation/library-coverage/coverage.csv index 9c900cf79cd..a4a6a534105 100644 --- a/csharp/documentation/library-coverage/coverage.csv +++ b/csharp/documentation/library-coverage/coverage.csv @@ -1,9 +1,9 @@ -package,sink,source,summary,sink:code,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:html,sink:remote,sink:sql,sink:xss,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value -Dapper,55,,,,,,,,,,55,,,,,,, +package,sink,source,summary,sink:code-injection,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:file-content-store,sink:html-injection,sink:js-injection,sink:sql-injection,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value +Dapper,55,,,,,,,,,,,55,,,,,, JsonToItemsTaskFactory,,,7,,,,,,,,,,,,,,7, -Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,28,,,,,,, +Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,,28,,,,,, Microsoft.CSharp,,,24,,,,,,,,,,,,,,24, -Microsoft.EntityFrameworkCore,6,,12,,,,,,,,6,,,,,,,12 +Microsoft.EntityFrameworkCore,6,,12,,,,,,,,,6,,,,,,12 Microsoft.Extensions.Caching.Distributed,,,15,,,,,,,,,,,,,,15, Microsoft.Extensions.Caching.Memory,,,46,,,,,,,,,,,,,,45,1 Microsoft.Extensions.Configuration,,,83,,,,,,,,,,,,,,80,3 @@ -21,8 +21,8 @@ Microsoft.NET.Build.Tasks,,,1,,,,,,,,,,,,,,1, Microsoft.NETCore.Platforms.BuildTasks,,,4,,,,,,,,,,,,,,4, Microsoft.VisualBasic,,,10,,,,,,,,,,,,,,5,5 Microsoft.Win32,,,8,,,,,,,,,,,,,,8, -MySql.Data.MySqlClient,48,,,,,,,,,,48,,,,,,, +MySql.Data.MySqlClient,48,,,,,,,,,,,48,,,,,, Newtonsoft.Json,,,91,,,,,,,,,,,,,,73,18 -ServiceStack,194,,7,27,,,,,,75,92,,,,,,7, -System,65,25,12157,,8,8,9,,4,,33,3,1,17,3,4,10163,1994 +ServiceStack,194,,7,27,,,,,75,,,92,,,,,7, +System,65,25,12157,,8,8,9,,,4,3,33,1,17,3,4,10163,1994 Windows.Security.Cryptography.Core,1,,,,,,,1,,,,,,,,,, diff --git a/csharp/documentation/library-coverage/cwe-sink.csv b/csharp/documentation/library-coverage/cwe-sink.csv index e71e194a2ed..70f0034ecd3 100644 --- a/csharp/documentation/library-coverage/cwe-sink.csv +++ b/csharp/documentation/library-coverage/cwe-sink.csv @@ -1,2 +1,2 @@ CWE,Sink identifier,Label -CWE-079,html xss,Cross-site scripting \ No newline at end of file +CWE-079,html-injection js-injection,Cross-site scripting diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs index ec4f44c21c7..79855875d02 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs @@ -381,8 +381,17 @@ namespace Semmle.Extraction.CSharp references => ResolveReferences(compilerArguments, analyser, canonicalPathCache, references), (analyser, syntaxTrees) => { + var paths = compilerArguments.SourceFiles + .Select(src => src.Path) + .ToList(); + + if (compilerArguments.GeneratedFilesOutputDirectory is not null) + { + paths.AddRange(Directory.GetFiles(compilerArguments.GeneratedFilesOutputDirectory, "*.cs", SearchOption.AllDirectories)); + } + return ReadSyntaxTrees( - compilerArguments.SourceFiles.Select(src => canonicalPathCache.GetCanonicalPath(src.Path)), + paths.Select(canonicalPathCache.GetCanonicalPath), analyser, compilerArguments.ParseOptions, compilerArguments.Encoding, diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index fb0859160cc..4f2900e0b73 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.5.2-dev +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 4c9eeb60c87..2318576e19e 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.5.2-dev +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected new file mode 100644 index 00000000000..86a8cd34b88 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected @@ -0,0 +1,6 @@ +| Program.cs:0:0:0:0 | Program.cs | +| obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs:0:0:0:0 | obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs | +| obj/Debug/net7.0/cshtml.AssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.AssemblyInfo.cs | +| obj/Debug/net7.0/cshtml.GlobalUsings.g.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.GlobalUsings.g.cs | +| obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs | +| obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs:0:0:0:0 | obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs | diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql new file mode 100644 index 00000000000..bea5557a25f --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql @@ -0,0 +1,5 @@ +import csharp + +from File f +where f.fromSource() +select f diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs new file mode 100644 index 00000000000..47eee48cc79 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs @@ -0,0 +1 @@ +var dummy = "dummy"; \ No newline at end of file diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml new file mode 100644 index 00000000000..52ffe012e42 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml @@ -0,0 +1,8 @@ +@{ + ViewData["Title"] = "Home Page"; +} + +
+

Welcome

+

Learn about building Web apps with ASP.NET Core.

+
diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj new file mode 100644 index 00000000000..01d15e87dc4 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj @@ -0,0 +1,14 @@ + + + + Exe + net7.0 + enable + enable + + + + + + + diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/test.py b/csharp/ql/integration-tests/all-platforms/cshtml/test.py new file mode 100644 index 00000000000..24cc83b4f2d --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/test.py @@ -0,0 +1,3 @@ +from create_database_utils import * + +run_codeql_database_create(['dotnet build'], lang="csharp", extra_args=["--extractor-option=cil=false"]) diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 4ebff5c86a7..435255a997a 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. + ## 0.6.1 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md new file mode 100644 index 00000000000..ce6d618af5e --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md @@ -0,0 +1,9 @@ +--- +category: minorAnalysis +--- +* Updated the following C# sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `code` to `code-injection` + * `sql` to `sql-injection` + * `html` to `html-injection` + * `xss` to `js-injection` + * `remote` to `file-content-store` diff --git a/csharp/ql/lib/change-notes/2023-05-30-source-generators.md b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md new file mode 100644 index 00000000000..5483ce6af35 --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* The extractor has been changed to run after the traced compiler call. This allows inspecting compiler generated files, such as the output of source generators. With this change, `.cshtml` files and their generated `.cshtml.g.cs` counterparts are extracted on dotnet 6 and above. diff --git a/csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md b/csharp/ql/lib/change-notes/released/0.6.2.md similarity index 58% rename from csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md rename to csharp/ql/lib/change-notes/released/0.6.2.md index 4d4f0767238..c3829f2df86 100644 --- a/csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md +++ b/csharp/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + * The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/lib/ext/Dapper.model.yml b/csharp/ql/lib/ext/Dapper.model.yml index e72f3b076a6..78e92bbf191 100644 --- a/csharp/ql/lib/ext/Dapper.model.yml +++ b/csharp/ql/lib/ext/Dapper.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] + - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml index 5b5e2657bfd..0bb437b5b44 100644 --- a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml +++ b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml @@ -3,31 +3,31 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml index 795a5079ae5..23fefe987a7 100644 --- a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml +++ b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml @@ -21,9 +21,9 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml index 70d849e122a..2e1c75b0873 100644 --- a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml +++ b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml @@ -3,51 +3,51 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml index ea7634bc244..3d6148c330f 100644 --- a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml @@ -3,95 +3,95 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml index 46415828318..9016c393077 100644 --- a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml @@ -3,30 +3,30 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.model.yml b/csharp/ql/lib/ext/ServiceStack.model.yml index 988c7f3b8f9..19188e5eeb5 100644 --- a/csharp/ql/lib/ext/ServiceStack.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.model.yml @@ -3,81 +3,81 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "remote", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Data.Entity.model.yml b/csharp/ql/lib/ext/System.Data.Entity.model.yml index e9bf2238065..4af662ee4c4 100644 --- a/csharp/ql/lib/ext/System.Data.Entity.model.yml +++ b/csharp/ql/lib/ext/System.Data.Entity.model.yml @@ -11,12 +11,12 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml index 16a24580647..39f3e35094c 100644 --- a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.Odbc.model.yml b/csharp/ql/lib/ext/System.Data.Odbc.model.yml index d1f6a24d5fc..0648bb0bbd0 100644 --- a/csharp/ql/lib/ext/System.Data.Odbc.model.yml +++ b/csharp/ql/lib/ext/System.Data.Odbc.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.OleDb.model.yml b/csharp/ql/lib/ext/System.Data.OleDb.model.yml index ebe3cc8b157..41e686537b8 100644 --- a/csharp/ql/lib/ext/System.Data.OleDb.model.yml +++ b/csharp/ql/lib/ext/System.Data.OleDb.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.SQLite.model.yml b/csharp/ql/lib/ext/System.Data.SQLite.model.yml index d6d1d70e608..e1cdb6a1a84 100644 --- a/csharp/ql/lib/ext/System.Data.SQLite.model.yml +++ b/csharp/ql/lib/ext/System.Data.SQLite.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml index 2040e0f9798..211fe1faa84 100644 --- a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Net.Http.model.yml b/csharp/ql/lib/ext/System.Net.Http.model.yml index 0eafc30988a..4b5f4d193e7 100644 --- a/csharp/ql/lib/ext/System.Net.Http.model.yml +++ b/csharp/ql/lib/ext/System.Net.Http.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "xss", "manual"] + - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "js-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Web.model.yml b/csharp/ql/lib/ext/System.Web.model.yml index 5cf065ec6dd..a2a7470ef8e 100644 --- a/csharp/ql/lib/ext/System.Web.model.yml +++ b/csharp/ql/lib/ext/System.Web.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html", "manual"] + - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml index 6ec7a3cb93a..a5dc7699795 100644 --- a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml +++ b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml @@ -7,10 +7,10 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "df-generated"] - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "xss", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "xss", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "js-injection", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "js-injection", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateDecryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-decryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] @@ -34,7 +34,7 @@ extensions: - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] - + - addsTo: @@ -51946,6 +51946,3 @@ extensions: - ["System", "WeakReference<>", "TryGetTarget", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T,System.Boolean)", "summary", "df-generated"] - - - \ No newline at end of file diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index fdb710e9371..17e00fa022c 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.6.2-dev +version: 0.6.3-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 1f57626840b..46a19828a81 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,8 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code", "sql", "xss", "remote", "html"] and + not kind = + ["code-injection", "sql-injection", "js-injection", "html-injection", "file-content-store"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll index b86601e6b54..97a27c65ef0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll @@ -198,8 +198,8 @@ string getComponentSpecific(SummaryComponent sc) { or exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + rk + "]" and - not rk instanceof NormalReturnKind + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk + "]" ) } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll index 76a9a495637..cd035de9414 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll @@ -97,5 +97,5 @@ class RoslynCSharpScriptSink extends Sink { /** Code injection sinks defined through CSV models. */ private class ExternalCodeInjectionExprSink extends Sink { - ExternalCodeInjectionExprSink() { sinkNode(this, "code") } + ExternalCodeInjectionExprSink() { sinkNode(this, "code-injection") } } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll index 3cac542cb36..61b2491753a 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll @@ -78,7 +78,7 @@ class SqlInjectionExprSink extends Sink { /** SQL sinks defined through CSV models. */ private class ExternalSqlInjectionExprSink extends Sink { - ExternalSqlInjectionExprSink() { sinkNode(this, "sql") } + ExternalSqlInjectionExprSink() { sinkNode(this, "sql-injection") } } private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll index 0232d9462e2..65ac1687714 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll @@ -24,7 +24,7 @@ abstract class Sink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalXssSink extends Sink { - ExternalXssSink() { sinkNode(this, "xss") } + ExternalXssSink() { sinkNode(this, "js-injection") } } private class HtmlSinkSink extends Sink instanceof HtmlSink { diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll index d19b0006eb7..1baeff7641b 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll @@ -19,7 +19,7 @@ private import semmle.code.csharp.dataflow.ExternalFlow abstract class ExternalLocationSink extends DataFlow::ExprNode { } private class ExternalModelSink extends ExternalLocationSink { - ExternalModelSink() { sinkNode(this, "remote") } + ExternalModelSink() { sinkNode(this, "file-content-store") } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll index 8e83122e2bf..318e298ae1f 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll @@ -23,7 +23,7 @@ private import semmle.code.asp.AspNet abstract class HtmlSink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalHtmlSink extends HtmlSink { - ExternalHtmlSink() { sinkNode(this, "html") } + ExternalHtmlSink() { sinkNode(this, "html-injection") } } /** diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index fb6006fc6f9..e214ec42a03 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.6.2.md b/csharp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index d68e0a497c1..95506e0f254 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - csharp - queries diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index c9b9406a10a..3a4489dcb91 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -1,8 +1,8 @@ invalidModelRow #select -| Sinks.cs:8:19:8:22 | access to local variable arg1 | code | -| Sinks.cs:11:13:11:41 | this access | remote | -| Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | -| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql | -| Sinks.cs:20:20:20:22 | access to local variable res | xss | -| Sinks.cs:27:20:27:25 | access to local variable resTag | html | +| Sinks.cs:8:19:8:22 | access to local variable arg1 | code-injection | +| Sinks.cs:11:13:11:41 | this access | file-content-store | +| Sinks.cs:11:30:11:40 | access to local variable argToTagged | file-content-store | +| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | +| Sinks.cs:20:20:20:22 | access to local variable res | js-injection | +| Sinks.cs:27:20:27:25 | access to local variable resTag | html-injection | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 3198057f42c..c44c1b4fd36 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -4,8 +4,8 @@ extensions: extensible: sinkModel data: # "namespace", "type", "overrides", "name", "signature", "ext", "spec", "kind", "provenance" - - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code", "manual"] - - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql", "manual"] + - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] + - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "js-injection", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html-injection", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "file-content-store", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] diff --git a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected index 17380ffad90..4698be24b8c 100644 --- a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected @@ -118,9 +118,9 @@ summary neutral sourceNode sinkNode -| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql | -| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql | -| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql | -| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql | -| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql | -| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql | +| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql-injection | +| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql-injection | diff --git a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql index 9f25014662f..944d4180992 100644 --- a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql +++ b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql @@ -7,7 +7,7 @@ query predicate sqlExpressions(SqlExpr se, Expr e) { se.getSql() = e } query predicate sqlCsvSinks(Element p, Expr e) { p = e.getParent() and exists(Node n | - sinkNode(n, "sql") and + sinkNode(n, "sql-injection") and n.asExpr() = e ) } diff --git a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index e65a2ae7d4a..4a11cff39af 100644 --- a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,4 +1,4 @@ -| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html;df-generated | +| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html-injection;df-generated | diff --git a/csharp/tools/tracing-config.lua b/csharp/tools/tracing-config.lua index 2db04d83524..79b2ea2ca1c 100644 --- a/csharp/tools/tracing-config.lua +++ b/csharp/tools/tracing-config.lua @@ -63,7 +63,7 @@ function RegisterExtractorPack(id) end end if match then - local injections = { '-p:UseSharedCompilation=false' } + local injections = { '-p:UseSharedCompilation=false', '-p:EmitCompilerGeneratedFiles=true' } if dotnetRunNeedsSeparator then table.insert(injections, '--') end @@ -118,7 +118,8 @@ function RegisterExtractorPack(id) compilerArguments, nil, { '/p:UseSharedCompilation=false', - '/p:MvcBuildViews=true' + '/p:MvcBuildViews=true', + '/p:EmitCompilerGeneratedFiles=true', }) } @@ -154,7 +155,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { @@ -194,7 +195,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { diff --git a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst index 656aec444de..83dc32edf76 100644 --- a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst +++ b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst @@ -23,7 +23,7 @@ If you want to run variant analysis on your repositories, you need to enable cod Setting a controller repository for variant analysis ---------------------------------------------------- -When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. The ``GITHUB_TOKEN`` must also have "Read and write permissions" to run workflows in that repository. For more information, see "`Managing GitHub Actions settings for a repository `__." +When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. .. pull-quote:: diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst index baa93e8eb0a..950fdc7bf24 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst @@ -315,7 +315,7 @@ The following source kinds are supported: Below is an enumeration of the remaining source kinds, but they are out of scope for this documentation: -- **contentprovider**, **android-widget**, **android-external-storage-dir**. +- **contentprovider**, **android-external-storage-dir**. sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -327,18 +327,31 @@ Taint sink. As opposed to source kinds, there are many different kinds of sinks The following sink kinds are supported: -- **sql**: A SQL injection vulnerability sink. -- **xss**: A cross-site scripting vulnerability sink. -- **logging**: A log output sink. - -Below is an enumeration of the remaining sinks, but they are out of scope for this documentation: - -- **open-url**, **jndi-injection**, **ldap**, **jdbc-url** -- **mvel**, **xpath**, **groovy**, **ognl-injection** -- **intent-start**, **pending-intent-sent**, **url-redirect** -- **create-file**, **read-file**, **write-file**, **set-hostname-verifier** -- **header-splitting**, **information-leak**, **xslt**, **jexl** -- **bean-validation**, **ssti**, **fragment-injection**, **regex-use[**\ `arg`\ **]** +- **bean-validation**: A sink that can be used for insecure bean validation, such as in calls to **ConstraintValidatorContext.buildConstraintViolationWithTemplate**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **Runtime.exec**. +- **file-content-store**: A sink that can be used to control the contents of a file, such as in a **Files.write** call. +- **fragment-injection**: A sink that can be used for Android fragment injection, such as in a **FragmentTransaction.replace** call. +- **groovy-injection**: A sink that can be used for Groovy injection, such as in a **GroovyShell.evaluate** call. +- **hostname-verification**: A sink that can be used for unsafe hostname verification, such as in calls to **HttpsURLConnection.setHostnameVerifier**. +- **html-injection**: A sink that can be used for XSS via HTML injection, such as in a **ResponseStream.write** call. +- **information-leak**: A sink that can be used to leak information to an HTTP response, such as in calls to **HttpServletResponse.sendError**. +- **intent-redirection**: A sink that can be used for Android intent redirection, such as in a **Context.startActivity** call. +- **jexl-injection**: A sink that can be used for JEXL expression injection, such as in a **JexlExpression.evaluate** call. +- **jndi-injection**: A sink that can be used for JNDI injection, such as in a **Context.lookup** call. +- **js-injection**: A sink that can be used for XSS via JavaScript injection, such as in a **Webview.evaluateJavaScript** call. +- **ldap-injection**: A sink that can be used for LDAP injection, such as in a **DirContext.search** call. +- **log-injection**: A sink that can be used for log injection, such as in a **Logger.warn** call. +- **mvel-injection**: A sink that can be used for MVEL expression injection, such as in a **MVEL.eval** call. +- **ognl-injection**: A sink that can be used for OGNL injection, such as in an **Ognl.getValue** call. +- **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **new FileReader**. +- **pending-intents**: A sink that can be used to send an implicit and mutable `PendingIntent` to a third party, such as in an **Activity.setResult** call. +- **request-forgery**: A sink that controls the URL of a request, such as in an **HttpRequest.newBuilder** call. +- **response-splitting**: A sink that can be used for HTTP response splitting, such as in calls to **HttpServletResponse.setHeader**. +- **sql-injection**: A sink that can be used for SQL injection, such as in a **Statement.executeQuery** call. +- **template-injection**: A sink that can be used for server side template injection, such as in a **Velocity.evaluate** call. +- **url-redirection**: A sink that can be used to redirect the user to a malicious URL, such as in a **Response.temporaryRedirect** call. +- **xpath-injection**: A sink that can be used for XPath injection, such as in a **XPath.evaluate** call. +- **xslt-injection**: A sink that can be used for XSLT injection, such as in a **Transformer.transform** call. summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst index d8a9e15faf5..d5cf4e0338e 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst @@ -53,7 +53,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi pack: codeql/javascript-all extensible: sinkModel data: - - ["execa", "Member[shell].Argument[0]", "command-line-injection"] + - ["execa", "Member[shell].Argument[0]", "command-injection"] - Since we're adding a new sink, we add a tuple to the **sinkModel** extensible predicate. @@ -64,7 +64,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi - **Member[shell]** selects accesses to the **shell** member of the **execa** package. - **Argument[0]** selects the first argument to calls to that member. -- **command-line-injection** indicates that this is considered a sink for the command injection query. +- **command-injection** indicates that this is considered a sink for the command injection query. Example: Taint sources from window 'message' events --------------------------------------------------- @@ -463,7 +463,7 @@ Sink kinds Unlike sources, sinks tend to be highly query-specific, rarely affecting more than one or two queries. Not every query supports customizable sinks. If the following sinks are not suitable for your use case, you should add a new query. - **code-injection**: A sink that can be used to inject code, such as in calls to **eval**. -- **command-line-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. - **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **fs.readFile**. - **sql-injection**: A sink that can be used for SQL injection, such as in a MySQL **query** call. - **nosql-injection**: A sink that can be used for NoSQL injection, such as in a MongoDB **findOne** call. diff --git a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst index 597ce491463..8625d637366 100644 --- a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst +++ b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst @@ -70,18 +70,22 @@ For example, we would like to flag this code: .. code-block:: javascript - var data = JSON.parse(str); - if (data.length > 0) { // problematic: `data` may be `null` - ... + function test(str) { + var data = JSON.parse(str); + if (data.length > 0) { // problematic: `data` may be `null` + ... + } } This code, on the other hand, should not be flagged: .. code-block:: javascript - var data = JSON.parse(str); - if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness - ... + function test(str) { + var data = JSON.parse(str); + if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness + ... + } } We will first try to write a query to find this kind of problem without flow labels, and use the @@ -168,11 +172,13 @@ checked for null-guardedness: .. code-block:: javascript - var root = JSON.parse(str); - if (root) { - var payload = root.data; // unproblematic: `root` cannot be `null` here - if (payload.length > 0) { // problematic: `payload` may be `null` here - ... + function test(str) { + var root = JSON.parse(str); + if (root) { + var payload = root.data; // unproblematic: `root` cannot be `null` here + if (payload.length > 0) { // problematic: `payload` may be `null` here + ... + } } } diff --git a/docs/codeql/ql-language-reference/ql-language-specification.rst b/docs/codeql/ql-language-reference/ql-language-specification.rst index af5be717ef6..71dcbdce571 100644 --- a/docs/codeql/ql-language-reference/ql-language-specification.rst +++ b/docs/codeql/ql-language-reference/ql-language-specification.rst @@ -186,21 +186,21 @@ A QL module definition has the following syntax: A module definition extends the current module's declared module environment with a mapping from the module name to the module definition. -QL files consist of simply a module body without a name and surrounding braces: +QL files and QLL files consist of simply a module body without a name and surrounding braces: :: ql ::= moduleBody -QL files define a module corresponding to the file, whose name is the same as the filename. +QL files and QLL files define a module corresponding to the file, whose name is the same as the filename. Kinds of modules ~~~~~~~~~~~~~~~~ A module may be: -- A *file module*, if it is defined implicitly by a QL file. -- A *query module*, if it is defined by a QL file. +- A *file module*, if it is defined implicitly by a QL file or a QLL file. +- A *query module*, if it is defined implicitly by a QL file. - A *library module*, if it is not a query module. A query module must contain one or more queries. @@ -773,7 +773,7 @@ Binding sets are checked by the QL compiler in the following way: A predicate may have several different binding sets, which can be stated by using multiple ``bindingset`` annotations on the same predicate. +----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ -| Pragma | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | +| Annotation | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | +================+=========+============+===================+=======================+=========+========+=========+=========+============+ | ``bindingset`` | | yes | yes | yes | | | | | (yes) | +----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ diff --git a/docs/codeql/reusables/supported-versions-compilers.rst b/docs/codeql/reusables/supported-versions-compilers.rst index 93b826a94dd..da873041fb9 100644 --- a/docs/codeql/reusables/supported-versions-compilers.rst +++ b/docs/codeql/reusables/supported-versions-compilers.rst @@ -20,7 +20,7 @@ Java,"Java 7 to 20 [4]_","javac (OpenJDK and Oracle JDK), Eclipse compiler for Java (ECJ) [5]_",``.java`` - Kotlin [6]_,"Kotlin 1.5.0 to 1.8.20","kotlinc",``.kt`` + Kotlin [6]_,"Kotlin 1.5.0 to 1.9.0","kotlinc",``.kt`` JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [7]_" Python [8]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11",Not applicable,``.py`` Ruby [9]_,"up to 3.2",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``" diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index e144655e159..5f09272c19b 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. + ## 0.5.1 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md b/go/ql/lib/change-notes/released/0.5.2.md similarity index 85% rename from go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md rename to go/ql/lib/change-notes/released/0.5.2.md index 881d570361e..ad1dea14924 100644 --- a/go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md +++ b/go/ql/lib/change-notes/released/0.5.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. \ No newline at end of file +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 346dc087db4..287c27187e3 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.5.2-dev +version: 0.5.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll index acaa34f943e..7afdb314929 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll @@ -111,10 +111,10 @@ private string getContentSpecific(Content c) { string getComponentSpecific(SummaryComponent sc) { exists(Content c | sc = TContentSummaryComponent(c) and result = getContentSpecific(c)) or - exists(ReturnKind rk, int n | n = rk.getIndex() | + exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + n + "]" and - n != 0 + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk.getIndex() + "]" ) } diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 81ce4f00d02..8a1b8bcfebc 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.2 + +No user-facing changes. + ## 0.5.1 No user-facing changes. diff --git a/go/ql/src/RedundantCode/DeadStoreOfField.ql b/go/ql/src/RedundantCode/DeadStoreOfField.ql index 2060ac1f734..edc1d62cb00 100644 --- a/go/ql/src/RedundantCode/DeadStoreOfField.ql +++ b/go/ql/src/RedundantCode/DeadStoreOfField.ql @@ -36,7 +36,10 @@ predicate escapes(DataFlow::Node nd) { exists(SendStmt s | nd.asExpr() = s.getValue()) or // if `nd` is passed to a function, then it escapes - nd instanceof DataFlow::ArgumentNode + nd = any(DataFlow::CallNode c).getASyntacticArgument() + or + // if `nd` is the receiver of a function, then it escapes + nd = any(DataFlow::MethodCallNode c).getReceiver() or // if `nd` has its address taken, then it escapes exists(AddressExpr ae | nd.asExpr() = ae.getOperand()) diff --git a/go/ql/src/change-notes/released/0.5.2.md b/go/ql/src/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..e94d1f4ad5b --- /dev/null +++ b/go/ql/src/change-notes/released/0.5.2.md @@ -0,0 +1,3 @@ +## 0.5.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 64be9928c63..75963a0708e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.5.2-dev +version: 0.5.3-dev groups: - go - queries diff --git a/java/documentation/library-coverage/coverage.csv b/java/documentation/library-coverage/coverage.csv index 48f5dd8ae41..0bd4f53a9a7 100644 --- a/java/documentation/library-coverage/coverage.csv +++ b/java/documentation/library-coverage/coverage.csv @@ -21,6 +21,7 @@ com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17 com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551 com.google.common.flogger,29,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,,,,, com.google.common.io,8,,73,,2,,,,,,,,,,,,,,,5,,,,,,,,,,,,1,,,,,,,,72,1 +com.google.gson,,,39,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,25,14 com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,,, @@ -77,7 +78,7 @@ jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10 kotlin,16,,1843,,11,,,,,,,,,,,,,2,,3,,,,,,,,,,,,,,,,,,,,1836,7 net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,,,, ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,, -okhttp3,2,,47,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,22,25 +okhttp3,4,,47,,,,,,,,,,,,,,,4,,,,,,,,,,,,,,,,,,,,,,22,25 org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6, org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 @@ -152,7 +153,8 @@ org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25 org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,2, org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,, -play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,, +play.libs.ws,2,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,, +play.mvc,,13,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13,24, ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, diff --git a/java/documentation/library-coverage/coverage.rst b/java/documentation/library-coverage/coverage.rst index d89fce45524..b87eeb390fe 100644 --- a/java/documentation/library-coverage/coverage.rst +++ b/java/documentation/library-coverage/coverage.rst @@ -22,6 +22,6 @@ Java framework & library support Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,1,4,,1,1,2 Kotlin Standard Library,``kotlin*``,,1843,16,11,,,,,2 `Spring `_,``org.springframework.*``,29,483,113,2,,28,14,,29 - Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",89,827,516,26,,18,18,,181 - Totals,,246,9119,1969,175,10,122,33,1,361 + Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.google.gson``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.libs.ws``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",98,890,520,26,,18,18,,185 + Totals,,255,9182,1973,175,10,122,33,1,365 diff --git a/java/documentation/library-coverage/cwe-sink.csv b/java/documentation/library-coverage/cwe-sink.csv index a4e2f5b9af9..16fff1e653b 100644 --- a/java/documentation/library-coverage/cwe-sink.csv +++ b/java/documentation/library-coverage/cwe-sink.csv @@ -1,7 +1,7 @@ CWE,Sink identifier,Label -CWE‑089,sql,SQL injection -CWE‑022,create-file,Path injection +CWE‑089,sql-injection,SQL injection +CWE‑022,path-injection,Path injection CWE‑094,bean-validation,Code injection -CWE‑319,open-url,Cleartext transmission -CWE‑079,xss,Cross-site scripting -CWE‑090,ldap,LDAP injection +CWE‑918,request-forgery,Request Forgery +CWE‑079,html-injection js-injection,Cross-site scripting +CWE‑090,ldap-injection,LDAP injection diff --git a/java/kotlin-extractor/build.py b/java/kotlin-extractor/build.py index b52ff05b00e..2735f6af1c1 100755 --- a/java/kotlin-extractor/build.py +++ b/java/kotlin-extractor/build.py @@ -80,25 +80,37 @@ def run_process(cmd, capture_output=False): errors='replace'), file=sys.stderr) raise e +def write_arg_file(arg_file, args): + with open(arg_file, 'w') as f: + for arg in args: + if "'" in arg: + raise Exception('Single quote in argument: ' + arg) + f.write("'" + arg.replace('\\', '/') + "'\n") -def compile_to_dir(srcs, classpath, java_classpath, output): +def compile_to_dir(build_dir, srcs, classpath, java_classpath, output): # Use kotlinc to compile .kt files: + kotlin_arg_file = build_dir + '/kotlin.args' + kotlin_args = ['-Werror', + '-opt-in=kotlin.RequiresOptIn', + '-d', output, + '-module-name', 'codeql-kotlin-extractor', + '-no-reflect', '-no-stdlib', + '-jvm-target', '1.8', + '-classpath', classpath] + srcs + write_arg_file(kotlin_arg_file, kotlin_args) run_process([kotlinc, - # kotlinc can default to 256M, which isn't enough when we are extracting the build - '-J-Xmx2G', - '-Werror', - '-opt-in=kotlin.RequiresOptIn', - '-d', output, - '-module-name', 'codeql-kotlin-extractor', - '-no-reflect', '-no-stdlib', - '-jvm-target', '1.8', - '-classpath', classpath] + srcs) + # kotlinc can default to 256M, which isn't enough when we are extracting the build + '-J-Xmx2G', + '@' + kotlin_arg_file]) # Use javac to compile .java files, referencing the Kotlin class files: - run_process([javac, - '-d', output, + java_arg_file = build_dir + '/java.args' + java_args = ['-d', output, '-source', '8', '-target', '8', - '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] + [s for s in srcs if s.endswith(".java")]) + '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] \ + + [s for s in srcs if s.endswith(".java")] + write_arg_file(java_arg_file, java_args) + run_process([javac, '@' + java_arg_file]) def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, output): @@ -108,7 +120,7 @@ def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, outp shutil.rmtree(class_dir) os.makedirs(class_dir) - compile_to_dir(srcs, classpath, java_classpath, class_dir) + compile_to_dir(build_dir, srcs, classpath, java_classpath, class_dir) run_process(['jar', 'cf', output, '-C', class_dir, '.', diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index 4583551e12d..c5d9e433613 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -25,7 +25,7 @@ def version_string_to_tuple(version): ci_version = '1.8.10' # Version numbers in the list need to be in semantically increasing order -many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0' ] +many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0', '1.9.0-Beta' ] many_versions_tuples = [version_string_to_tuple(v) for v in many_versions] diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt index b93bfa369f5..a3bc20d9eda 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt @@ -366,7 +366,10 @@ open class KotlinFileExtractor( val typeArgs = removeOuterClassTypeArgs(c, argsIncludingOuterClasses) if (typeArgs != null) { - for ((idx, arg) in typeArgs.withIndex()) { + // From 1.9, the list might change when we call erase, + // so we make a copy that it is safe to iterate over. + val typeArgsCopy = typeArgs.toList() + for ((idx, arg) in typeArgsCopy.withIndex()) { val argId = getTypeArgumentLabel(arg).id tw.writeTypeArgs(argId, idx, id) } @@ -5531,7 +5534,7 @@ open class KotlinFileExtractor( return } - val typeOwner = e.typeOperandClassifier.owner + val typeOwner = e.typeOperand.classifierOrFail.owner if (typeOwner !is IrClass) { logger.errorElement("Expected to find SAM conversion to IrClass. Found '${typeOwner.javaClass}' instead. Can't implement SAM interface.", e) return diff --git a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected index 3397ea1bdef..36f7d9d0718 100644 --- a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected +++ b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected @@ -1,5 +1,5 @@ { - "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.8.30.", + "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.9.10.", "severity": "error", "source": { "extractorName": "java", diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 03907f74b89..53fb1470bb9 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,44 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs +* Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. +* Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticUncontrolledQuery.qll` library to provide the `ArithmeticUncontrolledOverflowFlow` and `ArithmeticUncontrolledUnderflowFlow` taint-tracking modules to reason about arithmetic with uncontrolled user input. +* Added the `ArithmeticWithExtremeValuesQuery.qll` library to provide the `MaxValueFlow` and `MinValueFlow` dataflow modules to reason about arithmetic with extreme values. +* Added the `BrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `ExecTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToExecFlow` taint-tracking module to reason about command injection vulnerabilities caused by local data flow. +* Added the `ExternallyControlledFormatStringLocalQuery.qll` library to provide the `ExternallyControlledFormatStringLocalFlow` taint-tracking module to reason about format string vulnerabilities caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` dataflow module to reason about improper validation of code-specified sizes used for array construction. +* Added the `ImproperValidationOfArrayConstructionLocalQuery.qll` library to provide the `ImproperValidationOfArrayConstructionLocalFlow` taint-tracking module to reason about improper validation of local user-provided sizes used for array construction caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionQuery.qll` library to provide the `ImproperValidationOfArrayConstructionFlow` taint-tracking module to reason about improper validation of user-provided size used for array construction. +* Added the `ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` data flow module to reason about about improper validation of code-specified array index. +* Added the `ImproperValidationOfArrayIndexLocalQuery.qll` library to provide the `ImproperValidationOfArrayIndexLocalFlow` taint-tracking module to reason about improper validation of a local user-provided array index. +* Added the `ImproperValidationOfArrayIndexQuery.qll` library to provide the `ImproperValidationOfArrayIndexFlow` taint-tracking module to reason about improper validation of user-provided array index. +* Added the `InsecureCookieQuery.qll` library to provide the `SecureCookieFlow` taint-tracking module to reason about insecure cookie vulnerabilities. +* Added the `MaybeBrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `NumericCastTaintedQuery.qll` library to provide the `NumericCastTaintedFlow` taint-tracking module to reason about numeric cast vulnerabilities. +* Added the `ResponseSplittingLocalQuery.qll` library to provide the `ResponseSplittingLocalFlow` taint-tracking module to reason about response splitting vulnerabilities caused by local data flow. +* Added the `SqlConcatenatedQuery.qll` library to provide the `UncontrolledStringBuilderSourceFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by concatenating untrusted strings. +* Added the `SqlTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToSqlFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by local data flow. +* Added the `StackTraceExposureQuery.qll` library to provide the `printsStackExternally`, `stringifiedStackFlowsExternally`, and `getMessageFlowsExternally` predicates to reason about stack trace exposure vulnerabilities. +* Added the `TaintedPermissionQuery.qll` library to provide the `TaintedPermissionFlow` taint-tracking module to reason about tainted permission vulnerabilities. +* Added the `TempDirLocalInformationDisclosureQuery.qll` library to provide the `TempDirSystemGetPropertyToCreate` taint-tracking module to reason about local information disclosure vulnerabilities caused by local data flow. +* Added the `UnsafeHostnameVerificationQuery.qll` library to provide the `TrustAllHostnameVerifierFlow` taint-tracking module to reason about insecure hostname verification vulnerabilities. +* Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. +* Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. +* Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. + ## 0.6.1 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md b/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md deleted file mode 100644 index a669c74d3e8..00000000000 --- a/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the Apache Commons Net library. diff --git a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md b/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md deleted file mode 100644 index 1d57d64973c..00000000000 --- a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. diff --git a/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md new file mode 100644 index 00000000000..ef54f491051 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md @@ -0,0 +1,22 @@ +--- +category: minorAnalysis +--- +* Updated the following Java sink kind names. Any custom data extensions will need to be updated accordingly in order to continue working. + * `sql` to `sql-injection` + * `url-redirect` to `url-redirection` + * `xpath` to `xpath-injection` + * `ssti` to `template-injection` + * `logging` to `log-injection` + * `groovy` to `groovy-injection` + * `jexl` to `jexl-injection` + * `mvel` to `mvel-injection` + * `xslt` to `xslt-injection` + * `ldap` to `ldap-injection` + * `pending-intent-sent` to `pending-intents` + * `intent-start` to `intent-redirection` + * `set-hostname-verifier` to `hostname-verification` + * `header-splitting` to `response-splitting` + * `xss` to `html-injection` and `js-injection` + * `write-file` to `file-system-store` + * `create-file` and `read-file` to `path-injection` + * `open-url` and `jdbc-url` to `request-forgery` diff --git a/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md new file mode 100644 index 00000000000..7a2714a6527 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Changed the `android-widget` Java source kind to `remote`. Any custom data extensions that use the `android-widget` source kind will need to be updated accordingly in order to continue working. diff --git a/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md b/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md deleted file mode 100644 index 68d6c2b45fe..00000000000 --- a/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md new file mode 100644 index 00000000000..f3647cc5488 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Kotlin versions up to 1.9.0 are now supported. diff --git a/java/ql/lib/change-notes/2023-05-26-play-framework-models.md b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md new file mode 100644 index 00000000000..69db10413eb --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added more dataflow models for the Play Framework. diff --git a/java/ql/lib/change-notes/2023-05-30-gson-models.md b/java/ql/lib/change-notes/2023-05-30-gson-models.md new file mode 100644 index 00000000000..306d797ff1a --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-30-gson-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added dataflow models for the Gson deserialization library. diff --git a/java/ql/lib/change-notes/2023-05-11-new-models.md b/java/ql/lib/change-notes/2023-05-30-new-models.md similarity index 75% rename from java/ql/lib/change-notes/2023-05-11-new-models.md rename to java/ql/lib/change-notes/2023-05-30-new-models.md index 067105b4aca..24e7563d727 100644 --- a/java/ql/lib/change-notes/2023-05-11-new-models.md +++ b/java/ql/lib/change-notes/2023-05-30-new-models.md @@ -3,4 +3,4 @@ category: minorAnalysis --- * Added models for the following packages: - * org.apache.hadoop.fs + * okhttp3 diff --git a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md b/java/ql/lib/change-notes/released/0.6.2.md similarity index 87% rename from java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md rename to java/ql/lib/change-notes/released/0.6.2.md index ead324ee5fb..f0bf9441a47 100644 --- a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md +++ b/java/ql/lib/change-notes/released/0.6.2.md @@ -1,6 +1,11 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs * Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. * Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. * Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. @@ -28,4 +33,8 @@ category: minorAnalysis * Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. * Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. * Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. -* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. \ No newline at end of file +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/lib/ext/android.app.model.yml b/java/ql/lib/ext/android.app.model.yml index 861867d344c..72591773436 100644 --- a/java/ql/lib/ext/android.app.model.yml +++ b/java/ql/lib/ext/android.app.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intent-sent", "manual"] + - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intents", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Class,Bundle,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Fragment,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(int,Class,Bundle)", "", "Argument[1]", "fragment-injection", "manual"] @@ -30,14 +30,14 @@ extensions: - ["android.app", "FragmentTransaction", True, "replace", "(int,Class,Bundle,String)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment,String)", "", "Argument[1]", "fragment-injection", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intent-sent", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.content.model.yml b/java/ql/lib/ext/android.content.model.yml index 89368acc04e..c42578c08cd 100644 --- a/java/ql/lib/ext/android.content.model.yml +++ b/java/ql/lib/ext/android.content.model.yml @@ -39,30 +39,30 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] + - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.database.model.yml b/java/ql/lib/ext/android.database.model.yml index 22157da6755..c0ff4dd5f39 100644 --- a/java/ql/lib/ext/android.database.model.yml +++ b/java/ql/lib/ext/android.database.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] + - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.database.sqlite.model.yml b/java/ql/lib/ext/android.database.sqlite.model.yml index 169c7870da4..d40ae8c1ee3 100644 --- a/java/ql/lib/ext/android.database.sqlite.model.yml +++ b/java/ql/lib/ext/android.database.sqlite.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.util.model.yml b/java/ql/lib/ext/android.util.model.yml index b57ff4819a7..eaf9d142f54 100644 --- a/java/ql/lib/ext/android.util.model.yml +++ b/java/ql/lib/ext/android.util.model.yml @@ -23,9 +23,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.util", "Log", True, "d", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "e", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "i", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "v", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "w", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "logging", "manual"] + - ["android.util", "Log", True, "d", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "e", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "i", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "v", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "w", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/android.webkit.model.yml b/java/ql/lib/ext/android.webkit.model.yml index 05058493fe1..d88199c04cb 100644 --- a/java/ql/lib/ext/android.webkit.model.yml +++ b/java/ql/lib/ext/android.webkit.model.yml @@ -10,6 +10,6 @@ extensions: extensible: sinkModel data: # Models representing methods susceptible to XSS attacks. - - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "xss", "manual"] + - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "js-injection", "manual"] + - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "html-injection", "manual"] + - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/android.widget.model.yml b/java/ql/lib/ext/android.widget.model.yml index ef4b015700a..aa6222c77d2 100644 --- a/java/ql/lib/ext/android.widget.model.yml +++ b/java/ql/lib/ext/android.widget.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "android-widget", "manual"] + - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "remote", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.core.app.model.yml b/java/ql/lib/ext/androidx.core.app.model.yml index 2bb58605436..f24a67dbbe6 100644 --- a/java/ql/lib/ext/androidx.core.app.model.yml +++ b/java/ql/lib/ext/androidx.core.app.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.slice.model.yml b/java/ql/lib/ext/androidx.slice.model.yml index 97481e886e5..1e4176e5d9a 100644 --- a/java/ql/lib/ext/androidx.slice.model.yml +++ b/java/ql/lib/ext/androidx.slice.model.yml @@ -12,5 +12,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intent-sent", "manual"] - - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intent-sent", "manual"] + - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intents", "manual"] + - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intents", "manual"] diff --git a/java/ql/lib/ext/com.google.common.flogger.model.yml b/java/ql/lib/ext/com.google.common.flogger.model.yml index b9a800b6210..23ae9236fd7 100644 --- a/java/ql/lib/ext/com.google.common.flogger.model.yml +++ b/java/ql/lib/ext/com.google.common.flogger.model.yml @@ -3,32 +3,32 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "logging", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/com.google.common.io.model.yml b/java/ql/lib/ext/com.google.common.io.model.yml index 230b596ad29..9f3f3307462 100644 --- a/java/ql/lib/ext/com.google.common.io.model.yml +++ b/java/ql/lib/ext/com.google.common.io.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] + - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/com.google.gson.model.yml b/java/ql/lib/ext/com.google.gson.model.yml new file mode 100644 index 00000000000..96f5355b2dc --- /dev/null +++ b/java/ql/lib/ext/com.google.gson.model.yml @@ -0,0 +1,44 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["com.google.gson", "Gson", False, "fromJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,JsonWriter)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,Appendable)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,JsonWriter)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toString", "()", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonWriter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextName", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsByte", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsCharacter", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonArray", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonObject", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonPrimitive", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "asList", "", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "get", "", "", "Argument[this].Element", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "set", "", "", "Argument[1]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapKey", "ReturnValue.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapValue", "ReturnValue.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "get", "", "", "Argument[this].MapValue", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "keySet", "", "", "Argument[this].MapKey", "ReturnValue.Element", "value", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(Character)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"] diff --git a/java/ql/lib/ext/com.hubspot.jinjava.model.yml b/java/ql/lib/ext/com.hubspot.jinjava.model.yml index 2172da483f8..9c8866c9c14 100644 --- a/java/ql/lib/ext/com.hubspot.jinjava.model.yml +++ b/java/ql/lib/ext/com.hubspot.jinjava.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "ssti", "manual"] - - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "ssti", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml index 74b227da1dd..72c466af08c 100644 --- a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml +++ b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "ssti", "manual"] - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "ssti", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml index d73cc27e729..c34bb91d42c 100644 --- a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml +++ b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml index 57753bc31d0..d483d6d97e4 100644 --- a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml +++ b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/com.zaxxer.hikari.model.yml b/java/ql/lib/ext/com.zaxxer.hikari.model.yml index 5fcab32cc7e..5c048e7c3c0 100644 --- a/java/ql/lib/ext/com.zaxxer.hikari.model.yml +++ b/java/ql/lib/ext/com.zaxxer.hikari.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/freemarker.cache.model.yml b/java/ql/lib/ext/freemarker.cache.model.yml index b65e6386ad6..b09961f0686 100644 --- a/java/ql/lib/ext/freemarker.cache.model.yml +++ b/java/ql/lib/ext/freemarker.cache.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "ssti", "manual"] + - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/freemarker.template.model.yml b/java/ql/lib/ext/freemarker.template.model.yml index 96087a2b9ba..afc9579719d 100644 --- a/java/ql/lib/ext/freemarker.template.model.yml +++ b/java/ql/lib/ext/freemarker.template.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "ssti", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/generated/kotlinstdlib.model.yml b/java/ql/lib/ext/generated/kotlinstdlib.model.yml index bc296146214..a4f310b20b9 100644 --- a/java/ql/lib/ext/generated/kotlinstdlib.model.yml +++ b/java/ql/lib/ext/generated/kotlinstdlib.model.yml @@ -6,18 +6,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] - addsTo: diff --git a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml index 3a40daa82ec..c220b8c82eb 100644 --- a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml @@ -6,112 +6,112 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "create-file", "df-generated"] - - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "create-file", "df-generated"] + - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "path-injection", "df-generated"] + - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "path-injection", "df-generated"] - addsTo: @@ -1428,5 +1428,3 @@ extensions: - ["org.apache.commons.io", "UncheckedIOExceptions", "UncheckedIOExceptions", "()", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "create", "(Object)", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "wrap", "(IOException,Object)", "summary", "df-generated"] - - \ No newline at end of file diff --git a/java/ql/lib/ext/groovy.lang.model.yml b/java/ql/lib/ext/groovy.lang.model.yml index 815beb99041..7c6ac81d1ab 100644 --- a/java/ql/lib/ext/groovy.lang.model.yml +++ b/java/ql/lib/ext/groovy.lang.model.yml @@ -3,30 +3,30 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.text", "TemplateEngine", True, "createTemplate", "", "", "Argument[0]", "groovy", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.text", "TemplateEngine", True, "createTemplate", "", "", "Argument[0]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/groovy.util.model.yml b/java/ql/lib/ext/groovy.util.model.yml index 61d1dbb6a05..f0a979e2ce8 100644 --- a/java/ql/lib/ext/groovy.util.model.yml +++ b/java/ql/lib/ext/groovy.util.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy", "manual"] + - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/hudson.cli.model.yml b/java/ql/lib/ext/hudson.cli.model.yml index b0d3d3a19ff..6b962143625 100644 --- a/java/ql/lib/ext/hudson.cli.model.yml +++ b/java/ql/lib/ext/hudson.cli.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "open-url", "manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/hudson.lifecycle.model.yml b/java/ql/lib/ext/hudson.lifecycle.model.yml index be8c5fe843a..fde691fe175 100644 --- a/java/ql/lib/ext/hudson.lifecycle.model.yml +++ b/java/ql/lib/ext/hudson.lifecycle.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.model.model.yml b/java/ql/lib/ext/hudson.model.model.yml index 04701194c06..023265b2c3d 100644 --- a/java/ql/lib/ext/hudson.model.model.yml +++ b/java/ql/lib/ext/hudson.model.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "create-file", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.model.yml b/java/ql/lib/ext/hudson.model.yml index 8fa6a8c0653..5ba20fce0c6 100644 --- a/java/ql/lib/ext/hudson.model.yml +++ b/java/ql/lib/ext/hudson.model.yml @@ -3,17 +3,17 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "write-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.scm.model.yml b/java/ql/lib/ext/hudson.scm.model.yml index f37c3442532..dc6e0bfa5bb 100644 --- a/java/ql/lib/ext/hudson.scm.model.yml +++ b/java/ql/lib/ext/hudson.scm.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "read-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "read-file", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.util.io.model.yml b/java/ql/lib/ext/hudson.util.io.model.yml index 65e0f3efb27..3d29b93e20c 100644 --- a/java/ql/lib/ext/hudson.util.io.model.yml +++ b/java/ql/lib/ext/hudson.util.io.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.jna.model.yml b/java/ql/lib/ext/hudson.util.jna.model.yml index c67d645f950..c840d0f4725 100644 --- a/java/ql/lib/ext/hudson.util.jna.model.yml +++ b/java/ql/lib/ext/hudson.util.jna.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "create-file", "ai-manual"] + - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.model.yml b/java/ql/lib/ext/hudson.util.model.yml index 0e34233e735..39c5b55f349 100644 --- a/java/ql/lib/ext/hudson.util.model.yml +++ b/java/ql/lib/ext/hudson.util.model.yml @@ -3,23 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "create-file", "manual"] - - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "write-file", "manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel data: - ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["hudson.util", "TextFile", True, "TextFile", "(File)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] - diff --git a/java/ql/lib/ext/io.netty.bootstrap.model.yml b/java/ql/lib/ext/io.netty.bootstrap.model.yml index f38329a8bad..e07853583f7 100644 --- a/java/ql/lib/ext/io.netty.bootstrap.model.yml +++ b/java/ql/lib/ext/io.netty.bootstrap.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.channel.model.yml b/java/ql/lib/ext/io.netty.channel.model.yml index e06a3e0a582..38bdb84786a 100644 --- a/java/ql/lib/ext/io.netty.channel.model.yml +++ b/java/ql/lib/ext/io.netty.channel.model.yml @@ -3,15 +3,15 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: sourceModel diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml index 2912bdce85a..f9ec6702ff9 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "open-url", "manual"] + - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml index 4090f6356bf..a44a2c6c400 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] + - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.handler.ssl.model.yml b/java/ql/lib/ext/io.netty.handler.ssl.model.yml index 63628323f49..42cf9892f81 100644 --- a/java/ql/lib/ext/io.netty.handler.ssl.model.yml +++ b/java/ql/lib/ext/io.netty.handler.ssl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.handler.stream.model.yml b/java/ql/lib/ext/io.netty.handler.stream.model.yml index 1d305863f6c..f4e635f4437 100644 --- a/java/ql/lib/ext/io.netty.handler.stream.model.yml +++ b/java/ql/lib/ext/io.netty.handler.stream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.util.internal.model.yml b/java/ql/lib/ext/io.netty.util.internal.model.yml index 477b8e88858..7852b8b9e32 100644 --- a/java/ql/lib/ext/io.netty.util.internal.model.yml +++ b/java/ql/lib/ext/io.netty.util.internal.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "open-url", "ai-manual"] + - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/jakarta.faces.context.model.yml b/java/ql/lib/ext/jakarta.faces.context.model.yml index 84a0fd22710..468ef036c1a 100644 --- a/java/ql/lib/ext/jakarta.faces.context.model.yml +++ b/java/ql/lib/ext/jakarta.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml index 821ea0ad640..0460c09dc3c 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml index a13bb2189d1..739f61df8b8 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 2db99b7027e..e0920d7df16 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -3,50 +3,50 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel @@ -100,6 +100,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.io", "Closeable", "close", "()", "summary", "manual"] - ["java.io", "DataOutput", "writeBoolean", "(boolean)", "summary", "manual"] - ["java.io", "File", "delete", "()", "summary", "manual"] @@ -117,3 +118,7 @@ extensions: - ["java.io", "DataInput", "readLong", "()", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeInt", "(int)", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeLong", "(long)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.io", "File", "compareTo", "", "sink", "hq-manual"] + - ["java.io", "File", "exists", "()", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 59eb548af27..d3737a62d9f 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] - ["java.lang", "ProcessBuilder", False, "command", "(List)", "", "Argument[0]", "command-injection", "ai-manual"] - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"] - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"] @@ -30,14 +30,14 @@ extensions: # These are modeled in plain CodeQL. TODO: migrate them. # - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. # - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. - - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.net.http.model.yml b/java/ql/lib/ext/java.net.http.model.yml index d967f46494b..9fc18d2eaab 100644 --- a/java/ql/lib/ext/java.net.http.model.yml +++ b/java/ql/lib/ext/java.net.http.model.yml @@ -8,5 +8,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "open-url", "manual"] + - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/java.net.model.yml b/java/ql/lib/ext/java.net.model.yml index 9ab8c663506..39a4c484112 100644 --- a/java/ql/lib/ext/java.net.model.yml +++ b/java/ql/lib/ext/java.net.model.yml @@ -9,22 +9,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] + - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index 42ae8b9052b..e4519fbc071 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -3,45 +3,45 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "read-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "read-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "write-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "write-file", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "write-file", "manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "ai-manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file + - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"] + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel @@ -81,4 +81,22 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"] + + # sink neutrals + - ["java.nio.file", "Files", "exists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getPosixFilePermissions", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isDirectory", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isExecutable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isReadable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isRegularFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSameFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSymbolicLink", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isWritable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "notExists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "setLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "size", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml new file mode 100644 index 00000000000..91e465af105 --- /dev/null +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["java.nio.file.spi", "FileSystemProvider", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file.spi", "FileSystemProvider", "isSameFile", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 87e0fca7f9b..c93a89cfd2c 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql", "ai-manual"] - - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql", "ai-manual"] - - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql", "manual"] + - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] + - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] + - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 728ed4fa6b4..5b315e9986d 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,8 +3,14 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals # The below APIs have numeric flow and are currently being stored as neutral models. # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. - ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"] # taint-numeric - ["java.text", "DateFormat", "parse", "(String)", "summary", "manual"] # taint-numeric - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.text", "Collator", "compare", "", "sink", "hq-manual"] + - ["java.text", "Collator", "equals", "", "sink", "hq-manual"] + - ["java.text", "RuleBasedCollator", "compare", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.util.logging.model.yml b/java/ql/lib/ext/java.util.logging.model.yml index 05d7aa62a70..330a2d469a8 100644 --- a/java/ql/lib/ext/java.util.logging.model.yml +++ b/java/ql/lib/ext/java.util.logging.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "logging", "manual"] + - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml new file mode 100644 index 00000000000..a2a7c16bc5d --- /dev/null +++ b/java/ql/lib/ext/java.util.prefs.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"] + - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/javafx.scene.web.model.yml b/java/ql/lib/ext/javafx.scene.web.model.yml index 64f8eea916b..78d1a00dfde 100644 --- a/java/ql/lib/ext/javafx.scene.web.model.yml +++ b/java/ql/lib/ext/javafx.scene.web.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/javax.faces.context.model.yml b/java/ql/lib/ext/javax.faces.context.model.yml index ad33971c2c3..98f3e64ec6c 100644 --- a/java/ql/lib/ext/javax.faces.context.model.yml +++ b/java/ql/lib/ext/javax.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/javax.naming.directory.model.yml b/java/ql/lib/ext/javax.naming.directory.model.yml index bb350a084cb..6f60e7cf20d 100644 --- a/java/ql/lib/ext/javax.naming.directory.model.yml +++ b/java/ql/lib/ext/javax.naming.directory.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap", "manual"] + - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/javax.net.ssl.model.yml b/java/ql/lib/ext/javax.net.ssl.model.yml index 7cbed92c184..59085b8d120 100644 --- a/java/ql/lib/ext/javax.net.ssl.model.yml +++ b/java/ql/lib/ext/javax.net.ssl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] - - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] diff --git a/java/ql/lib/ext/javax.script.model.yml b/java/ql/lib/ext/javax.script.model.yml index 0dcc6adb3d7..dcec679640f 100644 --- a/java/ql/lib/ext/javax.script.model.yml +++ b/java/ql/lib/ext/javax.script.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] + - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/javax.servlet.http.model.yml b/java/ql/lib/ext/javax.servlet.http.model.yml index e4c0a2b2332..6485ea22a2e 100644 --- a/java/ql/lib/ext/javax.servlet.http.model.yml +++ b/java/ql/lib/ext/javax.servlet.http.model.yml @@ -22,10 +22,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "header-splitting", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "response-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - ["javax.servlet.http", "HttpServletResponse", False, "sendError", "(int,String)", "", "Argument[1]", "information-leak", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.servlet.model.yml b/java/ql/lib/ext/javax.servlet.model.yml index fae0bd6f2b3..7d7f432d2bd 100644 --- a/java/ql/lib/ext/javax.servlet.model.yml +++ b/java/ql/lib/ext/javax.servlet.model.yml @@ -14,4 +14,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/javax.ws.rs.client.model.yml b/java/ql/lib/ext/javax.ws.rs.client.model.yml index 0a5a01c3338..e9855623951 100644 --- a/java/ql/lib/ext/javax.ws.rs.client.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/javax.ws.rs.core.model.yml b/java/ql/lib/ext/javax.ws.rs.core.model.yml index b73078a5ae5..dfdf2ee6fd0 100644 --- a/java/ql/lib/ext/javax.ws.rs.core.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.core.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] - - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "header-splitting", "manual"] + - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] + - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.xml.transform.model.yml b/java/ql/lib/ext/javax.xml.transform.model.yml index ffc321b004f..62a66a3d7ae 100644 --- a/java/ql/lib/ext/javax.xml.transform.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/ext/javax.xml.transform.stream.model.yml b/java/ql/lib/ext/javax.xml.transform.stream.model.yml index c058a88f337..8cb96b4c775 100644 --- a/java/ql/lib/ext/javax.xml.transform.stream.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.stream.model.yml @@ -9,4 +9,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/javax.xml.xpath.model.yml b/java/ql/lib/ext/javax.xml.xpath.model.yml index 68f51a34a2e..6cad83433b6 100644 --- a/java/ql/lib/ext/javax.xml.xpath.model.yml +++ b/java/ql/lib/ext/javax.xml.xpath.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath", "manual"] + - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/kotlin.io.model.yml b/java/ql/lib/ext/kotlin.io.model.yml index 335457a48a0..98de45df9d6 100644 --- a/java/ql/lib/ext/kotlin.io.model.yml +++ b/java/ql/lib/ext/kotlin.io.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml index 1559092f535..aa0e3eba5a9 100644 --- a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml +++ b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/ext/okhttp3.model.yml b/java/ql/lib/ext/okhttp3.model.yml index 21563331656..2368292dab7 100644 --- a/java/ql/lib/ext/okhttp3.model.yml +++ b/java/ql/lib/ext/okhttp3.model.yml @@ -3,8 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "open-url", "manual"] - - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "open-url", "manual"] + - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "request-forgery", "manual"] + - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.commons.io.model.yml b/java/ql/lib/ext/org.apache.commons.io.model.yml index e23dd5fca44..e80bc525883 100644 --- a/java/ql/lib/ext/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/org.apache.commons.io.model.yml @@ -16,8 +16,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jelly.model.yml b/java/ql/lib/ext/org.apache.commons.jelly.model.yml index 0669f6744b9..ef9e48d041a 100644 --- a/java/ql/lib/ext/org.apache.commons.jelly.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jelly.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml index f7ad474114e..8e224f5f20f 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml index cbe04fc3e60..e2fee2fcb3d 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.logging.model.yml b/java/ql/lib/ext/org.apache.commons.logging.model.yml index 8f40e26f2a1..7e2be01c522 100644 --- a/java/ql/lib/ext/org.apache.commons.logging.model.yml +++ b/java/ql/lib/ext/org.apache.commons.logging.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.net.model.yml b/java/ql/lib/ext/org.apache.commons.net.model.yml index 1ea8876a4e1..0a4c46e6a3c 100644 --- a/java/ql/lib/ext/org.apache.commons.net.model.yml +++ b/java/ql/lib/ext/org.apache.commons.net.model.yml @@ -3,15 +3,15 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int,InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int)", "", "Argument[0]", "open-url", "df-manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int,InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String)", "", "Argument[0]", "read-file", "df-manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String,String)", "", "Argument[0]", "read-file", "df-manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(String,File,String,String,String)", "", "Argument[1]", "read-file", "df-manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "df-manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(String,File,String,String,String)", "", "Argument[1]", "path-injection", "df-manual"] - addsTo: pack: codeql/java-all extensible: sourceModel diff --git a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml index 14b580383d3..57b1655d944 100644 --- a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml +++ b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap", "manual"] + - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml index 9189c6ab1fd..60d2d0c0153 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml index da335795194..bc902f548fd 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml @@ -3,6 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "ai-manual"] - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql-injection", "ai-manual"] + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml index 0b0e040c054..17498977d8d 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml @@ -3,87 +3,87 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml index 513a4e7eb7a..8b360282cec 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml index ce3b5567b7b..ff25f6c43a3 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml new file mode 100644 index 00000000000..b5f46643f2f --- /dev/null +++ b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml index 450a46cd1ec..0143a0a68ab 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml index a2789520908..280cf49b175 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml index 86d55853d8f..1f602d987cc 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml index e8cc56f35a5..44ed7ac03c1 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml index 6c1c6d63efe..321b4235ea8 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] - - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] + - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml index 263ca830720..9d896b593c9 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml @@ -3,27 +3,27 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml index eee42d496f3..cb8d17d283a 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml index 3f980bdbb3f..35c0e9f27a3 100644 --- a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml +++ b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql", "ai-manual"] - + - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml index 924ab14fc5e..dad428e4d1a 100644 --- a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.methods.model.yml b/java/ql/lib/ext/org.apache.http.client.methods.model.yml index 5db791422c8..4eccb08eb8c 100644 --- a/java/ql/lib/ext/org.apache.http.client.methods.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.methods.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "open-url", "manual"] + - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.model.yml b/java/ql/lib/ext/org.apache.http.client.model.yml index abdfb6ed91d..681efdf32e7 100644 --- a/java/ql/lib/ext/org.apache.http.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.http.impl.client.model.yml b/java/ql/lib/ext/org.apache.http.impl.client.model.yml index 5cc1aca7498..be517e5344f 100644 --- a/java/ql/lib/ext/org.apache.http.impl.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.impl.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.message.model.yml b/java/ql/lib/ext/org.apache.http.message.model.yml index c727b57b210..4ee0d13d8c1 100644 --- a/java/ql/lib/ext/org.apache.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.http.message.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.model.yml b/java/ql/lib/ext/org.apache.http.model.yml index 466fe9d15a4..ff0bd813d83 100644 --- a/java/ql/lib/ext/org.apache.http.model.yml +++ b/java/ql/lib/ext/org.apache.http.model.yml @@ -9,8 +9,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] + - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.util.model.yml b/java/ql/lib/ext/org.apache.http.util.model.yml index d5469664ab6..7e4fd9dde25 100644 --- a/java/ql/lib/ext/org.apache.http.util.model.yml +++ b/java/ql/lib/ext/org.apache.http.util.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "xss", "manual"] + - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml index e966d7bd735..e1b37b8f851 100644 --- a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml +++ b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.log4j.model.yml b/java/ql/lib/ext/org.apache.log4j.model.yml index 309f238111b..e27bdef0fbf 100644 --- a/java/ql/lib/ext/org.apache.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.log4j.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.logging.log4j.model.yml b/java/ql/lib/ext/org.apache.logging.log4j.model.yml index 5ffe10450a0..2c48df24365 100644 --- a/java/ql/lib/ext/org.apache.logging.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.logging.log4j.model.yml @@ -3,365 +3,365 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.tools.ant.model.yml b/java/ql/lib/ext/org.apache.tools.ant.model.yml index bee9b475ef7..474429db030 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml index 29b4ee0d16e..aaacf02d58c 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.app.model.yml b/java/ql/lib/ext/org.apache.velocity.app.model.yml index 1afc328b882..307f534d3ea 100644 --- a/java/ql/lib/ext/org.apache.velocity.app.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.app.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml index a8f740a2301..68f4e16fc5a 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "ssti", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml index 4d3ce4c37ed..a204fb0711d 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "ssti", "manual"] + - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml index dbb6ace53da..602a6223fe8 100644 --- a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml +++ b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "create-file", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "create-file", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml index 61ec26f4482..fdccc85e6a9 100644 --- a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml +++ b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy", "manual"] + - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.model.yml b/java/ql/lib/ext/org.dom4j.model.yml index b2e5c2ed379..f54c817d966 100644 --- a/java/ql/lib/ext/org.dom4j.model.yml +++ b/java/ql/lib/ext/org.dom4j.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.tree.model.yml b/java/ql/lib/ext/org.dom4j.tree.model.yml index 0896937bb16..3117806aa6e 100644 --- a/java/ql/lib/ext/org.dom4j.tree.model.yml +++ b/java/ql/lib/ext/org.dom4j.tree.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.util.model.yml b/java/ql/lib/ext/org.dom4j.util.model.yml index d7dc55cd145..530652f2ede 100644 --- a/java/ql/lib/ext/org.dom4j.util.model.yml +++ b/java/ql/lib/ext/org.dom4j.util.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml index 23f0e2a48a8..28c3430e818 100644 --- a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml +++ b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml index c6719b6a97e..914a60fe38a 100644 --- a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml +++ b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml @@ -4,4 +4,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirect", "ai-manual"] + - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirection", "ai-manual"] diff --git a/java/ql/lib/ext/org.hibernate.model.yml b/java/ql/lib/ext/org.hibernate.model.yml index ffa483ec742..c6a18bb1350 100644 --- a/java/ql/lib/ext/org.hibernate.model.yml +++ b/java/ql/lib/ext/org.hibernate.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.hibernate.query.model.yml b/java/ql/lib/ext/org.hibernate.query.model.yml index 6281a33caa5..bb6232c1fcd 100644 --- a/java/ql/lib/ext/org.hibernate.query.model.yml +++ b/java/ql/lib/ext/org.hibernate.query.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.jboss.logging.model.yml b/java/ql/lib/ext/org.jboss.logging.model.yml index 069ae852b77..31636f1a6a3 100644 --- a/java/ql/lib/ext/org.jboss.logging.model.yml +++ b/java/ql/lib/ext/org.jboss.logging.model.yml @@ -3,327 +3,327 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.jdbi.v3.core.model.yml b/java/ql/lib/ext/org.jdbi.v3.core.model.yml index fd7f4e824ac..a80c0a3d90e 100644 --- a/java/ql/lib/ext/org.jdbi.v3.core.model.yml +++ b/java/ql/lib/ext/org.jdbi.v3.core.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.jooq.model.yml b/java/ql/lib/ext/org.jooq.model.yml index cf7fc22a923..b7538263a31 100644 --- a/java/ql/lib/ext/org.jooq.model.yml +++ b/java/ql/lib/ext/org.jooq.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql", "manual"] + - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml index 514b23a9958..49cd049cdfa 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.model.yml index a3ae44a683b..7a242051485 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirect", "ai-manual"] - - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirection", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.mvel2.compiler.model.yml b/java/ql/lib/ext/org.mvel2.compiler.model.yml index 6ca33c8cdb0..0b3535a6fcf 100644 --- a/java/ql/lib/ext/org.mvel2.compiler.model.yml +++ b/java/ql/lib/ext/org.mvel2.compiler.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] + - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.jsr223.model.yml b/java/ql/lib/ext/org.mvel2.jsr223.model.yml index 6a63bbcf57c..7dff4964cf0 100644 --- a/java/ql/lib/ext/org.mvel2.jsr223.model.yml +++ b/java/ql/lib/ext/org.mvel2.jsr223.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.model.yml b/java/ql/lib/ext/org.mvel2.model.yml index fd7778c89a6..28a7154df90 100644 --- a/java/ql/lib/ext/org.mvel2.model.yml +++ b/java/ql/lib/ext/org.mvel2.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel", "manual"] + - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.templates.model.yml b/java/ql/lib/ext/org.mvel2.templates.model.yml index 0e31cee38b0..93fdbde10ed 100644 --- a/java/ql/lib/ext/org.mvel2.templates.model.yml +++ b/java/ql/lib/ext/org.mvel2.templates.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml index a4eb31084cc..1d2aa29efee 100644 --- a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml +++ b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "create-file", "ai-manual"] + - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.scijava.log.model.yml b/java/ql/lib/ext/org.scijava.log.model.yml index 303dbae27e2..ad53130cd07 100644 --- a/java/ql/lib/ext/org.scijava.log.model.yml +++ b/java/ql/lib/ext/org.scijava.log.model.yml @@ -3,16 +3,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.model.yml b/java/ql/lib/ext/org.slf4j.model.yml index 6ff2f31847d..e714155b3f2 100644 --- a/java/ql/lib/ext/org.slf4j.model.yml +++ b/java/ql/lib/ext/org.slf4j.model.yml @@ -3,53 +3,53 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.spi.model.yml b/java/ql/lib/ext/org.slf4j.spi.model.yml index 197131b6e17..a1d5c498c33 100644 --- a/java/ql/lib/ext/org.slf4j.spi.model.yml +++ b/java/ql/lib/ext/org.slf4j.spi.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml index bd7c5d8c5c1..7d61e1431c9 100644 --- a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml +++ b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.http.model.yml b/java/ql/lib/ext/org.springframework.http.model.yml index 8835a471c28..cb5f18a7732 100644 --- a/java/ql/lib/ext/org.springframework.http.model.yml +++ b/java/ql/lib/ext/org.springframework.http.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml index 9374293d0bb..38d91bb3090 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml index 9ecd0973558..a2ba27f6062 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "batchUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "query", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForList", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForMap", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForObject", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForRowSet", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForStream", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "update", "", "", "Argument[0]", "sql", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "update", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml index 7bb84c37e2c..3c274d264f9 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml index 413e29e2631..192e9263f0a 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql", "manual"] + - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.ldap.core.model.yml b/java/ql/lib/ext/org.springframework.ldap.core.model.yml index 962dec40c59..ce4ef72e283 100644 --- a/java/ql/lib/ext/org.springframework.ldap.core.model.yml +++ b/java/ql/lib/ext/org.springframework.ldap.core.model.yml @@ -22,17 +22,17 @@ extensions: - ["org.springframework.ldap.core", "LdapOperations", True, "search", "(String,String,int,String[],ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(Name,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(String,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.util.model.yml b/java/ql/lib/ext/org.springframework.util.model.yml index a0203a0ce9e..a868638c4df 100644 --- a/java/ql/lib/ext/org.springframework.util.model.yml +++ b/java/ql/lib/ext/org.springframework.util.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "read-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "create-file", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.springframework.web.client.model.yml b/java/ql/lib/ext/org.springframework.web.client.model.yml index 69f4cb64fc6..79a7f577c3d 100644 --- a/java/ql/lib/ext/org.springframework.web.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.client.model.yml @@ -10,16 +10,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml index cb2d1db4444..a76582b5e80 100644 --- a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.thymeleaf.model.yml b/java/ql/lib/ext/org.thymeleaf.model.yml index 66361b05836..2556cad8314 100644 --- a/java/ql/lib/ext/org.thymeleaf.model.yml +++ b/java/ql/lib/ext/org.thymeleaf.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "ssti", "manual"] - - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "ssti", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "template-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/play.libs.ws.model.yml b/java/ql/lib/ext/play.libs.ws.model.yml new file mode 100644 index 00000000000..3547414a7ad --- /dev/null +++ b/java/ql/lib/ext/play.libs.ws.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["play.libs.ws", "WSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] + - ["play.libs.ws", "StandaloneWSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/play.mvc.model.yml b/java/ql/lib/ext/play.mvc.model.yml index a1f8dc60fe0..ba9a11c3f78 100644 --- a/java/ql/lib/ext/play.mvc.model.yml +++ b/java/ql/lib/ext/play.mvc.model.yml @@ -3,7 +3,44 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["play.mvc", "Http$RequestHeader", False, "getHeader", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "getQueryString", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "header", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$Request", True, "body", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookie", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookies", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "getHeader", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "getHeaders", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "getQueryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "header", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "headers", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "host", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "path", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "remoteAddress", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "uri", "", "", "ReturnValue", "remote", "manual"] + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["play.mvc", "Http$RequestBody", True, "as", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestBody", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asMultipartFormData", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asRaw", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asText", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asXml", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "parseJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFiles", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getContentType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getDispositionType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.4.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFilename", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getKey", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getRef", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RawBuffer", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RawBuffer", True, "asFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "name", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "value", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "getCookie", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x diff --git a/java/ql/lib/ext/retrofit2.model.yml b/java/ql/lib/ext/retrofit2.model.yml index 51c4c0eed83..4ea997169a9 100644 --- a/java/ql/lib/ext/retrofit2.model.yml +++ b/java/ql/lib/ext/retrofit2.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index c48db63b34d..ada2ac9e999 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.6.2-dev +version: 0.6.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/lib/semmle/code/java/Serializability.qll b/java/ql/lib/semmle/code/java/Serializability.qll index fc8a19040f0..72490118020 100644 --- a/java/ql/lib/semmle/code/java/Serializability.qll +++ b/java/ql/lib/semmle/code/java/Serializability.qll @@ -4,6 +4,7 @@ import java private import frameworks.jackson.JacksonSerializability +private import frameworks.google.GsonSerializability private import frameworks.google.GoogleHttpClientApi /** diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 4cb21496f5f..5fb9ce0f8f1 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -274,11 +274,12 @@ module ModelValidation { exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap", "sql", "jdbc-url", "logging", "mvel", "xpath", - "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirect", - "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", - "information-leak", "xslt", "jexl", "bean-validation", "ssti", "fragment-injection", - "command-injection" + "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection", + "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection", + "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", + "path-injection", "file-content-store", "hostname-verification", "response-splitting", + "information-leak", "xslt-injection", "jexl-injection", "bean-validation", + "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and @@ -286,7 +287,7 @@ module ModelValidation { ) or exists(string kind | sourceModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["remote", "contentprovider", "android-widget", "android-external-storage-dir"] and + not kind = ["remote", "contentprovider", "android-external-storage-dir"] and not kind.matches("qltest%") and result = "Invalid kind \"" + kind + "\" in source model." ) diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index e10cd0db708..d26aa5d35f6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -36,13 +36,6 @@ abstract class RemoteFlowSource extends DataFlow::Node { abstract string getSourceType(); } -/** - * A module for importing frameworks that define remote flow sources. - */ -private module RemoteFlowSources { - private import semmle.code.java.frameworks.android.Widget -} - private class ExternalRemoteFlowSource extends RemoteFlowSource { ExternalRemoteFlowSource() { sourceNode(this, "remote") } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll index 81c34179c15..9cb39ed83a7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll @@ -4,12 +4,6 @@ import java private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSources -private class DefaultAndroidWidgetSources extends RemoteFlowSource { - DefaultAndroidWidgetSources() { sourceNode(this, "android-widget") } - - override string getSourceType() { result = "Android widget source" } -} - private class EditableToStringStep extends AdditionalTaintStep { override predicate step(DataFlow::Node n1, DataFlow::Node n2) { exists(MethodAccess ma | diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll new file mode 100644 index 00000000000..f7de80daaf4 --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -0,0 +1,60 @@ +/** + * Provides classes and predicates for working with Java Serialization in the context of + * the `com.google.gson` JSON processing framework. + */ + +import java +private import semmle.code.java.Serializability +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.FlowSteps + +/** + * A method used for deserializing objects using Gson. The first parameter is the object to be + * deserialized. + */ +private class GsonReadValueMethod extends Method { + GsonReadValueMethod() { this.hasQualifiedName("com.google.gson", "Gson", "fromJson") } +} + +/** A type whose values may be deserialized by the Gson JSON framework. */ +abstract class GsonDeserializableType extends Type { } + +/** A type whose values are explicitly deserialized in a call to a Gson method. */ +private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableType { + ExplicitlyReadGsonDeserializableType() { + exists(MethodAccess ma | + // A call to a Gson read method... + ma.getMethod() instanceof GsonReadValueMethod and + // ...where `this` is used in the final argument, indicating that this type will be deserialized. + // TODO: find a way to get the type represented by java.lang.reflect.Type and com.google.gson.reflect.TypeToken + // fromJson(String json, TypeToken typeOfT) + // fromJson(String json, Type typeOfT) + usesType(ma.getArgument(1).getType(), this) and + not this instanceof TypeClass and + not this instanceof TypeObject + ) + } +} + +/** A type used in a `GsonDeserializableField` declaration. */ +private class FieldReferencedGsonDeserializableType extends GsonDeserializableType { + FieldReferencedGsonDeserializableType() { + exists(GsonDeserializableField f | usesType(f.getType(), this)) + } +} + +/** A field that may be deserialized using the Gson JSON framework. */ +private class GsonDeserializableField extends DeserializableField { + pragma[assume_small_delta] + GsonDeserializableField() { + exists(GsonDeserializableType superType | + superType = this.getDeclaringType().getAnAncestor() and + not superType instanceof TypeObject and + superType.fromSource() + ) + } +} + +private class GsonInheritTaint extends DataFlow::FieldContent, TaintInheritingContent { + GsonInheritTaint() { this.getField() instanceof GsonDeserializableField } +} diff --git a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll index 993c2941733..ef5f84001f0 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll @@ -30,7 +30,7 @@ class IntentRedirectionAdditionalTaintStep extends Unit { /** Default sink for Intent redirection vulnerabilities. */ private class DefaultIntentRedirectionSink extends IntentRedirectionSink { - DefaultIntentRedirectionSink() { sinkNode(this, "intent-start") } + DefaultIntentRedirectionSink() { sinkNode(this, "intent-redirection") } } /** diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll index 2641a3ab0df..d7097f1ecf2 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll @@ -20,7 +20,7 @@ private class AndroidFilesystemCleartextStorageSink extends CleartextStorageSink /** A call to a method or constructor that may write to files to the local filesystem. */ class LocalFileOpenCall extends Storable { LocalFileOpenCall() { - this = any(DataFlow::Node sink | sinkNode(sink, "create-file")).asExpr().(Argument).getCall() + this = any(DataFlow::Node sink | sinkNode(sink, "path-injection")).asExpr().(Argument).getCall() } override Expr getAnInput() { @@ -40,7 +40,7 @@ class LocalFileOpenCall extends Storable { /** Holds if `input` is written into `file`. */ private predicate filesystemInput(DataFlow::Node file, Argument input) { - exists(DataFlow::Node write | sinkNode(write, "write-file") | + exists(DataFlow::Node write | sinkNode(write, "file-content-store") | input = write.asExpr() or isVarargs(input, write) ) and diff --git a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll index 54ea8afce91..b4fe2fd5e84 100644 --- a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll +++ b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll @@ -21,7 +21,7 @@ class GroovyInjectionAdditionalTaintStep extends Unit { } private class DefaultGroovyInjectionSink extends GroovyInjectionSink { - DefaultGroovyInjectionSink() { sinkNode(this, "groovy") } + DefaultGroovyInjectionSink() { sinkNode(this, "groovy-injection") } } /** A set of additional taint steps to consider when taint tracking Groovy related data flows. */ diff --git a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll index a2b144a3833..07435889fd9 100644 --- a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll +++ b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll @@ -30,7 +30,8 @@ class HttpStringLiteral extends StringLiteral { abstract class UrlOpenSink extends DataFlow::Node { } private class DefaultUrlOpenSink extends UrlOpenSink { - DefaultUrlOpenSink() { sinkNode(this, "open-url") } + // request-forgery sinks control the URL of a request + DefaultUrlOpenSink() { sinkNode(this, "request-forgery") } } /** diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll index 308b8037554..41985affc0e 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll @@ -54,7 +54,8 @@ private class IntentCreationSource extends ImplicitPendingIntentSource { private class SendPendingIntent extends ImplicitPendingIntentSink { SendPendingIntent() { - sinkNode(this, "intent-start") and + // intent redirection sinks are method calls that start Android components + sinkNode(this, "intent-redirection") and // implicit intents can't be started as services since API 21 not exists(MethodAccess ma, Method m | ma.getMethod() = m and @@ -63,7 +64,7 @@ private class SendPendingIntent extends ImplicitPendingIntentSink { this.asExpr() = ma.getArgument(0) ) or - sinkNode(this, "pending-intent-sent") + sinkNode(this, "pending-intents") } override predicate hasState(DataFlow::FlowState state) { state = "MutablePendingIntent" } diff --git a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll index 4138b851e85..dd877720495 100644 --- a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll @@ -13,7 +13,7 @@ abstract class JexlEvaluationSink extends DataFlow::ExprNode { } /** Default sink for JXEL injection vulnerabilities. */ private class DefaultJexlEvaluationSink extends JexlEvaluationSink { - DefaultJexlEvaluationSink() { sinkNode(this, "jexl") } + DefaultJexlEvaluationSink() { sinkNode(this, "jexl-injection") } } /** diff --git a/java/ql/lib/semmle/code/java/security/LdapInjection.qll b/java/ql/lib/semmle/code/java/security/LdapInjection.qll index d78bd2f7ae1..0e2a35c764e 100644 --- a/java/ql/lib/semmle/code/java/security/LdapInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LdapInjection.qll @@ -29,7 +29,7 @@ class LdapInjectionAdditionalTaintStep extends Unit { /** Default sink for LDAP injection vulnerabilities. */ private class DefaultLdapInjectionSink extends LdapInjectionSink { - DefaultLdapInjectionSink() { sinkNode(this, "ldap") } + DefaultLdapInjectionSink() { sinkNode(this, "ldap-injection") } } /** A sanitizer that clears the taint on (boxed) primitive types. */ diff --git a/java/ql/lib/semmle/code/java/security/LogInjection.qll b/java/ql/lib/semmle/code/java/security/LogInjection.qll index e60e6ed9a7f..2314d807a60 100644 --- a/java/ql/lib/semmle/code/java/security/LogInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LogInjection.qll @@ -27,7 +27,7 @@ class LogInjectionAdditionalTaintStep extends Unit { } private class DefaultLogInjectionSink extends LogInjectionSink { - DefaultLogInjectionSink() { sinkNode(this, "logging") } + DefaultLogInjectionSink() { sinkNode(this, "log-injection") } } private class DefaultLogInjectionSanitizer extends LogInjectionSanitizer { diff --git a/java/ql/lib/semmle/code/java/security/MvelInjection.qll b/java/ql/lib/semmle/code/java/security/MvelInjection.qll index a0ada3d91a1..803c6ad0cf9 100644 --- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll @@ -25,7 +25,7 @@ class MvelInjectionAdditionalTaintStep extends Unit { /** Default sink for MVEL injection vulnerabilities. */ private class DefaultMvelEvaluationSink extends MvelEvaluationSink { - DefaultMvelEvaluationSink() { sinkNode(this, "mvel") } + DefaultMvelEvaluationSink() { sinkNode(this, "mvel-injection") } } /** A default sanitizer that considers numeric and boolean typed data safe for building MVEL expressions */ diff --git a/java/ql/lib/semmle/code/java/security/QueryInjection.qll b/java/ql/lib/semmle/code/java/security/QueryInjection.qll index fda91647bcd..217d80bf170 100644 --- a/java/ql/lib/semmle/code/java/security/QueryInjection.qll +++ b/java/ql/lib/semmle/code/java/security/QueryInjection.qll @@ -25,7 +25,7 @@ class AdditionalQueryInjectionTaintStep extends Unit { /** A sink for SQL injection vulnerabilities. */ private class SqlInjectionSink extends QueryInjectionSink { - SqlInjectionSink() { sinkNode(this, "sql") } + SqlInjectionSink() { sinkNode(this, "sql-injection") } } /** A sink for Java Persistence Query Language injection vulnerabilities. */ diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index f9b98490dfa..0eeea1c2afd 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -52,12 +52,8 @@ private class TypePropertiesRequestForgeryAdditionalTaintStep extends RequestFor /** A data flow sink for server-side request forgery (SSRF) vulnerabilities. */ abstract class RequestForgerySink extends DataFlow::Node { } -private class UrlOpenSinkAsRequestForgerySink extends RequestForgerySink { - UrlOpenSinkAsRequestForgerySink() { sinkNode(this, "open-url") } -} - -private class JdbcUrlSinkAsRequestForgerySink extends RequestForgerySink { - JdbcUrlSinkAsRequestForgerySink() { sinkNode(this, "jdbc-url") } +private class DefaultRequestForgerySink extends RequestForgerySink { + DefaultRequestForgerySink() { sinkNode(this, "request-forgery") } } /** A sanitizer for request forgery vulnerabilities. */ diff --git a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll index 916b6df4372..2e2033443a5 100644 --- a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll +++ b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll @@ -11,7 +11,7 @@ private import semmle.code.java.dataflow.ExternalFlow abstract class HeaderSplittingSink extends DataFlow::Node { } private class DefaultHeaderSplittingSink extends HeaderSplittingSink { - DefaultHeaderSplittingSink() { sinkNode(this, "header-splitting") } + DefaultHeaderSplittingSink() { sinkNode(this, "response-splitting") } } /** A source that introduces data considered safe to use by a header splitting source. */ diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll index d9ed2b970b0..984c9f6fcaa 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll @@ -35,7 +35,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } override predicate isSanitizer(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or @@ -52,7 +52,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati module SensitiveLoggerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } predicate isBarrier(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or diff --git a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll index 27a54d0ecfa..4fa64846c91 100644 --- a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll @@ -58,7 +58,7 @@ module TaintedPathConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(PathCreation p).getAnInput() or - sinkNode(sink, ["create-file", "read-file"]) + sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { @@ -85,7 +85,7 @@ module TaintedPathLocalConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(PathCreation p).getAnInput() or - sinkNode(sink, "create-file") + sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll index b8625556c7a..bd568355886 100644 --- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll +++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll @@ -66,7 +66,7 @@ private class DefaultTemplateInjectionSource extends TemplateInjectionSource ins { } private class DefaultTemplateInjectionSink extends TemplateInjectionSink { - DefaultTemplateInjectionSink() { sinkNode(this, "ssti") } + DefaultTemplateInjectionSink() { sinkNode(this, "template-injection") } } private class DefaultTemplateInjectionSanitizer extends TemplateInjectionSanitizer { diff --git a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll index 1fc60e3494e..1b44121591c 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll @@ -74,7 +74,7 @@ module TrustAllHostnameVerifierFlow = DataFlow::Global; * A sink that represents a file creation, such as a file write, copy or move operation. */ private class FileCreationSink extends DataFlow::Node { - FileCreationSink() { sinkNode(this, "create-file") } + FileCreationSink() { sinkNode(this, "path-injection") } } diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 744ac866083..1e7cebcfca1 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. +* Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). + ## 0.6.1 No user-facing changes. diff --git a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp index 08b67acb638..7fcdb97535b 100644 --- a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp +++ b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

- ^_(__|.)+_$ - +^_(__|.)+_$

Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two @@ -25,8 +24,7 @@ the two branches of the alternative inside the repetition:

- ^_(__|[^_])+_$ - +^_(__|[^_])+_$ diff --git a/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md b/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md deleted file mode 100644 index 1696ffbd213..00000000000 --- a/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. diff --git a/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md b/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md deleted file mode 100644 index 7f668dd1b28..00000000000 --- a/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. diff --git a/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md b/java/ql/src/change-notes/released/0.6.2.md similarity index 50% rename from java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md rename to java/ql/src/change-notes/released/0.6.2.md index 01bbfe267bd..50a5ff81b8f 100644 --- a/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md +++ b/java/ql/src/change-notes/released/0.6.2.md @@ -1,4 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. * Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll index e8795a25431..ba6c895dc8f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll @@ -8,7 +8,7 @@ import semmle.code.java.frameworks.android.Intent /** A sink representing methods creating a file in Android. */ class AndroidFileSink extends DataFlow::Node { - AndroidFileSink() { sinkNode(this, "create-file") } + AndroidFileSink() { sinkNode(this, "path-injection") } } /** diff --git a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll index bff6a0a3893..3b5a8940239 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll @@ -89,7 +89,7 @@ class GetVirtualFileChildMethod extends Method { /** An argument to `getResource()` or `getResourceAsStream()`. */ private class GetResourceSink extends UnsafeUrlForwardSink { GetResourceSink() { - sinkNode(this, "open-url") + sinkNode(this, "request-forgery") or sinkNode(this, "get-resource") or diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 3e640f9376f..2da31e822ff 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - java - queries diff --git a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py index 5e35ca52dd1..1cc943a78ec 100755 --- a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py +++ b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py @@ -18,7 +18,7 @@ GenerateFlowTestCase.py specsToTest projectPom.xml outdir [--force] This generates test cases exercising function model specifications found in specsToTest producing files Test.java, test.ql, test.ext.yml and test.expected in outdir. -specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the +specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the model specifications to test. projectPom.xml should be a Maven pom sufficient to resolve the classes named in specsToTest.csv. @@ -276,7 +276,7 @@ if len(supportModelRows) != 0: modelSpecRow[0].strip() for modelSpecRow in supportModelRows) dataextensions = f"""extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: {models} diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll index fcc1ef97ecc..7877594519a 100644 --- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll +++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll @@ -250,9 +250,9 @@ string asInputArgumentSpecific(DataFlow::Node source) { */ bindingset[kind] predicate isRelevantSinkKind(string kind) { - not kind = "logging" and + not kind = "log-injection" and not kind.matches("regex-use%") and - not kind = "write-file" + not kind = "file-content-store" } /** diff --git a/java/ql/src/utils/stub-generator/Stubs.qll b/java/ql/src/utils/stub-generator/Stubs.qll index 785f621cba0..889bc6b466c 100644 --- a/java/ql/src/utils/stub-generator/Stubs.qll +++ b/java/ql/src/utils/stub-generator/Stubs.qll @@ -285,15 +285,25 @@ private string stubQualifier(RefType t) { else result = "" } +pragma[nomagic] +private predicate needsPackageNameHelper(RefType t, GeneratedTopLevel top, string name) { + t.getSourceDeclaration() = + pragma[only_bind_out]([getAReferencedType(top), top].getSourceDeclaration()) and + name = t.getName() +} + +pragma[nomagic] +private predicate describesMultipleTypes(GeneratedTopLevel top, string name) { + 2 <= strictcount(RefType t | needsPackageNameHelper(t, top, name)) +} + /** * Holds if `t` may clash with another type of the same name, so should be referred to using the fully qualified name */ private predicate needsPackageName(RefType t) { - exists(GeneratedTopLevel top, RefType other | - t.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - other.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - t.getName() = other.getName() and - t != other + exists(GeneratedTopLevel top, string name | + needsPackageNameHelper(t, top, name) and + describesMultipleTypes(top, name) ) } diff --git a/java/ql/test/ext/TestModels/test.ext.yml b/java/ql/test/ext/TestModels/test.ext.yml index 4fff7d575a3..c5873214f71 100644 --- a/java/ql/test/ext/TestModels/test.ext.yml +++ b/java/ql/test/ext/TestModels/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml index 5f35c923ad0..a153e39a0e0 100644 --- a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.callback.qltest", "A", False, "applyConsumer1", "(Object,Consumer1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] @@ -15,4 +15,3 @@ extensions: - ["my.callback.qltest", "A", False, "produceConsume", "(Producer1,Consumer3)", "", "Argument[1].Parameter[0]", "ReturnValue", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] - diff --git a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml index ebe7e3b6ea5..c12a0156d0c 100644 --- a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml +++ b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "B", False, "readElement", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 55a76b79b21..d469a2de0dc 100644 --- a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - ["my.qltest", "B", False, "sink1", "(Object)", "", "Argument[0]", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml index 7730d41e549..9693152f1c0 100644 --- a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sourceModel data: - ["my.qltest", "A", False, "src1", "()", "", "ReturnValue", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml index 41d26cf815a..c6a1fb69d6d 100644 --- a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest", "C", False, "stepArgRes", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml index 3d3bbe9fd47..58b4d2ecc24 100644 --- a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest.synth", "A", False, "storeInArray", "(String)", "", "Argument[0]", "SyntheticGlobal[db1].ArrayElement", "value", "manual"] diff --git a/java/ql/test/library-tests/dataflow/taint-gson/Test.java b/java/ql/test/library-tests/dataflow/taint-gson/Test.java new file mode 100644 index 00000000000..82ca2388bbe --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/Test.java @@ -0,0 +1,38 @@ +import com.google.gson.Gson; + +public class Test { + public static class Potato { + private String name; + private Potato inner; + private Object object; + + private String getName() { + return name; + } + + private Potato getInner() { + return inner; + } + + private Object getObject() { + return object; + } + + } + + public static String source() { + return ""; + } + + public static void sink(Object any) {} + + public static void gsonfromJson() throws Exception { + String s = source(); + Potato tainted = new Gson().fromJson(s, Potato.class); + sink(tainted); // $ hasTaintFlow + sink(tainted.getName()); // $ hasTaintFlow + sink(tainted.getInner()); // $ hasTaintFlow + sink(tainted.getInner().getName()); // $ hasTaintFlow + sink(tainted.getObject()); // $ hasTaintFlow + } +} diff --git a/swift/ql/test/library-tests/ast/no_double_children.expected b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_children.expected rename to java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected diff --git a/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/dataflow/taint-gson/options b/java/ql/test/library-tests/dataflow/taint-gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java new file mode 100644 index 00000000000..55087a6596b --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java @@ -0,0 +1,25 @@ +import play.mvc.Http; + +public class PlayMvc { + + private Http.Request request; + private Http.RequestHeader header; + + private static void sink(Object o) {} + + public void test() throws Exception { + sink(request.body()); // $ hasRemoteValueFlow + sink(header.cookie(null)); // $ hasRemoteValueFlow + sink(header.cookies()); // $ hasRemoteValueFlow + sink(header.getHeader(null)); // $ hasRemoteValueFlow + sink(header.getHeaders()); // $ hasRemoteValueFlow + sink(header.getQueryString(null)); // $ hasRemoteValueFlow + sink(header.header(null)); // $ hasRemoteValueFlow + sink(header.headers()); // $ hasRemoteValueFlow + sink(header.host()); // $ hasRemoteValueFlow + sink(header.path()); // $ hasRemoteValueFlow + sink(header.queryString()); // $ hasRemoteValueFlow + sink(header.remoteAddress()); // $ hasRemoteValueFlow + sink(header.uri()); // $ hasRemoteValueFlow + } +} diff --git a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml index cf5c80bc456..06781456552 100644 --- a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml index 31321102a46..0a3ce554bc7 100644 --- a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newBundleWithMapValue", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml index bd5c804fddc..69b416a5b72 100644 --- a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getMapKeyDefault", "(Bundle)", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml index a5d1cc8e1ab..60531154074 100644 --- a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newRBWithMapValue", "", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml index ff32ab78646..6e41b8a4e24 100644 --- a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Client", False, "getURIBuilder_pathDefault", "(Object)", "", "Argument[0].SyntheticField[org.apache.http.client.utils.URIBuilder.path]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/frameworks/gson/Test.java b/java/ql/test/library-tests/frameworks/gson/Test.java new file mode 100644 index 00000000000..eb3e1e526f0 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/Test.java @@ -0,0 +1,468 @@ +package generatedtest; + +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import com.google.gson.reflect.TypeToken; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; +import java.util.List; +import java.util.Map; +import java.util.Set; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + K getMapKey(Map map) { return map.keySet().iterator().next(); } + T getElement(Iterable it) { return it.iterator().next(); } + V getMapValue(Map map) { return map.get(null); } + String getMapKeyDefault(JsonObject container) { return container.keySet().iterator().next(); } + K getMapKeyDefault(Map.Entry container) { return container.getKey(); } + JsonElement getMapValueDefault(JsonObject container) { return container.get(null); } + V getMapValueDefault(Map.Entry container) { return container.getValue(); } + JsonArray newWithElementDefault(String element) { JsonArray a = new JsonArray(); a.add(element); return a; } + JsonObject newWithMapKeyDefault(String key) { JsonObject o = new JsonObject(); o.add(key, (JsonElement) null); return o; } + JsonObject newWithMapValueDefault(JsonElement element) { JsonObject o = new JsonObject(); o.add(null, element); return o; } + Object source() { return null; } + void sink(Object o) { } + + public void test() throws Exception { + + { + // "com.google.gson.stream;JsonReader;false;nextName;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextName(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson.stream;JsonReader;false;nextString;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonReader;;;Argument[0];ReturnValue;taint;manual" + JsonReader out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.newJsonReader(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonWriter;;;Argument[0];ReturnValue;taint;manual" + JsonWriter out = null; + Writer in = (Writer)source(); + Gson instance = null; + out = instance.newJsonWriter(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement);;Argument[0];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,JsonWriter);;Argument[0];Argument[1];taint;manual" + JsonWriter out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,Appendable);;Argument[0];Argument[2];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,JsonWriter);;Argument[0];Argument[2];taint;manual" + JsonWriter out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object,Type);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in, null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Boolean in = (Boolean)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Character in = (Character)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Number in = (Number)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + String in = (String)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;asList;;;Argument[this].Element;ReturnValue.Element;value;manual" + List out = null; + JsonArray in = (JsonArray)newWithElementDefault((String) source()); + out = in.asList(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;get;;;Argument[this].Element;ReturnValue;value;manual" + JsonElement out = null; + JsonArray in = (JsonArray)newWithElementDefault((String) source()); + out = in.get(0); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;set;;;Argument[1];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.set(0, in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonArray in = (JsonArray)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonElement in = (JsonElement)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonArray in = (JsonArray)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonElement in = (JsonElement)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonArray;();;Argument[this];ReturnValue;taint;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonArray(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonObject;();;Argument[this];ReturnValue;taint;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonObject(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonPrimitive;();;Argument[this];ReturnValue;taint;manual" + JsonPrimitive out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonPrimitive(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonArray in = (JsonArray)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;toString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.toString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.add(in, null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out.add(null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty(in, (String)null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty((String)null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapKey;ReturnValue.MapKey;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.asMap(); + sink(getMapKey(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapValue;ReturnValue.MapValue;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.asMap(); + sink(getMapValue(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapKey;value;manual" + Set> out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapKeyDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapValue;value;manual" + Set> out = null; + JsonObject in = (JsonObject) newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapValueDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;get;;;Argument[this].MapValue;ReturnValue;value;manual" + JsonElement out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.get(null); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;keySet;;;Argument[this].MapKey;ReturnValue.Element;value;manual" + Set out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.keySet(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(Character);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + Character in = (Character)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(String);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + String in = (String)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + + } + +} \ No newline at end of file diff --git a/java/ql/test/library-tests/frameworks/gson/options b/java/ql/test/library-tests/frameworks/gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/swift/ql/test/library-tests/ast/no_double_indexes.expected b/java/ql/test/library-tests/frameworks/gson/test.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_indexes.expected rename to java/ql/test/library-tests/frameworks/gson/test.expected diff --git a/java/ql/test/library-tests/frameworks/gson/test.ql b/java/ql/test/library-tests/frameworks/gson/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml index 153b649a3e6..e711fa15ecc 100644 --- a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithElementDefault", "(Object)", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml index 35050f48ec0..230733b3ebc 100644 --- a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getThrowable_messageDefault", "(Object)", "", "Argument[0].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml index f6b69f08632..47a199c75f1 100644 --- a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/okhttp/test.ql b/java/ql/test/library-tests/frameworks/okhttp/test.ql index 2992a519e64..52e8a47132a 100644 --- a/java/ql/test/library-tests/frameworks/okhttp/test.ql +++ b/java/ql/test/library-tests/frameworks/okhttp/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module OkHttpFlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module OkHttpFlow = DataFlow::Global; diff --git a/java/ql/test/library-tests/frameworks/play/mad/Test.java b/java/ql/test/library-tests/frameworks/play/mad/Test.java new file mode 100644 index 00000000000..cb7fb123a62 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/mad/Test.java @@ -0,0 +1,194 @@ +package generatedtest; + +import akka.util.ByteString; +import com.fasterxml.jackson.databind.JsonNode; +import java.io.File; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import org.w3c.dom.Document; +import play.mvc.Http; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + Object source() { + return null; + } + + void sink(Object o) {} + + public void test() throws Exception { + + { + // "play.mvc;Http$Cookie;true;name;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.name(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookie;true;value;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.value(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;get;;;Argument[this];ReturnValue;taint;manual" + Http.Cookie out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.get(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;getCookie;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.getCookie(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getContentType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getContentType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getDispositionType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getDispositionType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getFilename;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getFilename(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getKey;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getKey(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getRef;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getRef(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFile;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData.FilePart out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFile(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFiles;;;Argument[this];ReturnValue;taint;manual" + List out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFiles(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(0); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asFile;;;Argument[this];ReturnValue;taint;manual" + File out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asFile(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;as;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.as(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asJson;;;Argument[this];ReturnValue;taint;manual" + JsonNode out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asJson(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asMultipartFormData;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asMultipartFormData(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asRaw;;;Argument[this];ReturnValue;taint;manual" + Http.RawBuffer out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asRaw(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asText;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asText(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asXml;;;Argument[this];ReturnValue;taint;manual" + Document out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asXml(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;parseJson;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.parseJson(null); + sink(out); // $ hasTaintFlow + } + + } + +} diff --git a/swift/ql/test/library-tests/ast/no_double_parents.expected b/java/ql/test/library-tests/frameworks/play/test.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_parents.expected rename to java/ql/test/library-tests/frameworks/play/test.expected diff --git a/java/ql/test/library-tests/frameworks/play/test.ql b/java/ql/test/library-tests/frameworks/play/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/frameworks/retrofit/test.ql b/java/ql/test/library-tests/frameworks/retrofit/test.ql index 5db5201aad0..e09f1ed41d7 100644 --- a/java/ql/test/library-tests/frameworks/retrofit/test.ql +++ b/java/ql/test/library-tests/frameworks/retrofit/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module FlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module Flow = DataFlow::Global; diff --git a/java/ql/test/library-tests/frameworks/stream/test.ext.yml b/java/ql/test/library-tests/frameworks/stream/test.ext.yml index 4f1cc3e38ac..a304f9542a4 100644 --- a/java/ql/test/library-tests/frameworks/stream/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/stream/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getElementSpliterator", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/swift/ql/test/library-tests/ast/no_parent_child_loops.expected b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_parent_child_loops.expected rename to java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql new file mode 100644 index 00000000000..224b03ea51c --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql @@ -0,0 +1,40 @@ +import java +import TestUtilities.InlineExpectationsTest +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.dataflow.ExternalFlow +import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl + +class SinkTest extends InlineExpectationsTest { + SinkTest() { this = "SinkTest" } + + override string getARelevantTag() { result = "isSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isSink" and + exists(DataFlow::Node sink | + sinkNode(sink, _) and + sink.getLocation() = location and + element = sink.toString() and + value = "" + ) + } +} + +class NeutralSinkTest extends InlineExpectationsTest { + NeutralSinkTest() { this = "NeutralSinkTest" } + + override string getARelevantTag() { result = "isNeutralSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isNeutralSink" and + exists(Call call, Callable callable | + call.getCallee() = callable and + neutralModel(callable.getDeclaringType().getCompilationUnit().getPackage().getName(), + callable.getDeclaringType().getSourceDeclaration().nestedName(), callable.getName(), + [paramsString(callable), ""], "sink", _) and + call.getLocation() = location and + element = call.toString() and + value = "" + ) + } +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/Test.java b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java new file mode 100644 index 00000000000..a234132226f --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java @@ -0,0 +1,61 @@ +import java.io.File; +import java.nio.file.Files; +import java.nio.file.spi.FileSystemProvider; +import java.nio.file.LinkOption; +import java.text.Collator; +import java.text.RuleBasedCollator; +import java.util.prefs.AbstractPreferences; +import java.util.prefs.Preferences; +import org.apache.hc.client5.http.protocol.RedirectLocations; + +public class Test { + + public void test() throws Exception { + + // java.io + File file = null; + file.exists(); // $ isNeutralSink + file.compareTo(null); // $ isNeutralSink + + // java.nio.file + Files.exists(null, (LinkOption[])null); // $ isNeutralSink + Files.getLastModifiedTime(null, (LinkOption[])null); // $ isNeutralSink + Files.getOwner(null, (LinkOption[])null); // $ isNeutralSink + Files.getPosixFilePermissions(null, (LinkOption[])null); // $ isNeutralSink + Files.isDirectory(null, (LinkOption[])null); // $ isNeutralSink + Files.isExecutable(null); // $ isNeutralSink + Files.isHidden(null); // $ isNeutralSink + Files.isReadable(null); // $ isNeutralSink + Files.isRegularFile(null, (LinkOption[])null); // $ isNeutralSink + Files.isSameFile(null, null); // $ isNeutralSink + Files.isSymbolicLink(null); // $ isNeutralSink + Files.isWritable(null); // $ isNeutralSink + Files.notExists(null, (LinkOption[])null); // $ isNeutralSink + Files.setLastModifiedTime(null, null); // $ isNeutralSink + Files.size(null); // $ isNeutralSink + + // java.nio.file.spi + FileSystemProvider fsp = null; + fsp.isHidden(null); // $ isNeutralSink + fsp.isSameFile(null, null); // $ isNeutralSink + + // java.text + Collator c = null; + c.compare(null, null); // $ isNeutralSink + c.equals(null); // $ isNeutralSink + c.equals(null, null); // $ isNeutralSink + RuleBasedCollator rbc = null; + rbc.compare(null, null); // $ isNeutralSink + + // java.util.prefs + AbstractPreferences ap = null; + ap.nodeExists(null); // $ isNeutralSink + Preferences p = null; + p.nodeExists(null); // $ isNeutralSink + + // org.apache.hc.client5.http.protocol + RedirectLocations rl = null; + rl.contains(null); // $ isNeutralSink + } + +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/options b/java/ql/test/library-tests/neutrals/neutralsinks/options new file mode 100644 index 00000000000..6de6bb95285 --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/apache-http-5 diff --git a/java/ql/test/library-tests/optional/test.ext.yml b/java/ql/test/library-tests/optional/test.ext.yml index 2aebf3bdb97..24842526782 100644 --- a/java/ql/test/library-tests/optional/test.ext.yml +++ b/java/ql/test/library-tests/optional/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getStreamElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/query-tests/security/CWE-918/mad/Test.java b/java/ql/test/query-tests/security/CWE-918/mad/Test.java index 8666e821fd0..6c224b65d31 100644 --- a/java/ql/test/query-tests/security/CWE-918/mad/Test.java +++ b/java/ql/test/query-tests/security/CWE-918/mad/Test.java @@ -9,6 +9,8 @@ import javafx.scene.web.WebEngine; import org.apache.commons.jelly.JellyContext; import org.codehaus.cargo.container.installer.ZipURLInstaller; import org.kohsuke.stapler.HttpResponses; +import play.libs.ws.WSClient; +import play.libs.ws.StandaloneWSClient; public class Test { @@ -74,4 +76,14 @@ public class Test { r.staticResource((URL) source()); // $ SSRF } + public void test(WSClient c) { + // "play.libs.ws;WSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + + public void test(StandaloneWSClient c) { + // "play.libs.ws;StandaloneWSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + } diff --git a/java/ql/test/query-tests/security/CWE-918/options b/java/ql/test/query-tests/security/CWE-918/options index c8147ece2a9..82a3894bc18 100644 --- a/java/ql/test/query-tests/security/CWE-918/options +++ b/java/ql/test/query-tests/security/CWE-918/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5 +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5:${testdir}/../../../stubs/playframework-2.6.x diff --git a/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java new file mode 100644 index 00000000000..ca717c54ebd --- /dev/null +++ b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java @@ -0,0 +1,111 @@ +/* + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + + package org.apache.hc.client5.http.protocol; + + import java.net.URI; + import java.util.ArrayList; + import java.util.HashSet; + import java.util.List; + import java.util.Set; + + /** + * This class represents a collection of {@link java.net.URI}s used + * as redirect locations. + * + * @since 4.0 + */ + public final class RedirectLocations { + + private final Set unique; + private final List all; + + public RedirectLocations() { + super(); + this.unique = new HashSet<>(); + this.all = new ArrayList<>(); + } + + /** + * Test if the URI is present in the collection. + */ + public boolean contains(final URI uri) { + return this.unique.contains(uri); + } + + /** + * Adds a new URI to the collection. + */ + public void add(final URI uri) { + this.unique.add(uri); + this.all.add(uri); + } + + /** + * Returns all redirect {@link URI}s in the order they were added to the collection. + * + * @return list of all URIs + * + * @since 4.1 + */ + public List getAll() { + return new ArrayList<>(this.all); + } + + /** + * Returns the URI at the specified position in this list. + * + * @param index + * index of the location to return + * @return the URI at the specified position in this list + * @throws IndexOutOfBoundsException + * if the index is out of range ( + * {@code index < 0 || index >= size()}) + * @since 4.3 + */ + public URI get(final int index) { + return this.all.get(index); + } + + /** + * Returns the number of elements in this list. If this list contains more + * than {@code Integer.MAX_VALUE} elements, returns + * {@code Integer.MAX_VALUE}. + * + * @return the number of elements in this list + * @since 4.3 + */ + public int size() { + return this.all.size(); + } + + public void clear() { + unique.clear(); + all.clear(); + } + + } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java new file mode 100644 index 00000000000..a1cac336243 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java @@ -0,0 +1,11 @@ +// Generated automatically from com.google.gson.ExclusionStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.FieldAttributes; + +public interface ExclusionStrategy +{ + boolean shouldSkipClass(Class p0); + boolean shouldSkipField(FieldAttributes p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java new file mode 100644 index 00000000000..1db8d794976 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java @@ -0,0 +1,22 @@ +// Generated automatically from com.google.gson.FieldAttributes for testing purposes + +package com.google.gson; + +import java.lang.annotation.Annotation; +import java.lang.reflect.Field; +import java.lang.reflect.Type; +import java.util.Collection; + +public class FieldAttributes +{ + protected FieldAttributes() {} + public T getAnnotation(java.lang.Class p0){ return null; } + public Class getDeclaredClass(){ return null; } + public Class getDeclaringClass(){ return null; } + public Collection getAnnotations(){ return null; } + public FieldAttributes(Field p0){} + public String getName(){ return null; } + public String toString(){ return null; } + public Type getDeclaredType(){ return null; } + public boolean hasModifier(int p0){ return false; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java new file mode 100644 index 00000000000..465703ae28a --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingPolicy for testing purposes + +package com.google.gson; + + +public enum FieldNamingPolicy { + IDENTITY, LOWER_CASE_WITH_DASHES, LOWER_CASE_WITH_DOTS, LOWER_CASE_WITH_UNDERSCORES, UPPER_CAMEL_CASE, UPPER_CAMEL_CASE_WITH_SPACES, UPPER_CASE_WITH_UNDERSCORES; + + private FieldNamingPolicy() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java new file mode 100644 index 00000000000..bb3ad76d598 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingStrategy for testing purposes + +package com.google.gson; + +import java.lang.reflect.Field; + +public interface FieldNamingStrategy +{ + String translateName(Field p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java index a269763665b..61c29245d15 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java @@ -1,38 +1,53 @@ +// Generated automatically from com.google.gson.Gson for testing purposes + package com.google.gson; -import java.lang.reflect.Type; -import java.io.Reader; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonElement; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.internal.Excluder; +import com.google.gson.reflect.TypeToken; import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; -public final class Gson { - public Gson() { - } - - public String toJson(Object src) { - return null; - } - - public String toJson(Object src, Type typeOfSrc) { - return null; - } - - public T fromJson(String json, Class classOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(String json, Type typeOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(Reader json, Class classOfT) throws JsonSyntaxException, JsonIOException { - return null; - } - - public T fromJson(Reader json, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } - - public T fromJson(JsonReader reader, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } +public class Gson +{ + public T fromJson(JsonElement p0, Type p1){ return null; } + public T fromJson(JsonElement p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(JsonElement p0, java.lang.Class p1){ return null; } + public T fromJson(JsonReader p0, Type p1){ return null; } + public T fromJson(JsonReader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, Type p1){ return null; } + public T fromJson(Reader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, java.lang.Class p1){ return null; } + public T fromJson(String p0, Type p1){ return null; } + public T fromJson(String p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(String p0, java.lang.Class p1){ return null; } + public com.google.gson.TypeAdapter getAdapter(com.google.gson.reflect.TypeToken p0){ return null; } + public com.google.gson.TypeAdapter getAdapter(java.lang.Class p0){ return null; } + public com.google.gson.TypeAdapter getDelegateAdapter(TypeAdapterFactory p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder excluder(){ return null; } + public FieldNamingStrategy fieldNamingStrategy(){ return null; } + public Gson(){} + public GsonBuilder newBuilder(){ return null; } + public JsonElement toJsonTree(Object p0){ return null; } + public JsonElement toJsonTree(Object p0, Type p1){ return null; } + public JsonReader newJsonReader(Reader p0){ return null; } + public JsonWriter newJsonWriter(Writer p0){ return null; } + public String toJson(JsonElement p0){ return null; } + public String toJson(Object p0){ return null; } + public String toJson(Object p0, Type p1){ return null; } + public String toString(){ return null; } + public boolean htmlSafe(){ return false; } + public boolean serializeNulls(){ return false; } + public void toJson(JsonElement p0, Appendable p1){} + public void toJson(JsonElement p0, JsonWriter p1){} + public void toJson(Object p0, Appendable p1){} + public void toJson(Object p0, Type p1, Appendable p2){} + public void toJson(Object p0, Type p1, JsonWriter p2){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java index 3853cb40356..33d656b7bd7 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java @@ -1,99 +1,46 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.GsonBuilder for testing purposes package com.google.gson; +import com.google.gson.ExclusionStrategy; +import com.google.gson.FieldNamingPolicy; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.Gson; +import com.google.gson.LongSerializationPolicy; +import com.google.gson.ReflectionAccessFilter; +import com.google.gson.ToNumberStrategy; +import com.google.gson.TypeAdapterFactory; import java.lang.reflect.Type; -public final class GsonBuilder { - /** - * Creates a GsonBuilder instance that can be used to build Gson with various configuration - * settings. GsonBuilder follows the builder pattern, and it is typically used by first - * invoking various configuration methods to set desired options, and finally calling - * {@link #create()}. - */ - public GsonBuilder() { - } - - /** - * Constructs a GsonBuilder instance from a Gson instance. The newly constructed GsonBuilder - * has the same configuration as the previously built Gson instance. - * - * @param gson the gson instance whose configuration should by applied to a new GsonBuilder. - */ - GsonBuilder(Gson gson) { - } - - /** - * Configures Gson for custom serialization or deserialization. This method combines the - * registration of an {@link TypeAdapter}, {@link InstanceCreator}, {@link JsonSerializer}, and a - * {@link JsonDeserializer}. It is best used when a single object {@code typeAdapter} implements - * all the required interfaces for custom serialization with Gson. If a type adapter was - * previously registered for the specified {@code type}, it is overwritten. - * - *

This registers the type specified and no other types: you must manually register related - * types! For example, applications registering {@code boolean.class} should also register {@code - * Boolean.class}. - * - * @param type the type definition for the type adapter being registered - * @param typeAdapter This object must implement at least one of the {@link TypeAdapter}, - * {@link InstanceCreator}, {@link JsonSerializer}, and a {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - */ - public GsonBuilder registerTypeAdapter(Type type, Object typeAdapter) { - return null; - } - - /** - * Register a factory for type adapters. Registering a factory is useful when the type - * adapter needs to be configured based on the type of the field being processed. Gson - * is designed to handle a large number of factories, so you should consider registering - * them to be at par with registering an individual type adapter. - * - * @since 2.1 - */ - public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory factory) { - return null; - } - - /** - * Configures Gson for custom serialization or deserialization for an inheritance type hierarchy. - * This method combines the registration of a {@link TypeAdapter}, {@link JsonSerializer} and - * a {@link JsonDeserializer}. If a type adapter was previously registered for the specified - * type hierarchy, it is overridden. If a type adapter is registered for a specific type in - * the type hierarchy, it will be invoked instead of the one registered for the type hierarchy. - * - * @param baseType the class definition for the type adapter being registered for the base class - * or interface - * @param typeAdapter This object must implement at least one of {@link TypeAdapter}, - * {@link JsonSerializer} or {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - * @since 1.7 - */ - public GsonBuilder registerTypeHierarchyAdapter(Class baseType, Object typeAdapter) { - return null; - } - - /** - * Creates a {@link Gson} instance based on the current configuration. This method is free of - * side-effects to this {@code GsonBuilder} instance and hence can be called multiple times. - * - * @return an instance of Gson configured with the options currently set in this builder - */ - public Gson create() { - return null; - } -} \ No newline at end of file +public class GsonBuilder +{ + public Gson create(){ return null; } + public GsonBuilder addDeserializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder addReflectionAccessFilter(ReflectionAccessFilter p0){ return null; } + public GsonBuilder addSerializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder disableHtmlEscaping(){ return null; } + public GsonBuilder disableInnerClassSerialization(){ return null; } + public GsonBuilder disableJdkUnsafe(){ return null; } + public GsonBuilder enableComplexMapKeySerialization(){ return null; } + public GsonBuilder excludeFieldsWithModifiers(int... p0){ return null; } + public GsonBuilder excludeFieldsWithoutExposeAnnotation(){ return null; } + public GsonBuilder generateNonExecutableJson(){ return null; } + public GsonBuilder registerTypeAdapter(Type p0, Object p1){ return null; } + public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory p0){ return null; } + public GsonBuilder registerTypeHierarchyAdapter(Class p0, Object p1){ return null; } + public GsonBuilder serializeNulls(){ return null; } + public GsonBuilder serializeSpecialFloatingPointValues(){ return null; } + public GsonBuilder setDateFormat(String p0){ return null; } + public GsonBuilder setDateFormat(int p0){ return null; } + public GsonBuilder setDateFormat(int p0, int p1){ return null; } + public GsonBuilder setExclusionStrategies(ExclusionStrategy... p0){ return null; } + public GsonBuilder setFieldNamingPolicy(FieldNamingPolicy p0){ return null; } + public GsonBuilder setFieldNamingStrategy(FieldNamingStrategy p0){ return null; } + public GsonBuilder setLenient(){ return null; } + public GsonBuilder setLongSerializationPolicy(LongSerializationPolicy p0){ return null; } + public GsonBuilder setNumberToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setObjectToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setPrettyPrinting(){ return null; } + public GsonBuilder setVersion(double p0){ return null; } + public GsonBuilder(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java new file mode 100644 index 00000000000..c4fbae6bc1f --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java @@ -0,0 +1,45 @@ +// Generated automatically from com.google.gson.JsonArray for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Iterator; +import java.util.List; + +public class JsonArray extends JsonElement implements Iterable +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public Iterator iterator(){ return null; } + public JsonArray deepCopy(){ return null; } + public JsonArray(){} + public JsonArray(int p0){} + public JsonElement get(int p0){ return null; } + public JsonElement remove(int p0){ return null; } + public JsonElement set(int p0, JsonElement p1){ return null; } + public List asList(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean contains(JsonElement p0){ return false; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isEmpty(){ return false; } + public boolean remove(JsonElement p0){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } + public void add(Boolean p0){} + public void add(Character p0){} + public void add(JsonElement p0){} + public void add(Number p0){} + public void add(String p0){} + public void addAll(JsonArray p0){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java new file mode 100644 index 00000000000..592fce2b672 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java @@ -0,0 +1,37 @@ +// Generated automatically from com.google.gson.JsonElement for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonNull; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import java.math.BigDecimal; +import java.math.BigInteger; + +abstract public class JsonElement +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonArray getAsJsonArray(){ return null; } + public JsonElement(){} + public JsonNull getAsJsonNull(){ return null; } + public JsonObject getAsJsonObject(){ return null; } + public JsonPrimitive getAsJsonPrimitive(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public String toString(){ return null; } + public abstract JsonElement deepCopy(); + public boolean getAsBoolean(){ return false; } + public boolean isJsonArray(){ return false; } + public boolean isJsonNull(){ return false; } + public boolean isJsonObject(){ return false; } + public boolean isJsonPrimitive(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java new file mode 100644 index 00000000000..e38275991eb --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java @@ -0,0 +1,14 @@ +// Generated automatically from com.google.gson.JsonNull for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public class JsonNull extends JsonElement +{ + public JsonNull deepCopy(){ return null; } + public JsonNull(){} + public boolean equals(Object p0){ return false; } + public int hashCode(){ return 0; } + public static JsonNull INSTANCE = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java new file mode 100644 index 00000000000..a37b5455b51 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java @@ -0,0 +1,33 @@ +// Generated automatically from com.google.gson.JsonObject for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonPrimitive; +import java.util.Map; +import java.util.Set; + +public class JsonObject extends JsonElement +{ + public JsonArray getAsJsonArray(String p0){ return null; } + public JsonElement get(String p0){ return null; } + public JsonElement remove(String p0){ return null; } + public JsonObject deepCopy(){ return null; } + public JsonObject getAsJsonObject(String p0){ return null; } + public JsonObject(){} + public JsonPrimitive getAsJsonPrimitive(String p0){ return null; } + public Map asMap(){ return null; } + public Set> entrySet(){ return null; } + public Set keySet(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean has(String p0){ return false; } + public boolean isEmpty(){ return false; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public void add(String p0, JsonElement p1){} + public void addProperty(String p0, Boolean p1){} + public void addProperty(String p0, Character p1){} + public void addProperty(String p0, Number p1){} + public void addProperty(String p0, String p1){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java new file mode 100644 index 00000000000..21ec07c4246 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java @@ -0,0 +1,34 @@ +// Generated automatically from com.google.gson.JsonPrimitive for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; + +public class JsonPrimitive extends JsonElement +{ + protected JsonPrimitive() {} + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonPrimitive deepCopy(){ return null; } + public JsonPrimitive(Boolean p0){} + public JsonPrimitive(Character p0){} + public JsonPrimitive(Number p0){} + public JsonPrimitive(String p0){} + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isBoolean(){ return false; } + public boolean isNumber(){ return false; } + public boolean isString(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java new file mode 100644 index 00000000000..0452deec4b9 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java @@ -0,0 +1,24 @@ +// Generated automatically from com.google.gson.LongSerializationPolicy for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public enum LongSerializationPolicy { + DEFAULT { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }, + STRING { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }; + + private LongSerializationPolicy() {} + + public abstract JsonElement serialize(Long p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java new file mode 100644 index 00000000000..ff91f103f62 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java @@ -0,0 +1,18 @@ +// Generated automatically from com.google.gson.ReflectionAccessFilter for testing purposes + +package com.google.gson; + + +public interface ReflectionAccessFilter +{ + ReflectionAccessFilter.FilterResult check(Class p0); + static ReflectionAccessFilter BLOCK_ALL_ANDROID = null; + static ReflectionAccessFilter BLOCK_ALL_JAVA = null; + static ReflectionAccessFilter BLOCK_ALL_PLATFORM = null; + static ReflectionAccessFilter BLOCK_INACCESSIBLE_JAVA = null; + static public enum FilterResult + { + ALLOW, BLOCK_ALL, BLOCK_INACCESSIBLE, INDECISIVE; + private FilterResult() {} + } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java new file mode 100644 index 00000000000..1c6ccb23111 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.ToNumberStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.stream.JsonReader; + +public interface ToNumberStrategy +{ + Number readNumber(JsonReader p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java index 73e6ef993b7..cdd0d1185b1 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java @@ -1,130 +1,23 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapter for testing purposes package com.google.gson; +import com.google.gson.JsonElement; import com.google.gson.stream.JsonReader; -import java.io.IOException; +import com.google.gson.stream.JsonWriter; import java.io.Reader; import java.io.Writer; -public abstract class TypeAdapter { - /** - * Converts {@code value} to a JSON document and writes it to {@code out}. - * Unlike Gson's similar {@link Gson#toJson(JsonElement, Appendable) toJson} - * method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final void toJson(Writer out, T value) throws IOException { - } - - /** - * This wrapper method is used to make a type adapter null tolerant. In general, a - * type adapter is required to handle nulls in write and read methods. Here is how this - * is typically done:
- * 

   {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       if (in.peek() == JsonToken.NULL) {
-   *         in.nextNull();
-   *         return null;
-   *       }
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       if (src == null) {
-   *         out.nullValue();
-   *         return;
-   *       }
-   *       // write src as JSON to out
-   *     }
-   *   }).create();
-   * }
- * You can avoid this boilerplate handling of nulls by wrapping your type adapter with - * this method. Here is how we will rewrite the above example: - * 
   {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       // write src as JSON to out
-   *     }
-   *   }.nullSafe()).create();
-   * }
- * Note that we didn't need to check for nulls in our type adapter after we used nullSafe. - */ - public final TypeAdapter nullSafe() { - return null; - } - - /** - * Converts {@code value} to a JSON document. Unlike Gson's similar {@link - * Gson#toJson(Object) toJson} method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final String toJson(T value) { - return null; - } - - /** - * Reads one JSON value (an array, object, string, number, boolean or null) - * and converts it to a Java object. Returns the converted object. - * - * @return the converted Java object. May be null. - */ - public abstract T read(JsonReader in) throws IOException; - - /** - * Converts the JSON document in {@code in} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(java.io.Reader, Class) fromJson} method, this - * read is strict. Create a {@link JsonReader#setLenient(boolean) lenient} - * {@code JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(Reader in) throws IOException { - return null; - } - - /** - * Converts the JSON document in {@code json} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(String, Class) fromJson} method, this read is - * strict. Create a {@link JsonReader#setLenient(boolean) lenient} {@code - * JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(String json) throws IOException { - return null; - } +abstract public class TypeAdapter +{ + public TypeAdapter(){} + public abstract T read(JsonReader p0); + public abstract void write(JsonWriter p0, T p1); + public final JsonElement toJsonTree(T p0){ return null; } + public final String toJson(T p0){ return null; } + public final T fromJson(Reader p0){ return null; } + public final T fromJson(String p0){ return null; } + public final T fromJsonTree(JsonElement p0){ return null; } + public final TypeAdapter nullSafe(){ return null; } + public final void toJson(Writer p0, T p1){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java index d6cc8133712..6b3728f38b0 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java @@ -1,28 +1,12 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapterFactory for testing purposes package com.google.gson; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; import com.google.gson.reflect.TypeToken; -public interface TypeAdapterFactory { - - /** - * Returns a type adapter for {@code type}, or null if this factory doesn't - * support {@code type}. - */ - TypeAdapter create(Gson gson, TypeToken type); -} \ No newline at end of file +public interface TypeAdapterFactory +{ + com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java new file mode 100644 index 00000000000..dc05b0477c5 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java @@ -0,0 +1,25 @@ +// Generated automatically from com.google.gson.internal.Excluder for testing purposes + +package com.google.gson.internal; + +import com.google.gson.ExclusionStrategy; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.reflect.TypeToken; +import java.lang.reflect.Field; + +public class Excluder implements Cloneable, TypeAdapterFactory +{ + protected Excluder clone(){ return null; } + public com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder disableInnerClassSerialization(){ return null; } + public Excluder excludeFieldsWithoutExposeAnnotation(){ return null; } + public Excluder withExclusionStrategy(ExclusionStrategy p0, boolean p1, boolean p2){ return null; } + public Excluder withModifiers(int... p0){ return null; } + public Excluder withVersion(double p0){ return null; } + public Excluder(){} + public boolean excludeClass(Class p0, boolean p1){ return false; } + public boolean excludeField(Field p0, boolean p1){ return false; } + public static Excluder DEFAULT = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java index a35b2a45b85..ac3b84cb258 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java @@ -1,50 +1,22 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.reflect.TypeToken for testing purposes package com.google.gson.reflect; -/** - * Represents a generic type {@code T}. Java doesn't yet provide a way to - * represent generic types, so this class does. Forces clients to create a - * subclass of this class which enables retrieval the type information even at - * runtime. - * - *

For example, to create a type literal for {@code List}, you can - * create an empty anonymous inner class: - * - *

- * {@code TypeToken> list = new TypeToken>() {};} - * - *

This syntax cannot be used to create type literals that have wildcard - * parameters, such as {@code Class} or {@code List}. - * - * @author Bob Lee - * @author Sven Mawson - * @author Jesse Wilson - */ -public class TypeToken { +import java.lang.reflect.Type; - /** - * Constructs a new type literal. Derives represented class from type - * parameter. - * - *

Clients create an empty anonymous subclass. Doing so embeds the type - * parameter in the anonymous class's type hierarchy so we can reconstitute it - * at runtime despite erasure. - */ - protected TypeToken() { - } -} \ No newline at end of file +public class TypeToken +{ + protected TypeToken(){} + public boolean isAssignableFrom(Class p0){ return false; } + public boolean isAssignableFrom(Type p0){ return false; } + public boolean isAssignableFrom(TypeToken p0){ return false; } + public final String toString(){ return null; } + public final Type getType(){ return null; } + public final boolean equals(Object p0){ return false; } + public final int hashCode(){ return 0; } + public final java.lang.Class getRawType(){ return null; } + public static com.google.gson.reflect.TypeToken get(java.lang.Class p0){ return null; } + public static TypeToken get(Type p0){ return null; } + public static TypeToken getArray(Type p0){ return null; } + public static TypeToken getParameterized(Type p0, Type... p1){ return null; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java index 5d0d2ad112f..677d58d8cd8 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java @@ -1,66 +1,33 @@ +// Generated automatically from com.google.gson.stream.JsonReader for testing purposes + package com.google.gson.stream; +import com.google.gson.stream.JsonToken; import java.io.Closeable; -import java.io.IOException; import java.io.Reader; -public class JsonReader implements Closeable { - public JsonReader(Reader in) { - } - - public final void setLenient(boolean lenient) { - } - - public final boolean isLenient() { - return false; - } - - public void beginArray() throws IOException { - } - - public void endArray() throws IOException { - } - - public void beginObject() throws IOException { - } - - public void endObject() throws IOException { - } - - public boolean hasNext() throws IOException { - return false; - } - - public String nextName() throws IOException { - return null; - } - - public String nextString() throws IOException { - return null; - } - - public boolean nextBoolean() throws IOException { - return false; - } - - public void nextNull() throws IOException { - } - - public double nextDouble() throws IOException { - return -1; - } - - public long nextLong() throws IOException { - return -1; - } - - public int nextInt() throws IOException { - return -1; - } - - public void close() throws IOException { - } - - public void skipValue() throws IOException { - } -} \ No newline at end of file +public class JsonReader implements Closeable +{ + protected JsonReader() {} + public JsonReader(Reader p0){} + public JsonToken peek(){ return null; } + public String getPath(){ return null; } + public String getPreviousPath(){ return null; } + public String nextName(){ return null; } + public String nextString(){ return null; } + public String toString(){ return null; } + public boolean hasNext(){ return false; } + public boolean nextBoolean(){ return false; } + public double nextDouble(){ return 0; } + public final boolean isLenient(){ return false; } + public final void setLenient(boolean p0){} + public int nextInt(){ return 0; } + public long nextLong(){ return 0; } + public void beginArray(){} + public void beginObject(){} + public void close(){} + public void endArray(){} + public void endObject(){} + public void nextNull(){} + public void skipValue(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java new file mode 100644 index 00000000000..fbb2e7ac463 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.stream.JsonToken for testing purposes + +package com.google.gson.stream; + + +public enum JsonToken +{ + BEGIN_ARRAY, BEGIN_OBJECT, BOOLEAN, END_ARRAY, END_DOCUMENT, END_OBJECT, NAME, NULL, NUMBER, STRING; + private JsonToken() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java new file mode 100644 index 00000000000..282343f0bed --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java @@ -0,0 +1,36 @@ +// Generated automatically from com.google.gson.stream.JsonWriter for testing purposes + +package com.google.gson.stream; + +import java.io.Closeable; +import java.io.Flushable; +import java.io.Writer; + +public class JsonWriter implements Closeable, Flushable +{ + protected JsonWriter() {} + public JsonWriter beginArray(){ return null; } + public JsonWriter beginObject(){ return null; } + public JsonWriter endArray(){ return null; } + public JsonWriter endObject(){ return null; } + public JsonWriter jsonValue(String p0){ return null; } + public JsonWriter name(String p0){ return null; } + public JsonWriter nullValue(){ return null; } + public JsonWriter value(Boolean p0){ return null; } + public JsonWriter value(Number p0){ return null; } + public JsonWriter value(String p0){ return null; } + public JsonWriter value(boolean p0){ return null; } + public JsonWriter value(double p0){ return null; } + public JsonWriter value(float p0){ return null; } + public JsonWriter value(long p0){ return null; } + public JsonWriter(Writer p0){} + public boolean isLenient(){ return false; } + public final boolean getSerializeNulls(){ return false; } + public final boolean isHtmlSafe(){ return false; } + public final void setHtmlSafe(boolean p0){} + public final void setIndent(String p0){} + public final void setLenient(boolean p0){} + public final void setSerializeNulls(boolean p0){} + public void close(){} + public void flush(){} +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java new file mode 100644 index 00000000000..1b8377af641 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java @@ -0,0 +1,131 @@ +// Generated automatically from play.api.mvc.Cookie for testing purposes + +package play.api.mvc; + +import play.mvc.Http; + +public class Cookie { + protected Cookie() {} + + abstract static public class SameSite { + protected SameSite() {} + + public Http.Cookie.SameSite asJava() { + return null; + } + + public SameSite(String p0) {} + + public String value() { + return null; + } + + public boolean play$api$mvc$Cookie$SameSite$$matches(String p0) { + return false; + } + } + + public Http.Cookie asJava() { + return null; + } + + public Object productElement(int p0) { + return null; + } + + public String copy$default$1() { + return null; + } + + public String copy$default$2() { + return null; + } + + public String copy$default$4() { + return null; + } + + public String name() { + return null; + } + + public String path() { + return null; + } + + public String productPrefix() { + return null; + } + + public String toString() { + return null; + } + + public String value() { + return null; + } + + public boolean canEqual(Object p0) { + return false; + } + + public boolean copy$default$6() { + return false; + } + + public boolean copy$default$7() { + return false; + } + + public boolean equals(Object p0) { + return false; + } + + public boolean httpOnly() { + return false; + } + + public boolean secure() { + return false; + } + + public int hashCode() { + return 0; + } + + public int productArity() { + return 0; + } + + public static String $lessinit$greater$default$4() { + return null; + } + + public static String apply$default$4() { + return null; + } + + public static boolean $lessinit$greater$default$6() { + return false; + } + + public static boolean $lessinit$greater$default$7() { + return false; + } + + public static boolean apply$default$6() { + return false; + } + + public static boolean apply$default$7() { + return false; + } + + public static int DiscardedMaxAge() { + return 0; + } + + public static play.api.mvc.Cookie validatePrefix(play.api.mvc.Cookie p0) { + return null; + } +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java new file mode 100644 index 00000000000..5a75fc16132 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class StandaloneWSClient { + + public StandaloneWSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java new file mode 100644 index 00000000000..2266d2cc24a --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class StandaloneWSRequest { + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java new file mode 100644 index 00000000000..22b3546dddf --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class WSClient { + + public WSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java new file mode 100644 index 00000000000..8dbd4521b06 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class WSRequest { + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java index 99e22cb5987..b4668362e6c 100644 --- a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java +++ b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java @@ -1,5 +1,6 @@ package play.mvc; +import akka.util.ByteString; import com.fasterxml.jackson.databind.JsonNode; import java.io.File; import java.net.URI; @@ -32,24 +33,12 @@ public class Http { public Context(Request request, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Map sessionData, - Map flashData, - Map args, + public Context(Long id, play.api.mvc.RequestHeader header, Request request, + Map sessionData, Map flashData, Map args, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Response response, - Session session, - Flash flash, - Map args, - JavaContextComponents components) {} + public Context(Long id, play.api.mvc.RequestHeader header, Request request, Response response, + Session session, Flash flash, Map args, JavaContextComponents components) {} public Long id() { return 0L; @@ -328,8 +317,8 @@ public class Http { return null; } - public RequestBuilder bodyMultipart( - List data, Files.TemporaryFileCreator temporaryFileCreator, String mat) { + public RequestBuilder bodyMultipart(List data, + Files.TemporaryFileCreator temporaryFileCreator, String mat) { return null; } @@ -536,6 +525,10 @@ public class Http { public abstract static class RawBuffer { + public abstract ByteString asBytes(); + + public abstract ByteString asBytes(int maxLength); + public abstract Long size(); public abstract File asFile(); @@ -559,7 +552,8 @@ public class Http { } } - public interface Part {} + public interface Part { + } public static class FilePart implements Part { @@ -577,9 +571,17 @@ public class Http { return ""; } + public String getDispositionType() { + return ""; + } + public A getFile() { return null; } + + public A getRef() { + return null; + } } public static class DataPart { @@ -608,6 +610,10 @@ public class Http { public RequestBody(Object body) {} + public ByteString asBytes() { + return null; + } + public MultipartFormData asMultipartFormData() { return null; } @@ -640,6 +646,10 @@ public class Http { return null; } + public Optional parseJson(Class clazz) { + return null; + } + public String toString() { return ""; } @@ -657,15 +667,8 @@ public class Http { public void setContentType(String contentType) {} @Deprecated - public void setCookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public void setCookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} public void setCookie(Cookie cookie) {} @@ -734,25 +737,12 @@ public class Http { public static class Cookie { - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} @Deprecated - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly) {} public static CookieBuilder builder(String name, String value) { return null; @@ -791,9 +781,7 @@ public class Http { } public enum SameSite { - STRICT("Strict"), - LAX("Lax"), - NONE("None"); + STRICT("Strict"), LAX("Lax"), NONE("None"); SameSite(String value) {} @@ -856,6 +844,8 @@ public class Http { public interface Cookies extends Iterable { Cookie get(String name); + + Optional getCookie(String name); } public interface HeaderNames { diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index b0c363c1b4a..799a1a37dd4 100644 --- a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,5 +1,5 @@ -| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];create-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];read-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];create-file;df-generated | -| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];open-url;df-generated | -| p;Sources;true;readUrl;(URL);;Argument[0];open-url;df-generated | +| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];path-injection;df-generated | +| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];request-forgery;df-generated | +| p;Sources;true;readUrl;(URL);;Argument[0];request-forgery;df-generated | diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 24e199a69d7..3ac3bc23481 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. + ## 0.6.1 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md new file mode 100644 index 00000000000..9d215924623 --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `command-line-injection` to `command-injection` + * `credentials[kind]` to `credentials-kind` diff --git a/javascript/ql/lib/change-notes/2023-04-03-gh-injection.md b/javascript/ql/lib/change-notes/released/0.6.2.md similarity index 85% rename from javascript/ql/lib/change-notes/2023-04-03-gh-injection.md rename to javascript/ql/lib/change-notes/released/0.6.2.md index 63e913eb694..f97f6633c49 100644 --- a/javascript/ql/lib/change-notes/2023-04-03-gh-injection.md +++ b/javascript/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. \ No newline at end of file +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 4b0fa8d4ffb..52962f549b0 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.6.2-dev +version: 0.6.3-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll b/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll index 21ecbc6d001..c1685f11cf4 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll @@ -46,7 +46,7 @@ module CredentialsExpr { private class CredentialsFromModel extends CredentialsNode { string kind; - CredentialsFromModel() { this = ModelOutput::getASinkNode("credentials[" + kind + "]").asSink() } + CredentialsFromModel() { this = ModelOutput::getASinkNode("credentials-" + kind).asSink() } override string getCredentialsKind() { result = CredentialsExpr::normalizeKind(kind) } } diff --git a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json index 88568283605..62ad94b9ea0 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json +++ b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json @@ -19,10 +19,10 @@ "sequelize.Sequelize;Member[query].Argument[0].Member[query];sql-injection", "sequelize.Sequelize;Member[query].Argument[0];sql-injection", "sequelize.SequelizeStaticAndInstance;Member[asIs,literal].Argument[0];sql-injection", - "sequelize;Argument[0..].Member[password];credentials[password]", - "sequelize;Argument[0..].Member[username];credentials[username]", - "sequelize;Argument[1];credentials[username]", - "sequelize;Argument[2];credentials[password]" + "sequelize;Argument[0..].Member[password];credentials-password", + "sequelize;Argument[0..].Member[username];credentials-username", + "sequelize;Argument[1];credentials-username", + "sequelize;Argument[2];credentials-password" ], "typeDefinitions": [ "sequelize.Sequelize;sequelize-typescript.Sequelize;" diff --git a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml index 41a97e63a76..b25152b3764 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml +++ b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml @@ -1,17 +1,17 @@ extensions: - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: sinkModel data: - [sequelize.Sequelize, "Member[query].Argument[0].Member[query]", "sql-injection"] - [sequelize.Sequelize, "Member[query].Argument[0]", "sql-injection"] - [sequelize.SequelizeStaticAndInstance, "Member[asIs,literal].Argument[0]", "sql-injection"] - - [sequelize, "Argument[0..].Member[password]", "credentials[password]"] - - [sequelize, "Argument[0..].Member[username]", "credentials[username]"] - - [sequelize, "Argument[1]", "credentials[username]"] - - [sequelize, "Argument[2]", "credentials[password]"] + - [sequelize, "Argument[0..].Member[password]", "credentials-password"] + - [sequelize, "Argument[0..].Member[username]", "credentials-username"] + - [sequelize, "Argument[1]", "credentials-username"] + - [sequelize, "Argument[2]", "credentials-password"] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: typeModel data: @@ -264,7 +264,7 @@ extensions: - [sequelize.ThroughOptions, sequelize.AssociationOptionsBelongsToMany, "Member[through]"] - [sequelize.Utils, sequelize.SequelizeStaticAndInstance, "Member[Utils]"] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: summaryModel data: @@ -274,7 +274,7 @@ extensions: - [sequelize.Model, "", "", "Member[schema,scope,unscoped].ReturnValue", type] - [sequelize.Model, "", "", "Member[sync].ReturnValue.Awaited", type] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: typeVariableModel data: diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll index fee201c1d05..8581a5b0cb0 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll @@ -49,6 +49,6 @@ module CommandInjection { } private class SinkFromModel extends Sink { - SinkFromModel() { this = ModelOutput::getASinkNode("command-line-injection").asSink() } + SinkFromModel() { this = ModelOutput::getASinkNode("command-injection").asSink() } } } diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index d0933ef06cf..eb914577876 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,23 @@ +## 0.6.2 + +### Major Analysis Improvements + +* Added taint sources from the `@actions/core` and `@actions/github` packages. +* Added command-injection sinks from the `@actions/exec` package. + +### Minor Analysis Improvements + +* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. +* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except + when it is used with an unsafe schema. +* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, + SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. + +### Bug Fixes + +* Fixed a spurious diagnostic warning about comments in JSON files being illegal. + Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. + ## 0.6.1 ### Minor Analysis Improvements diff --git a/javascript/ql/src/Performance/ReDoS.qhelp b/javascript/ql/src/Performance/ReDoS.qhelp index 21b937b17ef..c152d646201 100644 --- a/javascript/ql/src/Performance/ReDoS.qhelp +++ b/javascript/ql/src/Performance/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

- /^_(__|.)+_$/ - +/^_(__|.)+_$/

Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two @@ -25,8 +24,7 @@ the two branches of the alternative inside the repetition:

- /^_(__|[^_])+_$/ - +/^_(__|[^_])+_$/ diff --git a/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md b/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md deleted file mode 100644 index 1d2bfc9a8f9..00000000000 --- a/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, - SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. \ No newline at end of file diff --git a/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md b/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md deleted file mode 100644 index 02b044ee47a..00000000000 --- a/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except - when it is used with an unsafe schema. diff --git a/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md b/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md deleted file mode 100644 index 3ce9949a39a..00000000000 --- a/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- -* Fixed a spurious diagnostic warning about comments in JSON files being illegal. - Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. diff --git a/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md b/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md deleted file mode 100644 index a9cf1339421..00000000000 --- a/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis ---- -* Added taint sources from the `@actions/core` and `@actions/github` packages. -* Added command-injection sinks from the `@actions/exec` package. diff --git a/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md b/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md deleted file mode 100644 index 556e9976152..00000000000 --- a/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. diff --git a/javascript/ql/src/change-notes/released/0.6.2.md b/javascript/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..777dd69688e --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,19 @@ +## 0.6.2 + +### Major Analysis Improvements + +* Added taint sources from the `@actions/core` and `@actions/github` packages. +* Added command-injection sinks from the `@actions/exec` package. + +### Minor Analysis Improvements + +* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. +* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except + when it is used with an unsafe schema. +* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, + SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. + +### Bug Fixes + +* Fixed a spurious diagnostic warning about comments in JSON files being illegal. + Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 2c62c9e75d5..10e071e417c 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - javascript - queries diff --git a/javascript/ql/test/library-tests/DataExtensions/execa.model.yml b/javascript/ql/test/library-tests/DataExtensions/execa.model.yml index 2516e1a7be8..f7e0f70c0bc 100644 --- a/javascript/ql/test/library-tests/DataExtensions/execa.model.yml +++ b/javascript/ql/test/library-tests/DataExtensions/execa.model.yml @@ -6,5 +6,5 @@ extensions: - [ "@example/execa", "Member[shell].Argument[0]", - "command-line-injection", + "command-injection", ] diff --git a/misc/codegen/generators/qlgen.py b/misc/codegen/generators/qlgen.py index 7affea51828..891533383d3 100755 --- a/misc/codegen/generators/qlgen.py +++ b/misc/codegen/generators/qlgen.py @@ -102,7 +102,7 @@ def _get_doc(cls: schema.Class, prop: schema.Property, plural=None): return f"{prop_name} of this {class_name}" -def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = "") -> ql.Property: +def get_ql_property(cls: schema.Class, prop: schema.Property, lookup: typing.Dict[str, schema.Class], prev_child: str = "") -> ql.Property: args = dict( type=prop.type if not prop.is_predicate else "predicate", qltest_skip="qltest_skip" in prop.pragmas, @@ -110,7 +110,8 @@ def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = is_optional=prop.is_optional, is_predicate=prop.is_predicate, is_unordered=prop.is_unordered, - description=prop.description + description=prop.description, + type_is_hideable=lookup[prop.type].hideable if prop.type in lookup else False, ) if prop.is_single: args.update( @@ -147,12 +148,12 @@ def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = return ql.Property(**args) -def get_ql_class(cls: schema.Class) -> ql.Class: +def get_ql_class(cls: schema.Class, lookup: typing.Dict[str, schema.Class]) -> ql.Class: pragmas = {k: True for k in cls.pragmas if k.startswith("ql")} prev_child = "" properties = [] for p in cls.properties: - prop = get_ql_property(cls, p, prev_child) + prop = get_ql_property(cls, p, lookup, prev_child) if prop.is_child: prev_child = prop.singular properties.append(prop) @@ -164,6 +165,7 @@ def get_ql_class(cls: schema.Class) -> ql.Class: dir=pathlib.Path(cls.group or ""), ipa=bool(cls.ipa), doc=cls.doc, + hideable=cls.hideable, **pragmas, ) @@ -254,7 +256,7 @@ def _get_all_properties_to_be_tested(cls: schema.Class, lookup: typing.Dict[str, for c, p in _get_all_properties(cls, lookup): if not ("qltest_skip" in c.pragmas or "qltest_skip" in p.pragmas): # TODO here operations are duplicated, but should be better if we split ql and qltest generation - p = get_ql_property(c, p) + p = get_ql_property(c, p, lookup) yield ql.PropertyForTest(p.getter, is_total=p.is_single or p.is_predicate, type=p.type if not p.is_predicate else None, is_indexed=p.is_indexed) if p.is_repeated and not p.is_optional: @@ -329,7 +331,7 @@ def generate(opts, renderer): data = schemaloader.load_file(input) - classes = {name: get_ql_class(cls) for name, cls in data.classes.items()} + classes = {name: get_ql_class(cls, data.classes) for name, cls in data.classes.items()} if not classes: raise NoClasses root = next(iter(classes.values())) diff --git a/misc/codegen/lib/ql.py b/misc/codegen/lib/ql.py index 97165053fd0..57a74f1f9d3 100644 --- a/misc/codegen/lib/ql.py +++ b/misc/codegen/lib/ql.py @@ -42,6 +42,7 @@ class Property: description: List[str] = field(default_factory=list) doc: Optional[str] = None doc_plural: Optional[str] = None + type_is_hideable: bool = False def __post_init__(self): if self.tableparams: @@ -113,6 +114,7 @@ class Class: ql_internal: bool = False ipa: bool = False doc: List[str] = field(default_factory=list) + hideable: bool = False def __post_init__(self): self.bases = [Base(str(b), str(prev)) for b, prev in zip(self.bases, itertools.chain([""], self.bases))] diff --git a/misc/codegen/lib/schema.py b/misc/codegen/lib/schema.py index 64a4720093b..023891b6b2d 100644 --- a/misc/codegen/lib/schema.py +++ b/misc/codegen/lib/schema.py @@ -91,6 +91,7 @@ class Class: """^^^ filled with `True` for non-final classes with only synthesized final descendants """ doc: List[str] = field(default_factory=list) default_doc_name: Optional[str] = None + hideable: bool = False @property def final(self): diff --git a/misc/codegen/lib/schemadefs.py b/misc/codegen/lib/schemadefs.py index f3bfd9840dc..3235ace42e7 100644 --- a/misc/codegen/lib/schemadefs.py +++ b/misc/codegen/lib/schemadefs.py @@ -145,6 +145,7 @@ _Pragma("qltest_collapse_hierarchy") _Pragma("qltest_uncollapse_hierarchy") ql.default_doc_name = lambda doc: _annotate(doc_name=doc) +ql.hideable = _annotate(hideable=True) _Pragma("ql_internal") _Pragma("cpp_skip") diff --git a/misc/codegen/loaders/schemaloader.py b/misc/codegen/loaders/schemaloader.py index 5fd392b112d..64f4d03cb57 100644 --- a/misc/codegen/loaders/schemaloader.py +++ b/misc/codegen/loaders/schemaloader.py @@ -37,6 +37,7 @@ def _get_class(cls: type) -> schema.Class: derived={d.__name__ for d in cls.__subclasses__()}, # getattr to inherit from bases group=getattr(cls, "_group", ""), + hideable=getattr(cls, "_hideable", False), # in the following we don't use `getattr` to avoid inheriting pragmas=cls.__dict__.get("_pragmas", []), ipa=cls.__dict__.get("_ipa", None), @@ -94,6 +95,18 @@ def _fill_ipa_information(classes: typing.Dict[str, schema.Class]): cls.ipa = True +def _fill_hideable_information(classes: typing.Dict[str, schema.Class]): + """ Update the class map propagating the `hideable` attribute upwards in the hierarchy """ + todo = [cls for cls in classes.values() if cls.hideable] + while todo: + cls = todo.pop() + for base in cls.bases: + supercls = classes[base] + if not supercls.hideable: + supercls.hideable = True + todo.append(supercls) + + def load(m: types.ModuleType) -> schema.Schema: includes = set() classes = {} @@ -122,6 +135,7 @@ def load(m: types.ModuleType) -> schema.Schema: cls.is_null_class = True _fill_ipa_information(classes) + _fill_hideable_information(classes) return schema.Schema(includes=includes, classes=_toposort_classes_by_group(classes), null=null) diff --git a/misc/codegen/templates/ql_class.mustache b/misc/codegen/templates/ql_class.mustache index 9f72caef392..a22639ee4b6 100644 --- a/misc/codegen/templates/ql_class.mustache +++ b/misc/codegen/templates/ql_class.mustache @@ -60,7 +60,7 @@ module Generated { {{/final}} {{#properties}} - {{#type_is_class}} + {{#type_is_hideable}} /** * {{>ql_property_doc}} * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the @@ -85,11 +85,11 @@ module Generated { */ final {{type}} {{getter}}({{#is_indexed}}int index{{/is_indexed}}) { exists({{type}} immediate | immediate = this.get{{#is_unordered}}An{{/is_unordered}}Immediate{{singular}}({{#is_indexed}}index{{/is_indexed}}) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve()) + {{#hideable}}if exists(this.getResolveStep()) then result = immediate else {{/hideable}}result = immediate.resolve()) } - {{/type_is_class}} - {{^type_is_class}} + {{/type_is_hideable}} + {{^type_is_hideable}} /** * {{>ql_property_doc}} * {{#has_description}} @@ -100,14 +100,14 @@ module Generated { */ {{type}} {{getter}}({{#is_indexed}}int index{{/is_indexed}}) { {{^ipa}} - {{^is_predicate}}result = {{/is_predicate}}Synth::convert{{name}}ToRaw(this){{^root}}.(Raw::{{name}}){{/root}}.{{getter}}({{#is_indexed}}index{{/is_indexed}}) + {{^is_predicate}}result = {{/is_predicate}}{{#type_is_class}}Synth::convert{{type}}FromRaw({{/type_is_class}}Synth::convert{{name}}ToRaw(this){{^root}}.(Raw::{{name}}){{/root}}.{{getter}}({{#is_indexed}}index{{/is_indexed}}){{#type_is_class}}){{/type_is_class}} {{/ipa}} {{#ipa}} none() {{/ipa}} } - {{/type_is_class}} + {{/type_is_hideable}} {{#is_optional}} /** * Holds if `{{getter}}({{#is_repeated}}index{{/is_repeated}})` exists. diff --git a/misc/codegen/templates/ql_parent.mustache b/misc/codegen/templates/ql_parent.mustache index 2c8d7dfc258..d310323e74f 100644 --- a/misc/codegen/templates/ql_parent.mustache +++ b/misc/codegen/templates/ql_parent.mustache @@ -28,7 +28,7 @@ private module Impl { {{! for single and optional properties it adds 1 (regardless of whether the optional property exists) }} {{! for repeated it adds 1 + the maximum index (which works for repeated optional as well) }} and - n{{singular}} = n{{prev_child}} + 1{{#is_repeated}}+ max(int i | i = -1 or exists(e.getImmediate{{singular}}(i)) | i){{/is_repeated}} + n{{singular}} = n{{prev_child}} + 1{{#is_repeated}}+ max(int i | i = -1 or exists(e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}(i)) | i){{/is_repeated}} {{/is_child}} {{/properties}} and ( none() @@ -40,10 +40,10 @@ private module Impl { {{#is_child}} or {{#is_repeated}} - result = e.getImmediate{{singular}}(index - n{{prev_child}}) and partialPredicateCall = "{{singular}}(" + (index - n{{prev_child}}).toString() + ")" + result = e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}(index - n{{prev_child}}) and partialPredicateCall = "{{singular}}(" + (index - n{{prev_child}}).toString() + ")" {{/is_repeated}} {{^is_repeated}} - index = n{{prev_child}} and result = e.getImmediate{{singular}}() and partialPredicateCall = "{{singular}}()" + index = n{{prev_child}} and result = e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}() and partialPredicateCall = "{{singular}}()" {{/is_repeated}} {{/is_child}} {{/properties}} @@ -71,21 +71,21 @@ none() * if `e` has conversions, `getImmediateParent(e)` will give the innermost conversion in the hidden AST. */ Element getImmediateParent(Element e) { -// `unique` is used here to tell the optimizer that there is in fact only one result -// this is tested by the `library-tests/parent/no_double_parents.ql` test -result = unique(Element x | e = Impl::getImmediateChild(x, _, _) | x) + // `unique` is used here to tell the optimizer that there is in fact only one result + // this is tested by the `library-tests/parent/no_double_parents.ql` test + result = unique(Element x | e = Impl::getImmediateChild(x, _, _) | x) } /** * Gets the immediate child indexed at `index`. Indexes are not guaranteed to be contiguous, but are guaranteed to be distinct. `accessor` is bound the member predicate call resulting in the given child. */ Element getImmediateChildAndAccessor(Element e, int index, string accessor) { -exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor) and accessor = "get" + partialAccessor) + exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor) and accessor = "get" + partialAccessor) } /** * Gets the child indexed at `index`. Indexes are not guaranteed to be contiguous, but are guaranteed to be distinct. `accessor` is bound the member predicate call resulting in the given child. */ Element getChildAndAccessor(Element e, int index, string accessor) { -exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and accessor = "get" + partialAccessor) + exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and accessor = "get" + partialAccessor) } diff --git a/misc/codegen/test/test_qlgen.py b/misc/codegen/test/test_qlgen.py index 1cd85762315..44c5e63f05d 100644 --- a/misc/codegen/test/test_qlgen.py +++ b/misc/codegen/test/test_qlgen.py @@ -139,15 +139,16 @@ def a_ql_class(**kwargs): return ql.Class(**kwargs, import_prefix=gen_import) -def a_ql_stub(**kwargs): - return ql.Stub(**kwargs, import_prefix=gen_import) +def a_ql_stub(*, name, import_prefix="", **kwargs): + return ql.Stub(name=name, **kwargs, import_prefix=gen_import, + base_import=f"{gen_import_prefix}{import_prefix}{name}") def test_one_empty_class(generate_classes): assert generate_classes([ schema.Class("A") ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A", final=True)), } @@ -159,15 +160,11 @@ def test_hierarchy(generate_classes): schema.Class("B", bases=["A"], derived={"D"}), schema.Class("A", derived={"B", "C"}), ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), - a_ql_class(name="A")), - "B.qll": (a_ql_stub(name="B", base_import=gen_import_prefix + "B"), - a_ql_class(name="B", bases=["A"], imports=[stub_import_prefix + "A"])), - "C.qll": (a_ql_stub(name="C", base_import=gen_import_prefix + "C"), - a_ql_class(name="C", bases=["A"], imports=[stub_import_prefix + "A"])), - "D.qll": (a_ql_stub(name="D", base_import=gen_import_prefix + "D"), - a_ql_class(name="D", final=True, bases=["B", "C"], - imports=[stub_import_prefix + cls for cls in "BC"])), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A")), + "B.qll": (a_ql_stub(name="B"), a_ql_class(name="B", bases=["A"], imports=[stub_import_prefix + "A"])), + "C.qll": (a_ql_stub(name="C"), a_ql_class(name="C", bases=["A"], imports=[stub_import_prefix + "A"])), + "D.qll": (a_ql_stub(name="D"), a_ql_class(name="D", final=True, bases=["B", "C"], + imports=[stub_import_prefix + cls for cls in "BC"])), } @@ -213,7 +210,7 @@ def test_single_property(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -236,9 +233,8 @@ def test_children(generate_classes): schema.RepeatedOptionalProperty("child_4", "int", is_child=True), ]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="A", type="int", tablename="my_objects", @@ -286,7 +282,7 @@ def test_single_properties(generate_classes): schema.SingleProperty("three", "z"), ]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="One", type="x", tablename="my_objects", @@ -309,9 +305,8 @@ def test_optional_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.OptionalProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_object_foos", tableparams=["this", "result"], @@ -327,9 +322,8 @@ def test_repeated_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.RepeatedProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "index", "result"], prev_child=prev_child, @@ -344,9 +338,8 @@ def test_repeated_unordered_property(generate_classes): schema.Class("MyObject", properties=[ schema.RepeatedUnorderedProperty("foo", "bar")]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "result"], is_unordered=True, @@ -363,9 +356,8 @@ def test_repeated_optional_property(generate_classes, is_child, prev_child): schema.RepeatedOptionalProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "index", "result"], is_optional=True, @@ -380,7 +372,7 @@ def test_predicate_property(generate_classes): schema.Class("MyObject", properties=[ schema.PredicateProperty("is_foo")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="isFoo", type="predicate", tablename="my_object_is_foo", tableparams=["this"], is_predicate=True, doc="this my object is foo"), @@ -395,7 +387,7 @@ def test_single_class_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "Bar", is_child=is_child)]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class( name="MyObject", final=True, imports=[stub_import_prefix + "Bar"], properties=[ ql.Property(singular="Foo", type="Bar", tablename="my_objects", @@ -404,8 +396,7 @@ def test_single_class_property(generate_classes, is_child, prev_child): prev_child=prev_child, doc="foo of this my object"), ], )), - "Bar.qll": (a_ql_stub(name="Bar", base_import=gen_import_prefix + "Bar"), - a_ql_class(name="Bar", final=True)), + "Bar.qll": (a_ql_stub(name="Bar"), a_ql_class(name="Bar", final=True)), } @@ -414,8 +405,7 @@ def test_class_with_doc(generate_classes): assert generate_classes([ schema.Class("A", doc=doc), ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), - a_ql_class(name="A", final=True, doc=doc)), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A", final=True, doc=doc)), } @@ -425,9 +415,8 @@ def test_class_dir(generate_classes): schema.Class("A", derived={"B"}, group=dir), schema.Class("B", bases=["A"]), ]) == { - f"{dir}/A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "another.rel.path.A"), - a_ql_class(name="A", dir=pathlib.Path(dir))), - "B.qll": (a_ql_stub(name="B", base_import=gen_import_prefix + "B"), + f"{dir}/A.qll": (a_ql_stub(name="A", import_prefix="another.rel.path."), a_ql_class(name="A", dir=pathlib.Path(dir))), + "B.qll": (a_ql_stub(name="B"), a_ql_class(name="B", final=True, bases=["A"], imports=[stub_import_prefix + "another.rel.path.A"])), } @@ -586,11 +575,11 @@ def test_test_partial_properties(opts, generate_tests): type="bool")), "B/B_getZ.ql": a_ql_property_tester(class_name="B", property=ql.PropertyForTest(getter="getZ", is_total=False, - is_indexed=True, - type="int")), + is_indexed=True, + type="int")), "B/B_getAW.ql": a_ql_property_tester(class_name="B", property=ql.PropertyForTest(getter="getAW", is_total=False, - type="string")), + type="string")), } @@ -611,7 +600,7 @@ def test_test_properties_deduplicated(opts, generate_tests): ]), "Final/Final_getY.ql": a_ql_property_tester(class_name="Final", property=ql.PropertyForTest(getter="getY", is_total=False, - is_indexed=True, + is_indexed=True, type="bool")), } @@ -706,7 +695,7 @@ def test_property_description(generate_classes): schema.SingleProperty("foo", "bar", description=description), ]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -722,7 +711,7 @@ def test_property_doc_override(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar", doc="baz")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -737,7 +726,7 @@ def test_repeated_property_doc_override(generate_classes): schema.RepeatedProperty("x", "int", doc="children of this"), schema.RepeatedOptionalProperty("y", "int", doc="child of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -759,7 +748,7 @@ def test_property_doc_abbreviations(generate_classes, abbr, expected): schema.Class("Object", properties=[ schema.SingleProperty(f"foo_{abbr}_bar", "baz")]), ]) == { - "Object.qll": (a_ql_stub(name="Object", base_import=gen_import_prefix + "Object"), + "Object.qll": (a_ql_stub(name="Object"), a_ql_class(name="Object", final=True, properties=[ ql.Property(singular=f"Foo{abbr.capitalize()}Bar", type="baz", @@ -776,7 +765,7 @@ def test_property_doc_abbreviations_ignored_if_within_word(generate_classes, abb schema.Class("Object", properties=[ schema.SingleProperty(f"foo_{abbr}acadabra_bar", "baz")]), ]) == { - "Object.qll": (a_ql_stub(name="Object", base_import=gen_import_prefix + "Object"), + "Object.qll": (a_ql_stub(name="Object"), a_ql_class(name="Object", final=True, properties=[ ql.Property(singular=f"Foo{abbr.capitalize()}acadabraBar", type="baz", @@ -792,7 +781,7 @@ def test_repeated_property_doc_override_with_format(generate_classes): schema.RepeatedProperty("x", "int", doc="special {children} of this"), schema.RepeatedOptionalProperty("y", "int", doc="special {child} of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -815,7 +804,7 @@ def test_repeated_property_doc_override_with_multiple_formats(generate_classes): schema.RepeatedProperty("x", "int", doc="{cat} or {dog}"), schema.RepeatedOptionalProperty("y", "int", doc="{cats} or {dogs}")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -835,7 +824,7 @@ def test_property_doc_override_with_format(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar", doc="special {baz} of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -850,7 +839,7 @@ def test_property_on_class_with_default_doc_name(generate_classes): schema.SingleProperty("foo", "bar")], default_doc_name="baz"), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -863,7 +852,7 @@ def test_stub_on_class_with_ipa_from_class(generate_classes): assert generate_classes([ schema.Class("MyObject", ipa=schema.IpaInfo(from_class="A")), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject", ipa_accessors=[ + "MyObject.qll": (a_ql_stub(name="MyObject", ipa_accessors=[ ql.IpaUnderlyingAccessor(argument="Entity", type="Raw::A", constructorparams=["result"]), ]), a_ql_class(name="MyObject", final=True, ipa=True)), @@ -874,7 +863,7 @@ def test_stub_on_class_with_ipa_on_arguments(generate_classes): assert generate_classes([ schema.Class("MyObject", ipa=schema.IpaInfo(on_arguments={"base": "A", "index": "int", "label": "string"})), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject", ipa_accessors=[ + "MyObject.qll": (a_ql_stub(name="MyObject", ipa_accessors=[ ql.IpaUnderlyingAccessor(argument="Base", type="Raw::A", constructorparams=["result", "_", "_"]), ql.IpaUnderlyingAccessor(argument="Index", type="int", constructorparams=["_", "result", "_"]), ql.IpaUnderlyingAccessor(argument="Label", type="string", constructorparams=["_", "_", "result"]), @@ -883,5 +872,30 @@ def test_stub_on_class_with_ipa_on_arguments(generate_classes): } +def test_hideable_class(generate_classes): + assert generate_classes([ + schema.Class("MyObject", hideable=True), + ]) == { + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable=True)), + } + + +def test_hideable_property(generate_classes): + assert generate_classes([ + schema.Class("MyObject", hideable=True), + schema.Class("Other", properties=[ + schema.SingleProperty("x", "MyObject"), + ]), + ]) == { + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable=True)), + "Other.qll": (a_ql_stub(name="Other"), + a_ql_class(name="Other", imports=[stub_import_prefix + "MyObject"], + final=True, properties=[ + ql.Property(singular="X", type="MyObject", tablename="others", type_is_hideable=True, + tableparams=["this", "result"], doc="x of this other"), + ])), + } + + if __name__ == '__main__': sys.exit(pytest.main([__file__] + sys.argv[1:])) diff --git a/misc/codegen/test/test_schemaloader.py b/misc/codegen/test/test_schemaloader.py index 9c9750818ea..25b4c43f161 100644 --- a/misc/codegen/test/test_schemaloader.py +++ b/misc/codegen/test/test_schemaloader.py @@ -688,5 +688,33 @@ def test_uppercase_acronyms_are_rejected(): pass +def test_hideable(): + @load + class data: + class Root: + pass + + @defs.ql.hideable + class A(Root): + pass + + class IndirectlyHideable(Root): + pass + + class B(A, IndirectlyHideable): + pass + + class NonHideable(Root): + pass + + assert data.classes == { + "Root": schema.Class("Root", derived={"A", "IndirectlyHideable", "NonHideable"}, hideable=True), + "A": schema.Class("A", bases=["Root"], derived={"B"}, hideable=True), + "IndirectlyHideable": schema.Class("IndirectlyHideable", bases=["Root"], derived={"B"}, hideable=True), + "B": schema.Class("B", bases=["A", "IndirectlyHideable"], hideable=True), + "NonHideable": schema.Class("NonHideable", bases=["Root"], hideable=False), + } + + if __name__ == '__main__': sys.exit(pytest.main([__file__] + sys.argv[1:])) diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9621c2fa167..46787616efa 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.2 + +No user-facing changes. + ## 0.5.1 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.5.2.md b/misc/suite-helpers/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..e94d1f4ad5b --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.5.2.md @@ -0,0 +1,3 @@ +## 0.5.2 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index c5cf2398633..b6fbcda7201 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.5.2-dev +version: 0.5.3-dev groups: shared diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index b00d10f98d9..91f53df486b 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.9.2 + +### Minor Analysis Improvements + +* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. +* Added more content-flow/field-flow for dictionaries, by adding support for reads through `mydict.get("key")` and `mydict.setdefault("key", value)`, and store steps through `dict["key"] = value` and `mydict.setdefault("key", value)`. + ## 0.9.1 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md b/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md deleted file mode 100644 index 6905a03c8e8..00000000000 --- a/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. diff --git a/python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md b/python/ql/lib/change-notes/released/0.9.2.md similarity index 51% rename from python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md rename to python/ql/lib/change-notes/released/0.9.2.md index 45b225bbb26..06149b0aac9 100644 --- a/python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md +++ b/python/ql/lib/change-notes/released/0.9.2.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.9.2 + +### Minor Analysis Improvements + +* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. * Added more content-flow/field-flow for dictionaries, by adding support for reads through `mydict.get("key")` and `mydict.setdefault("key", value)`, and store steps through `dict["key"] = value` and `mydict.setdefault("key", value)`. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 6789dcd18b7..e1eda519435 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.1 +lastReleaseVersion: 0.9.2 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 9948ffa5d7f..9d4522d5f58 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.9.2-dev +version: 0.9.3-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 36f736322c9..712de670fdc 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 No user-facing changes. diff --git a/python/ql/src/Security/CWE-730/ReDoS.qhelp b/python/ql/src/Security/CWE-730/ReDoS.qhelp index 9cfbcc32354..a881d94cd9f 100644 --- a/python/ql/src/Security/CWE-730/ReDoS.qhelp +++ b/python/ql/src/Security/CWE-730/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

- ^_(__|.)+_$ - +^_(__|.)+_$

Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two @@ -25,8 +24,7 @@ the two branches of the alternative inside the repetition:

- ^_(__|[^_])+_$ - +^_(__|[^_])+_$ diff --git a/python/ql/src/change-notes/released/0.7.2.md b/python/ql/src/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/python/ql/src/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql b/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql new file mode 100644 index 00000000000..600d067da76 --- /dev/null +++ b/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql @@ -0,0 +1,24 @@ +/** + * @name Summarized callable call sites + * @description A call site for which we have a summarized callable + * @kind problem + * @problem.severity recommendation + * @id py/meta/summarized-callable-call-sites + * @tags meta + * @precision very-low + */ + +import python +import semmle.python.dataflow.new.DataFlow +import semmle.python.dataflow.new.FlowSummary +import meta.MetaMetrics + +from DataFlow::Node useSite, SummarizedCallable target, string kind +where + ( + useSite = target.getACall() and kind = "Call" + or + useSite = target.getACallback() and kind = "Callback" + ) and + not useSite.getLocation().getFile() instanceof IgnoredFile +select useSite, kind + " to " + target diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 0d2839ec410..eb327c2e42e 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.7.2-dev +version: 0.7.3-dev groups: - python - queries diff --git a/ql/Cargo.lock b/ql/Cargo.lock index 92a590787a3..de833d37b96 100644 Binary files a/ql/Cargo.lock and b/ql/Cargo.lock differ diff --git a/ql/buramu/Cargo.toml b/ql/buramu/Cargo.toml index 5c6d79d7305..13aaddaf989 100644 --- a/ql/buramu/Cargo.toml +++ b/ql/buramu/Cargo.toml @@ -7,6 +7,6 @@ edition = "2018" [dependencies] lazy_static = "1.4.0" -chrono = "0.4.24" +chrono = "0.4.26" rayon = "1.7.0" -regex = "1.8.2" +regex = "1.8.3" diff --git a/ql/extractor/Cargo.toml b/ql/extractor/Cargo.toml index 91bf5ecec25..f026145c72f 100644 --- a/ql/extractor/Cargo.toml +++ b/ql/extractor/Cargo.toml @@ -16,5 +16,5 @@ clap = { version = "4.2", features = ["derive"] } tracing = "0.1" tracing-subscriber = { version = "0.3.17", features = ["env-filter"] } rayon = "1.7.0" -regex = "1.8.2" +regex = "1.8.3" codeql-extractor = { path = "../../shared/tree-sitter-extractor" } diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 2071494bb54..65eba10cc10 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Support for the `sqlite3` gem has been added. Method calls that execute queries against an SQLite3 database that may be vulnerable to injection attacks will now be recognized. + ## 0.6.1 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2023-05-06-pg.md b/ruby/ql/lib/change-notes/2023-05-06-pg.md new file mode 100644 index 00000000000..0e671ff9106 --- /dev/null +++ b/ruby/ql/lib/change-notes/2023-05-06-pg.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Support for the `pg` gem has been added. Method calls that execute queries against a PostgreSQL database that may be vulnerable to injection attacks will now be recognized. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2023-05-07-sequel.md b/ruby/ql/lib/change-notes/2023-05-07-sequel.md new file mode 100644 index 00000000000..3688f28db56 --- /dev/null +++ b/ruby/ql/lib/change-notes/2023-05-07-sequel.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Support for the `sequel` gem has been added. Method calls that execute queries against a database that may be vulnerable to injection attacks will now be recognized. diff --git a/ruby/ql/lib/change-notes/2023-05-03-sqlite3.md b/ruby/ql/lib/change-notes/released/0.6.2.md similarity index 80% rename from ruby/ql/lib/change-notes/2023-05-03-sqlite3.md rename to ruby/ql/lib/change-notes/released/0.6.2.md index 16af7f859e9..a1214bd6e68 100644 --- a/ruby/ql/lib/change-notes/2023-05-03-sqlite3.md +++ b/ruby/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + * Support for the `sqlite3` gem has been added. Method calls that execute queries against an SQLite3 database that may be vulnerable to injection attacks will now be recognized. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/ruby/ql/lib/codeql/ruby/Frameworks.qll b/ruby/ql/lib/codeql/ruby/Frameworks.qll index e61ac723e7e..ffa6e8219a4 100644 --- a/ruby/ql/lib/codeql/ruby/Frameworks.qll +++ b/ruby/ql/lib/codeql/ruby/Frameworks.qll @@ -32,3 +32,5 @@ private import codeql.ruby.frameworks.Slim private import codeql.ruby.frameworks.Sinatra private import codeql.ruby.frameworks.Twirp private import codeql.ruby.frameworks.Sqlite3 +private import codeql.ruby.frameworks.Pg +private import codeql.ruby.frameworks.Sequel diff --git a/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll b/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll index 74acef8e860..e3faf292023 100644 --- a/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll +++ b/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll @@ -121,13 +121,15 @@ private Ruby::AstNode getSuperParent(Ruby::Super sup) { result = sup or result = getSuperParent(sup).getParent() and - not result instanceof Ruby::Method + not result instanceof Ruby::Method and + not result instanceof Ruby::SingletonMethod } private string getSuperMethodName(Ruby::Super sup) { - exists(Ruby::Method meth | - meth = getSuperParent(sup).getParent() and + exists(Ruby::AstNode meth | meth = getSuperParent(sup).getParent() | result = any(Method c | toGenerated(c) = meth).getName() + or + result = any(SingletonMethod c | toGenerated(c) = meth).getName() ) } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll new file mode 100644 index 00000000000..30310fdac58 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll @@ -0,0 +1,29 @@ +/** + * Provides default sources, sinks and sanitizers for detecting + * "Unicode transformation" + * vulnerabilities, as well as extension points for adding your own. + */ + +private import ruby + +/** + * Provides default sources, sinks and sanitizers for detecting + * "Unicode transformation" + * vulnerabilities, as well as extension points for adding your own. + */ +module UnicodeBypassValidation { + /** + * A data flow source for "Unicode transformation" vulnerabilities. + */ + abstract class Source extends DataFlow::Node { } + + /** + * A data flow sink for "Unicode transformation" vulnerabilities. + */ + abstract class Sink extends DataFlow::Node { } + + /** + * A sanitizer for "Unicode transformation" vulnerabilities. + */ + abstract class Sanitizer extends DataFlow::Node { } +} diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll new file mode 100644 index 00000000000..5c24978c4c3 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -0,0 +1,123 @@ +/** + * Provides a taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities. + */ + +private import ruby +private import codeql.ruby.dataflow.RemoteFlowSources +private import codeql.ruby.Concepts +private import codeql.ruby.TaintTracking +private import codeql.ruby.ApiGraphs +import UnicodeBypassValidationCustomizations::UnicodeBypassValidation + +/** A state signifying that a logical validation has not been performed. */ +class PreValidation extends DataFlow::FlowState { + PreValidation() { this = "PreValidation" } +} + +/** A state signifying that a logical validation has been performed. */ +class PostValidation extends DataFlow::FlowState { + PostValidation() { this = "PostValidation" } +} + +/** + * A taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities. + * + * This configuration uses two flow states, `PreValidation` and `PostValidation`, + * to track the requirement that a logical validation has been performed before the Unicode Transformation. + */ +class Configuration extends TaintTracking::Configuration { + Configuration() { this = "UnicodeBypassValidation" } + + override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) { + source instanceof RemoteFlowSource and state instanceof PreValidation + } + + override predicate isAdditionalTaintStep( + DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo, + DataFlow::FlowState stateTo + ) { + ( + exists(Escaping escaping | nodeFrom = escaping.getAnInput() and nodeTo = escaping.getOutput()) + or + exists(RegexExecution re | nodeFrom = re.getString() and nodeTo = re) + or + // String Manipulation Method Calls + // https://ruby-doc.org/core-2.7.0/String.html + exists(DataFlow::CallNode cn | + cn.getMethodName() = + [ + [ + "ljust", "lstrip", "succ", "next", "rjust", "capitalize", "chomp", "gsub", "chop", + "downcase", "swapcase", "uprcase", "scrub", "slice", "squeeze", "strip", "sub", + "tr", "tr_s", "reverse" + ] + ["", "!"], "concat", "dump", "each_line", "replace", "insert", "inspect", "lines", + "partition", "prepend", "replace", "rpartition", "scan", "split", "undump", + "unpack" + ["", "1"] + ] and + nodeFrom = cn.getReceiver() and + nodeTo = cn + ) + or + exists(DataFlow::CallNode cn | + cn.getMethodName() = + [ + "casecmp" + ["", "?"], "center", "count", "each_char", "index", "rindex", "sum", + ["delete", "delete_prefix", "delete_suffix"] + ["", "!"], + ["start_with", "end_with" + "eql", "include"] + ["?", "!"], "match" + ["", "?"], + ] and + nodeFrom = cn.getReceiver() and + nodeTo = nodeFrom + ) + or + exists(DataFlow::CallNode cn | + cn = API::getTopLevelMember("CGI").getAMethodCall("escapeHTML") and + nodeFrom = cn.getArgument(0) and + nodeTo = cn + ) + ) and + stateFrom instanceof PreValidation and + stateTo instanceof PostValidation + } + + /* A Unicode Tranformation (Unicode tranformation) is considered a sink when the algorithm used is either NFC or NFKC. */ + override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { + ( + exists(DataFlow::CallNode cn | + cn.getMethodName() = "unicode_normalize" and + cn.getArgument(0).getConstantValue().getSymbol() = ["nfkc", "nfc", "nfkd", "nfd"] and + sink = cn.getReceiver() + ) + or + // unicode_utils + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("UnicodeUtils").getMethod(["nfkd", "nfc", "nfd", "nfkc"]) and + sink = mac.getParameter(0).asSink() + ) + or + // eprun + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("Eprun").getMethod("normalize") and + sink = mac.getParameter(0).asSink() + ) + or + // unf + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("UNF").getMember("Normalizer").getMethod("normalize") and + sink = mac.getParameter(0).asSink() + ) + or + // ActiveSupport::Multibyte::Chars + exists(DataFlow::CallNode cn, DataFlow::CallNode n | + cn = + API::getTopLevelMember("ActiveSupport") + .getMember("Multibyte") + .getMember("Chars") + .getMethod("new") + .getCallNode() and + n = cn.getAMethodCall("normalize") and + sink = cn.getArgument(0) + ) + ) and + state instanceof PostValidation + } +} diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll new file mode 100644 index 00000000000..e0f60730721 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll @@ -0,0 +1,77 @@ +/** + * Provides modeling for Pg, a Ruby library (gem) for interacting with PostgreSQL databases. + */ + +private import codeql.ruby.ApiGraphs +private import codeql.ruby.dataflow.FlowSummary +private import codeql.ruby.Concepts + +/** + * Provides modeling for Pg, a Ruby library (gem) for interacting with PostgreSQL databases. + */ +module Pg { + /** + * Flow summary for `PG.new()`. This method initializes a database connection. + */ + private class SqlSummary extends SummarizedCallable { + SqlSummary() { this = "PG.new()" } + + override MethodCall getACall() { result = any(PgConnection c).asExpr().getExpr() } + + override predicate propagatesFlowExt(string input, string output, boolean preservesValue) { + input = "Argument[0]" and output = "ReturnValue" and preservesValue = false + } + } + + /** A call to PG::Connection.open() is used to establish a connection to a PostgreSQL database. */ + private class PgConnection extends DataFlow::CallNode { + PgConnection() { + this = + API::getTopLevelMember("PG") + .getMember("Connection") + .getAMethodCall(["open", "new", "connect_start"]) + or + this = API::getTopLevelMember("PG").getAnInstantiation() + } + } + + /** A call that prepares an SQL statement to be executed later. */ + private class PgPrepareCall extends SqlConstruction::Range, DataFlow::CallNode { + private DataFlow::Node query; + private PgConnection pgConnection; + private string queryName; + + PgPrepareCall() { + this = pgConnection.getAMethodCall("prepare") and + queryName = this.getArgument(0).getConstantValue().getStringlikeValue() and + query = this.getArgument(1) + } + + PgConnection getConnection() { result = pgConnection } + + string getQueryName() { result = queryName } + + override DataFlow::Node getSql() { result = query } + } + + /** A call that executes SQL statements against a PostgreSQL database. */ + private class PgExecution extends SqlExecution::Range, DataFlow::CallNode { + private DataFlow::Node query; + + PgExecution() { + exists(PgConnection pgConnection | + this = + pgConnection.getAMethodCall(["exec", "async_exec", "exec_params", "async_exec_params"]) and + query = this.getArgument(0) + or + exists(PgPrepareCall prepareCall | + pgConnection = prepareCall.getConnection() and + this.getArgument(0).getConstantValue().isStringlikeValue(prepareCall.getQueryName()) and + query = prepareCall.getSql() + ) + ) + } + + override DataFlow::Node getSql() { result = query } + } +} diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll b/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll new file mode 100644 index 00000000000..b9488a92016 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll @@ -0,0 +1,71 @@ +/** + * Provides modeling for `Sequel`, the database toolkit for Ruby. + * https://github.com/jeremyevans/sequel + */ + +private import ruby +private import codeql.ruby.ApiGraphs +private import codeql.ruby.dataflow.FlowSummary +private import codeql.ruby.Concepts + +/** + * Provides modeling for `Sequel`, the database toolkit for Ruby. + * https://github.com/jeremyevans/sequel + */ +module Sequel { + /** Flow Summary for `Sequel`. */ + private class SqlSummary extends SummarizedCallable { + SqlSummary() { this = "Sequel.connect" } + + override MethodCall getACall() { result = any(SequelConnection c).asExpr().getExpr() } + + override predicate propagatesFlowExt(string input, string output, boolean preservesValue) { + input = "Argument[0]" and output = "ReturnValue" and preservesValue = false + } + } + + /** A call to establish a connection to a database */ + private class SequelConnection extends DataFlow::CallNode { + SequelConnection() { + this = + API::getTopLevelMember("Sequel").getAMethodCall(["connect", "sqlite", "mysql2", "jdbc"]) + } + } + + /** A call that constructs SQL statements */ + private class SequelConstruction extends SqlConstruction::Range, DataFlow::CallNode { + DataFlow::Node query; + + SequelConstruction() { + this = API::getTopLevelMember("Sequel").getAMethodCall("cast") and query = this.getArgument(1) + or + this = API::getTopLevelMember("Sequel").getAMethodCall("function") and + query = this.getArgument(0) + } + + override DataFlow::Node getSql() { result = query } + } + + /** A call that executes SQL statements against a database */ + private class SequelExecution extends SqlExecution::Range, DataFlow::CallNode { + SequelExecution() { + exists(SequelConnection sequelConnection | + this = + sequelConnection + .getAMethodCall([ + "execute", "execute_ddl", "execute_dui", "execute_insert", "run", "<<", "fetch", + "fetch_rows", "[]", "log_connection_yield" + ]) or + this = + sequelConnection + .getAMethodCall("dataset") + .getAMethodCall([ + "with_sql", "with_sql_all", "with_sql_delete", "with_sql_each", "with_sql_first", + "with_sql_insert", "with_sql_single_value", "with_sql_update" + ]) + ) + } + + override DataFlow::Node getSql() { result = this.getArgument(0) } + } +} diff --git a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll index 7283ffedf09..55ec26258d6 100644 --- a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll @@ -89,12 +89,23 @@ private predicate flowThrough(DataFlowPublic::ParameterNode param) { ) } +/** Holds if there is flow from `arg` to `p` via the call `call`, not counting `new -> initialize` call steps. */ +pragma[nomagic] +predicate callStepNoInitialize( + ExprNodes::CallCfgNode call, Node arg, DataFlowPrivate::ParameterNodeImpl p +) { + exists(DataFlowDispatch::ParameterPosition pos | + argumentPositionMatch(call, arg, pos) and + p.isSourceParameterOf(DataFlowDispatch::getTarget(call), pos) + ) +} + /** Holds if there is a level step from `nodeFrom` to `nodeTo`, which may depend on the call graph. */ pragma[nomagic] predicate levelStepCall(Node nodeFrom, Node nodeTo) { exists(DataFlowPublic::ParameterNode param | flowThrough(param) and - callStep(nodeTo.asExpr(), nodeFrom, param) + callStepNoInitialize(nodeTo.asExpr(), nodeFrom, param) ) } diff --git a/ruby/ql/lib/ide-contextual-queries/printCfg.ql b/ruby/ql/lib/ide-contextual-queries/printCfg.ql new file mode 100644 index 00000000000..9c42fe91361 --- /dev/null +++ b/ruby/ql/lib/ide-contextual-queries/printCfg.ql @@ -0,0 +1,22 @@ +/** + * @name Print CFG + * @description Produces a representation of a file's Control Flow Graph. + * This query is used by the VS Code extension. + * @id rb/print-cfg + * @kind graph + * @tags ide-contextual-queries/print-cfg + */ + +private import codeql.ruby.controlflow.internal.ControlFlowGraphImplShared::TestOutput +private import codeql.IDEContextual + +/** + * Gets the source file to generate a CFG from. + */ +external string selectedSourceFile(); + +class MyRelevantNode extends RelevantNode { + MyRelevantNode() { + this.getScope().getLocation().getFile() = getFileBySourceArchiveName(selectedSourceFile()) + } +} diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index f25ce14aa24..bb01a5ff87d 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.6.2-dev +version: 0.6.3-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 20ece6388aa..7e2e0df8b38 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md b/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md new file mode 100644 index 00000000000..7059c51f24e --- /dev/null +++ b/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Fixed a bug that would occur when an `initialize` method returns `self` or one of its parameters. + In such cases, the corresponding calls to `new` would be associated with an incorrect return type. + This could result in inaccurate call target resolution and cause false positive alerts. diff --git a/ruby/ql/src/change-notes/released/0.6.2.md b/ruby/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp new file mode 100644 index 00000000000..6757cd68b4a --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -0,0 +1,50 @@ + + + +

Security checks bypass due to a Unicode transformation

+

+ If ever a unicode tranformation is performed after some security checks or logical + validation, the + latter could be bypassed due to a potential Unicode characters collision. + The validation of concern are any character escaping, any regex validation or any string + verification. +

+ + +

Perform a Unicode normalization before the logical validation.

+ + + +

The following example showcases the bypass of all checks performed by + html_escape() due to a post-unicode normalization.

+

For instance: the character U+FE64 (﹤) is not filtered-out by the + html_escape() function. But due to the Unicode normalization, the character is + transformed and would become U+003C ( < ).

+ + + + + + +

The next example shows how an early deletion of a character may be bypassed due to a + potential Unicode character collision.

+

The character < was expected to be omitted from the string s. + However, a malicious user may consider using its colliding Unicode character U+FE64 + ﹤ as an alternative. Due to the Late-Unicode normalization with the form NFKC, + the resulting string would contain the unintended character < .

+ + + + + +
  • Research study: + Unicode vulnerabilities that could bYte you + +
    • +
  • + Unicode pentest + cheatsheet.
    • + + \ No newline at end of file diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql new file mode 100644 index 00000000000..92c60f0b681 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql @@ -0,0 +1,24 @@ +/** + * @name Bypass Logical Validation Using Unicode Characters + * @description A Unicode transformation is using a remote user-controlled data. The transformation is a Unicode normalization using the algorithms "NFC" or "NFKC". In all cases, the security measures implemented or the logical validation performed to escape any injection characters, to validate using regex patterns or to perform string-based checks, before the Unicode transformation are **bypassable** by special Unicode characters. + * @kind path-problem + * @id rb/unicode-bypass-validation + * @precision high + * @problem.severity error + * @tags security + * experimental + * external/cwe/cwe-176 + * external/cwe/cwe-179 + * external/cwe/cwe-180 + */ + +import ruby +import codeql.ruby.experimental.UnicodeBypassValidationQuery +import DataFlow::PathGraph + +from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink +where config.hasFlowPath(source, sink) +select sink.getNode(), source, sink, + "This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters.", + sink.getNode(), "Unicode transformation (Unicode normalization)", source.getNode(), + "remote user-controlled data" diff --git a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb new file mode 100644 index 00000000000..099c2cfa051 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb @@ -0,0 +1,10 @@ +require "erb" + +class UnicodeNormalizationHtMLSafeController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_html_safe = ERB::Util.html_escape(unicode_input) + normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD + normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD + end +end diff --git a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization2.rb b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization2.rb new file mode 100644 index 00000000000..0985a698365 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization2.rb @@ -0,0 +1,2 @@ +s = "﹤xss>" +puts s.delete("<").unicode_normalize(:nfkc).include?("<") diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index b85dc0f5e4f..3bc462dc7ee 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - ruby - queries diff --git a/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql b/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql new file mode 100644 index 00000000000..abfadea9107 --- /dev/null +++ b/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql @@ -0,0 +1,16 @@ +/** + * @name Summarized callable call sites + * @description A call site for which we have a summarized callable + * @kind problem + * @problem.severity recommendation + * @id rb/meta/summarized-callable-call-sites + * @tags meta + * @precision very-low + */ + +import codeql.ruby.AST +import codeql.ruby.dataflow.FlowSummary + +from Call invoke, SummarizedCallable f +where f.getACall() = invoke or f.getACallSimple() = invoke +select invoke, "Call to " + f diff --git a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp index 4c85702a0d3..4c19e2bb6fe 100644 --- a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp +++ b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp @@ -4,8 +4,7 @@

    Consider this regular expression:

    - /^_(__|.)+_$/ - +/^_(__|.)+_$/

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the @@ -21,8 +20,7 @@ repetition:

    - /^_(__|[^_])+_$/ - +/^_(__|[^_])+_$/     diff --git a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected index eb6c751598f..2bfe1e9a9ab 100644 --- a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected +++ b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected @@ -2814,6 +2814,8 @@ | file://:0:0:0:0 | parameter position 0 of File.realdirpath | file://:0:0:0:0 | [summary] to write: return (return) in File.realdirpath | | file://:0:0:0:0 | parameter position 0 of File.realpath | file://:0:0:0:0 | [summary] to write: return (return) in File.realpath | | file://:0:0:0:0 | parameter position 0 of Hash[] | file://:0:0:0:0 | [summary] read: argument position 0.any element in Hash[] | +| file://:0:0:0:0 | parameter position 0 of PG.new() | file://:0:0:0:0 | [summary] to write: return (return) in PG.new() | +| file://:0:0:0:0 | parameter position 0 of Sequel.connect | file://:0:0:0:0 | [summary] to write: return (return) in Sequel.connect | | file://:0:0:0:0 | parameter position 0 of String.try_convert | file://:0:0:0:0 | [summary] to write: return (return) in String.try_convert | | file://:0:0:0:0 | parameter position 0 of \| | file://:0:0:0:0 | [summary] read: argument position 0.any element in \| | | file://:0:0:0:0 | parameter position 1.. of File.join | file://:0:0:0:0 | [summary] to write: return (return) in File.join | diff --git a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected new file mode 100644 index 00000000000..dca651d9412 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected @@ -0,0 +1,23 @@ +sequelSqlConstruction +| sequel.rb:62:29:62:49 | call to cast | sequel.rb:62:45:62:48 | name | +| sequel.rb:65:29:65:49 | call to function | sequel.rb:65:45:65:48 | name | +sequelSqlExecution +| sequel.rb:9:9:9:60 | ...[...] | sequel.rb:9:14:9:59 | "SELECT * FROM users WHERE use..." | +| sequel.rb:12:9:12:64 | call to run | sequel.rb:12:18:12:63 | "SELECT * FROM users WHERE use..." | +| sequel.rb:15:9:17:11 | call to fetch | sequel.rb:15:20:15:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:20:9:20:65 | ...[...] | sequel.rb:20:14:20:64 | "SELECT * FROM users WHERE use..." | +| sequel.rb:23:9:23:65 | call to execute | sequel.rb:23:22:23:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:26:9:26:71 | call to execute_ddl | sequel.rb:26:26:26:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:29:9:29:71 | call to execute_dui | sequel.rb:29:26:29:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:32:9:32:74 | call to execute_insert | sequel.rb:32:29:32:74 | "SELECT * FROM users WHERE use..." | +| sequel.rb:35:9:35:62 | ... << ... | sequel.rb:35:17:35:62 | "SELECT * FROM users WHERE use..." | +| sequel.rb:38:9:38:79 | call to fetch_rows | sequel.rb:38:25:38:70 | "SELECT * FROM users WHERE use..." | +| sequel.rb:41:9:41:81 | call to with_sql_all | sequel.rb:41:35:41:80 | "SELECT * FROM users WHERE use..." | +| sequel.rb:44:9:44:84 | call to with_sql_delete | sequel.rb:44:38:44:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:47:9:47:90 | call to with_sql_each | sequel.rb:47:36:47:81 | "SELECT * FROM users WHERE use..." | +| sequel.rb:50:9:50:83 | call to with_sql_first | sequel.rb:50:37:50:82 | "SELECT * FROM users WHERE use..." | +| sequel.rb:53:9:53:84 | call to with_sql_insert | sequel.rb:53:38:53:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:56:9:56:90 | call to with_sql_single_value | sequel.rb:56:44:56:89 | "SELECT * FROM users WHERE use..." | +| sequel.rb:59:9:59:84 | call to with_sql_update | sequel.rb:59:38:59:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:62:9:62:20 | ...[...] | sequel.rb:62:14:62:19 | :table | +| sequel.rb:65:9:65:20 | ...[...] | sequel.rb:65:14:65:19 | :table | diff --git a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql new file mode 100644 index 00000000000..9645c5d4f17 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql @@ -0,0 +1,7 @@ +private import codeql.ruby.DataFlow +private import codeql.ruby.Concepts +private import codeql.ruby.frameworks.Sequel + +query predicate sequelSqlConstruction(SqlConstruction c, DataFlow::Node sql) { sql = c.getSql() } + +query predicate sequelSqlExecution(SqlExecution e, DataFlow::Node sql) { sql = e.getSql() } diff --git a/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb b/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb new file mode 100644 index 00000000000..d760f6c3d07 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb @@ -0,0 +1,67 @@ +require 'sequel' + +class UsersController < ActionController::Base + def sequel_handler(event:, context:) + name = params[:name] + conn = Sequel.sqlite("sqlite://example.db") + + # BAD: SQL statement constructed from user input + conn["SELECT * FROM users WHERE username='#{name}'"] + + # BAD: SQL statement constructed from user input + conn.run("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.fetch("SELECT * FROM users WHERE username='#{name}'") do |row| + puts row[:name] + end + + # GOOD: SQL statement is not constructed from user input + conn["SELECT * FROM users WHERE username='im_not_input'"] + + # BAD: SQL statement constructed from user input + conn.execute "SELECT * FROM users WHERE username=#{name}" + + # BAD: SQL statement constructed from user input + conn.execute_ddl "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.execute_dui "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.execute_insert "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn << "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.fetch_rows("SELECT * FROM users WHERE username='#{name}'"){|row| } + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_all("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_delete("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_each("SELECT * FROM users WHERE username='#{name}'"){|row| } + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_first("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_insert("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_single_value("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_update("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn[:table].select(Sequel.cast(:a, name)) + + # BAD: SQL statement constructed from user input + conn[:table].select(Sequel.function(name)) + end +end \ No newline at end of file diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected new file mode 100644 index 00000000000..b79057a8479 --- /dev/null +++ b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected @@ -0,0 +1,75 @@ +edges +| unicode_normalization.rb:7:5:7:17 | unicode_input | unicode_normalization.rb:8:23:8:35 | unicode_input | +| unicode_normalization.rb:7:5:7:17 | unicode_input | unicode_normalization.rb:9:22:9:34 | unicode_input | +| unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:7:21:7:42 | ...[...] | +| unicode_normalization.rb:7:21:7:42 | ...[...] | unicode_normalization.rb:7:5:7:17 | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | unicode_normalization.rb:16:27:16:39 | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | unicode_normalization.rb:16:27:16:39 | unicode_input | +| unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:15:21:15:42 | ...[...] | +| unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:15:21:15:42 | ...[...] | +| unicode_normalization.rb:15:21:15:42 | ...[...] | unicode_normalization.rb:15:5:15:17 | unicode_input | +| unicode_normalization.rb:15:21:15:42 | ...[...] | unicode_normalization.rb:15:5:15:17 | unicode_input | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | +| unicode_normalization.rb:16:27:16:39 | unicode_input | unicode_normalization.rb:16:27:16:59 | call to sub | +| unicode_normalization.rb:16:27:16:39 | unicode_input | unicode_normalization.rb:16:27:16:59 | call to sub | +| unicode_normalization.rb:16:27:16:59 | call to sub | unicode_normalization.rb:16:5:16:23 | unicode_input_manip | +| unicode_normalization.rb:24:5:24:17 | unicode_input | unicode_normalization.rb:25:37:25:49 | unicode_input | +| unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:24:21:24:42 | ...[...] | +| unicode_normalization.rb:24:21:24:42 | ...[...] | unicode_normalization.rb:24:5:24:17 | unicode_input | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | +| unicode_normalization.rb:25:25:25:50 | call to html_escape | unicode_normalization.rb:25:5:25:21 | unicode_html_safe | +| unicode_normalization.rb:25:37:25:49 | unicode_input | unicode_normalization.rb:25:25:25:50 | call to html_escape | +| unicode_normalization.rb:33:5:33:17 | unicode_input | unicode_normalization.rb:34:40:34:52 | unicode_input | +| unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:33:21:33:42 | ...[...] | +| unicode_normalization.rb:33:21:33:42 | ...[...] | unicode_normalization.rb:33:5:33:17 | unicode_input | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | +| unicode_normalization.rb:34:25:34:53 | call to escapeHTML | unicode_normalization.rb:34:25:34:63 | call to html_safe | +| unicode_normalization.rb:34:25:34:63 | call to html_safe | unicode_normalization.rb:34:5:34:21 | unicode_html_safe | +| unicode_normalization.rb:34:40:34:52 | unicode_input | unicode_normalization.rb:34:25:34:53 | call to escapeHTML | +nodes +| unicode_normalization.rb:7:5:7:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:7:21:7:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:7:21:7:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:8:23:8:35 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:9:22:9:34 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:21:15:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:15:21:15:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:15:21:15:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:16:27:16:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:16:27:16:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:16:27:16:59 | call to sub | semmle.label | call to sub | +| unicode_normalization.rb:17:23:17:41 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:18:22:18:40 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:24:5:24:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:24:21:24:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:24:21:24:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:25:25:25:50 | call to html_escape | semmle.label | call to html_escape | +| unicode_normalization.rb:25:37:25:49 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:26:23:26:39 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:27:22:27:38 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:33:5:33:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:33:21:33:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:33:21:33:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:34:25:34:53 | call to escapeHTML | semmle.label | call to escapeHTML | +| unicode_normalization.rb:34:25:34:63 | call to html_safe | semmle.label | call to html_safe | +| unicode_normalization.rb:34:40:34:52 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:35:23:35:39 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:36:22:36:38 | unicode_html_safe | semmle.label | unicode_html_safe | +subpaths +#select +| unicode_normalization.rb:8:23:8:35 | unicode_input | unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:8:23:8:35 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:8:23:8:35 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:7:21:7:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:9:22:9:34 | unicode_input | unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:9:22:9:34 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:9:22:9:34 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:7:21:7:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:17:23:17:41 | unicode_input_manip | unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:15:21:15:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:18:22:18:40 | unicode_input_manip | unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:15:21:15:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:26:23:26:39 | unicode_html_safe | unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:24:21:24:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:27:22:27:38 | unicode_html_safe | unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:24:21:24:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:35:23:35:39 | unicode_html_safe | unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:33:21:33:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:36:22:36:38 | unicode_html_safe | unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:33:21:33:26 | call to params | remote user-controlled data | diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.qlref b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.qlref new file mode 100644 index 00000000000..2faba2ebb12 --- /dev/null +++ b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.qlref @@ -0,0 +1 @@ +experimental/cwe-176/UnicodeBypassValidation.ql diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb new file mode 100644 index 00000000000..848be4b081c --- /dev/null +++ b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb @@ -0,0 +1,38 @@ +require "erb" +include ERB::Util +require 'cgi' + +class UnicodeNormalizationOKController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + normalized_nfkc = unicode_input.unicode_normalize(:nfkc) # $MISSING:result=OK + normalized_nfc = unicode_input.unicode_normalize(:nfc) # $MISSING:result=OK + end +end + +class UnicodeNormalizationStrManipulationController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_input_manip = unicode_input.sub(/[aeiou]/, "*") + normalized_nfkc = unicode_input_manip.unicode_normalize(:nfkc) # $result=BAD + normalized_nfc = unicode_input_manip.unicode_normalize(:nfc) # $result=BAD + end +end + +class UnicodeNormalizationHtMLEscapeController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_html_safe = html_escape(unicode_input) + normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD + normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD + end +end + +class UnicodeNormalizationCGIHtMLEscapeController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe + normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkd) # $result=BAD + normalized_nfc = unicode_html_safe.unicode_normalize(:nfd) # $result=BAD + end +end diff --git a/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb b/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb new file mode 100644 index 00000000000..549be489858 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb @@ -0,0 +1,70 @@ +class FooController < ActionController::Base + + def some_request_handler + # A string tainted by user input is inserted into a query + # (i.e a remote flow source) + name = params[:name] + + # Establish a connection to a PostgreSQL database + conn = PG::Connection.open(:dbname => 'postgresql', :user => 'user', :password => 'pass', :host => 'localhost', :port => '5432') + + # .exec() and .async_exec() + # BAD: SQL statement constructed from user input + qry1 = "SELECT * FROM users WHERE username = '#{name}';" + conn.exec(qry1) + conn.async_exec(qry1) + + # .exec_params() and .async_exec_params() + # BAD: SQL statement constructed from user input + qry2 = "SELECT * FROM users WHERE username = '#{name}';" + conn.exec_params(qry2) + conn.async_exec_params(qry2) + + # .exec_params() and .async_exec_params() + # GOOD: SQL statement constructed from sanitized user input + qry2 = "SELECT * FROM users WHERE username = $1;" + conn.exec_params(qry2, [name]) + conn.async_exec_params(qry2, [name]) + + # .prepare() and .exec_prepared() + # BAD: SQL statement constructed from user input + qry3 = "SELECT * FROM users WHERE username = '#{name}';" + conn.prepare("query_1", qry3) + conn.exec_prepared('query_1') + + # .prepare() and .exec_prepared() + # GOOD: SQL statement constructed from sanitized user input + qry3 = "SELECT * FROM users WHERE username = $1;" + conn.prepare("query_2", qry3) + conn.exec_prepared('query_2', [name]) + + # .prepare() and .exec_prepared() + # NOT EXECUTED: SQL statement constructed from user input but not executed + qry3 = "SELECT * FROM users WHERE username = '#{name}';" + conn.prepare("query_3", qry3) + end +end + +class BarController < ApplicationController + def safe_paths + name1 = params["name1"] + # GOOD: barrier guard prevents taint flow + if name == "admin" + qry_bar1 = "SELECT * FROM users WHERE username = '%s';" % name + else + qry_bar1 = "SELECT * FROM users WHERE username = 'none';" + end + conn.exec_params(qry_bar1) + + + name2 = params["name2"] + # GOOD: barrier guard prevents taint flow + name2 = if ["admin", "guest"].include? name2 + name2 + else + name2 = "none" + end + qry_bar2 = "SELECT * FROM users WHERE username = '%s';" % name + conn.exec_params(qry_bar2) + end +end diff --git a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected index 087063a6ac4..0cc0d213dcc 100644 --- a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected +++ b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected @@ -55,6 +55,18 @@ edges | ArelInjection.rb:4:5:4:8 | name | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | | ArelInjection.rb:4:12:4:17 | call to params | ArelInjection.rb:4:12:4:29 | ...[...] | | ArelInjection.rb:4:12:4:29 | ...[...] | ArelInjection.rb:4:5:4:8 | name | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:13:5:13:8 | qry1 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:19:5:19:8 | qry2 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:31:5:31:8 | qry3 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:43:5:43:8 | qry3 | +| PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:6:12:6:24 | ...[...] | +| PgInjection.rb:6:12:6:24 | ...[...] | PgInjection.rb:6:5:6:8 | name | +| PgInjection.rb:13:5:13:8 | qry1 | PgInjection.rb:14:15:14:18 | qry1 | +| PgInjection.rb:13:5:13:8 | qry1 | PgInjection.rb:15:21:15:24 | qry1 | +| PgInjection.rb:19:5:19:8 | qry2 | PgInjection.rb:20:22:20:25 | qry2 | +| PgInjection.rb:19:5:19:8 | qry2 | PgInjection.rb:21:28:21:31 | qry2 | +| PgInjection.rb:31:5:31:8 | qry3 | PgInjection.rb:32:29:32:32 | qry3 | +| PgInjection.rb:43:5:43:8 | qry3 | PgInjection.rb:44:29:44:32 | qry3 | nodes | ActiveRecordInjection.rb:8:25:8:28 | name | semmle.label | name | | ActiveRecordInjection.rb:8:31:8:34 | pass | semmle.label | pass | @@ -133,6 +145,19 @@ nodes | ArelInjection.rb:4:12:4:17 | call to params | semmle.label | call to params | | ArelInjection.rb:4:12:4:29 | ...[...] | semmle.label | ...[...] | | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | semmle.label | "SELECT * FROM users WHERE nam..." | +| PgInjection.rb:6:5:6:8 | name | semmle.label | name | +| PgInjection.rb:6:12:6:17 | call to params | semmle.label | call to params | +| PgInjection.rb:6:12:6:24 | ...[...] | semmle.label | ...[...] | +| PgInjection.rb:13:5:13:8 | qry1 | semmle.label | qry1 | +| PgInjection.rb:14:15:14:18 | qry1 | semmle.label | qry1 | +| PgInjection.rb:15:21:15:24 | qry1 | semmle.label | qry1 | +| PgInjection.rb:19:5:19:8 | qry2 | semmle.label | qry2 | +| PgInjection.rb:20:22:20:25 | qry2 | semmle.label | qry2 | +| PgInjection.rb:21:28:21:31 | qry2 | semmle.label | qry2 | +| PgInjection.rb:31:5:31:8 | qry3 | semmle.label | qry3 | +| PgInjection.rb:32:29:32:32 | qry3 | semmle.label | qry3 | +| PgInjection.rb:43:5:43:8 | qry3 | semmle.label | qry3 | +| PgInjection.rb:44:29:44:32 | qry3 | semmle.label | qry3 | subpaths #select | ActiveRecordInjection.rb:10:33:10:67 | "name='#{...}' and pass='#{...}'" | ActiveRecordInjection.rb:70:23:70:28 | call to params | ActiveRecordInjection.rb:10:33:10:67 | "name='#{...}' and pass='#{...}'" | This SQL query depends on a $@. | ActiveRecordInjection.rb:70:23:70:28 | call to params | user-provided value | @@ -159,3 +184,9 @@ subpaths | ActiveRecordInjection.rb:177:43:177:104 | "SELECT * FROM users WHERE id ..." | ActiveRecordInjection.rb:173:5:173:10 | call to params | ActiveRecordInjection.rb:177:43:177:104 | "SELECT * FROM users WHERE id ..." | This SQL query depends on a $@. | ActiveRecordInjection.rb:173:5:173:10 | call to params | user-provided value | | ActiveRecordInjection.rb:178:35:178:96 | "SELECT * FROM users WHERE id ..." | ActiveRecordInjection.rb:173:5:173:10 | call to params | ActiveRecordInjection.rb:178:35:178:96 | "SELECT * FROM users WHERE id ..." | This SQL query depends on a $@. | ActiveRecordInjection.rb:173:5:173:10 | call to params | user-provided value | | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | ArelInjection.rb:4:12:4:17 | call to params | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | This SQL query depends on a $@. | ArelInjection.rb:4:12:4:17 | call to params | user-provided value | +| PgInjection.rb:14:15:14:18 | qry1 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:14:15:14:18 | qry1 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:15:21:15:24 | qry1 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:15:21:15:24 | qry1 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:20:22:20:25 | qry2 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:20:22:20:25 | qry2 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:21:28:21:31 | qry2 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:21:28:21:31 | qry2 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:32:29:32:32 | qry3 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:32:29:32:32 | qry3 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:44:29:44:32 | qry3 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:44:29:44:32 | qry3 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | \ No newline at end of file diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 64199d2b5ca..cc83ed1e68c 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.13 + +No user-facing changes. + ## 0.0.12 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.0.13.md b/shared/regex/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..f679eaf0313 --- /dev/null +++ b/shared/regex/change-notes/released/0.0.13.md @@ -0,0 +1,3 @@ +## 0.0.13 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 997fb8da83c..044e54e4f7e 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.13 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index ef9519ead25..86b105c881a 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.0.13-dev +version: 0.0.14-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 52bdc7e1442..5e42000c1d1 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.0.17.md b/shared/ssa/change-notes/released/0.0.17.md new file mode 100644 index 00000000000..62cc89030a6 --- /dev/null +++ b/shared/ssa/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a49f7be4cff..cbc3d3cd493 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 4bb3d04e800..55ebe316292 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.0.17-dev +version: 0.0.18-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1e8bd30fccd..02876619527 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.0.10.md b/shared/tutorial/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/tutorial/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 37c2fca38b4..af7544c0ae9 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.0.10-dev +version: 0.0.11-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 77af08547b4..c8729dc39f8 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.0.10.md b/shared/typetracking/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/typetracking/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 499f5cc4d34..10e32e39f99 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.0.10-dev +version: 0.0.11-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 600b6f93329..472d0ef41a5 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.0.17.md b/shared/typos/change-notes/released/0.0.17.md new file mode 100644 index 00000000000..62cc89030a6 --- /dev/null +++ b/shared/typos/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a49f7be4cff..cbc3d3cd493 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 6d0b76e1ce5..fa4fe52aace 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.0.17-dev +version: 0.0.18-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index aad25b929dc..99aa576343d 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.0.10.md b/shared/util/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/util/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 8ff9a0efdb6..c044709ceee 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.0.10-dev +version: 0.0.11-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 9e8194d5e01..9119d5fc839 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.2 + +No user-facing changes. + ## 0.0.1 ### Minor Analysis Improvements diff --git a/shared/yaml/change-notes/released/0.0.2.md b/shared/yaml/change-notes/released/0.0.2.md new file mode 100644 index 00000000000..5ab250998ed --- /dev/null +++ b/shared/yaml/change-notes/released/0.0.2.md @@ -0,0 +1,3 @@ +## 0.0.2 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index c6933410b71..55dc06fbd76 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.1 +lastReleaseVersion: 0.0.2 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 75a796f2ba3..6b9f33c9125 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.0.2-dev +version: 0.0.3-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/actions/run-ql-tests/action.yml b/swift/actions/run-ql-tests/action.yml index 436f913e630..da10997df44 100644 --- a/swift/actions/run-ql-tests/action.yml +++ b/swift/actions/run-ql-tests/action.yml @@ -26,6 +26,7 @@ runs: --check-repeated-labels \ --check-redefined-labels \ --check-use-before-definition \ + --consistency-queries "${{ github.workspace }}/swift/ql/consistency-queries" \ --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" \ ${{ inputs.flags }} \ swift/ql/test diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme new file mode 100644 index 00000000000..44e36e15e90 --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme @@ -0,0 +1,2618 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme new file mode 100644 index 00000000000..ba4171b90d0 --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme @@ -0,0 +1,2630 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_count_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int literal_capacity_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties new file mode 100644 index 00000000000..24d1f9b8e02 --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties @@ -0,0 +1,2 @@ +description: Revert removing `getInterpolationCountExpr` and `getLiteralCapacityExpr` from `InterpolatedStringLiteralExpr` +compatibility: backwards diff --git a/swift/extractor/translators/ExprTranslator.cpp b/swift/extractor/translators/ExprTranslator.cpp index 9c24dfb823b..6939415913b 100644 --- a/swift/extractor/translators/ExprTranslator.cpp +++ b/swift/extractor/translators/ExprTranslator.cpp @@ -61,10 +61,6 @@ codeql::InterpolatedStringLiteralExpr ExprTranslator::translateInterpolatedStrin const swift::InterpolatedStringLiteralExpr& expr) { auto entry = createExprEntry(expr); entry.interpolation_expr = dispatcher.fetchOptionalLabel(expr.getInterpolationExpr()); - // TODO we should be extracting getInterpolationCount and getLiteralCapacity directly to ints - // these expressions here are just an internal thing, the ints are actually directly available - entry.interpolation_count_expr = dispatcher.fetchOptionalLabel(expr.getInterpolationCountExpr()); - entry.literal_capacity_expr = dispatcher.fetchOptionalLabel(expr.getLiteralCapacityExpr()); entry.appending_expr = dispatcher.fetchOptionalLabel(expr.getAppendingExpr()); return entry; } diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index a28e6ba533b..6394bc951c9 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -24,7 +24,6 @@ lib/codeql/swift/elements/decl/ConcreteVarDecl.qll 94bcbdd91f461295c5b6b49fa597b lib/codeql/swift/elements/decl/ConcreteVarDeclConstructor.qll 4b6a9f458db5437f9351b14464b3809a78194029554ea818b3e18272c17afba3 a60d695b0d0ffa917ad01908bec2beaa663e644eddb00fb370fbc906623775d4 lib/codeql/swift/elements/decl/DeinitializerConstructor.qll 85f29a68ee5c0f2606c51e7a859f5f45fbc5f373e11b5e9c0762c9ba5cff51c4 6b28f69b8125d0393607dbad8e7a8aaa6469b9c671f67e8e825cc63964ed2f5d lib/codeql/swift/elements/decl/EnumCaseDeclConstructor.qll 8c907544170671f713a8665d294eeefdbe78a607c2f16e2c630ea9c33f484baf eec83efc930683628185dbdad8f73311aad510074d168a53d85ea09d13f1f7e1 -lib/codeql/swift/elements/decl/EnumDecl.qll 29f9d8cbfb19c174af9a666162fd918af7f962fa5d97756105e78d5eec38cb9e 779940ebdbd510eb651972c57eb84b04af39c44ef59a8c307a44549ab730febb lib/codeql/swift/elements/decl/EnumDeclConstructor.qll 642bbfb71e917d84695622f3b2c7b36bf5be4e185358609810267ab1fc4e221b f6e06d79e7ff65fbabf72c553508b67406fb59c577215d28cc47971d34b6af05 lib/codeql/swift/elements/decl/EnumElementDeclConstructor.qll 736074246a795c14a30a8ec7bb8da595a729983187887294e485487309919dc6 4614fb380fad7af1b5fb8afce920f3e7350378254ece60d19722046046672fbb lib/codeql/swift/elements/decl/ExtensionDeclConstructor.qll 4f811e3332720327d2b9019edbb2fa70fb24322e72881afc040e7927452409d6 554f9832311dfc30762507e0bd4b25c5b6fdb9d0c4e8252cc5a1ef1033fafacb @@ -367,9 +366,9 @@ lib/codeql/swift/elements/type/WeakStorageType.qll 7c07739cfc1459f068f24fef74838 lib/codeql/swift/elements/type/WeakStorageTypeConstructor.qll d88b031ef44d6de14b3ddcff2eb47b53dbd11550c37250ff2edb42e5d21ec3e9 26d855c33492cf7a118e439f7baeed0e5425cfaf058b1dcc007eca7ed765c897 lib/codeql/swift/elements.qll 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd lib/codeql/swift/generated/AstNode.qll 02ca56d82801f942ae6265c6079d92ccafdf6b532f6bcebd98a04029ddf696e4 6216fda240e45bd4302fa0cf0f08f5f945418b144659264cdda84622b0420aa2 -lib/codeql/swift/generated/AvailabilityInfo.qll c648a66cf45414c85cf9cc69aa05b765a49d0c18cd9c101c34f99a9adc38a1ee 54ba7b07b4177d35e85d19363aa7adcda29cda185a5818e5fcb7c678c093e0ba +lib/codeql/swift/generated/AvailabilityInfo.qll 1e38e7f52ccbcecd4dd088eae15c482d87911682dabb426332cc0e207fc6bf2f 7c6640530cdbece90d4172e8d6cfd119656860da08bb61ed4ef3a6757723994f lib/codeql/swift/generated/AvailabilitySpec.qll fb1255f91bb5e41ad4e9c675a2efbc50d0fb366ea2de68ab7eebd177b0795309 144e0c2e7d6c62ecee43325f7f26dcf437881edf0b75cc1bc898c6c4b61fdeaf -lib/codeql/swift/generated/Callable.qll 9dcf09a2f227dd6f569f007a07fb368d6b928ffd002535bb97118361430d948c 5c203f5f6b4f8b6748e61e09bb46c55442a2fb36f2d1fa950e6f81bdda562709 +lib/codeql/swift/generated/Callable.qll c1f214f5ea4da567d3cf2ac4915630ae1e19c939d2aa64cdd5ab06e76de059dc c43fd17a89d016a31584de10e4d4988f3ea10dc26d6b59b3151bb3196e9f0689 lib/codeql/swift/generated/Comment.qll f58b49f6e68c21f87c51e2ff84c8a64b09286d733e86f70d67d3a98fe6260bd6 975bbb599a2a7adc35179f6ae06d9cbc56ea8a03b972ef2ee87604834bc6deb1 lib/codeql/swift/generated/DbFile.qll a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc lib/codeql/swift/generated/DbLocation.qll b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 @@ -377,68 +376,68 @@ lib/codeql/swift/generated/Diagnostics.qll d2ee2db55e932dcaee95fcc1164a51ffbe1a7 lib/codeql/swift/generated/Element.qll 81a01c1965cf8154596c753b20536ef8630b30567d8c077660ab2d11143f060b 74f5c76db5ec82a9c1675ec0282acd44f1a86ef447d1961c47aea3eed50f79cb lib/codeql/swift/generated/ErrorElement.qll 4b032abe8ffb71376a29c63e470a52943ace2527bf7b433c97a8bf716f9ad102 4f2b1be162a5c275e3264dbc51bf98bce8846d251be8490a0d4b16cbc85f630f lib/codeql/swift/generated/File.qll f88c485883dd9b2b4a366080e098372912e03fb3177e5cae58aa4449c2b03399 0333c49e3a11c48e6146a7f492ee31ac022d80150fc3f8bfafc3c8f94d66ff76 -lib/codeql/swift/generated/KeyPathComponent.qll 00b1e586b8532f0193b3f61111e70d4e595f3d45c7a25ff68114be1051882491 c556e85b21fc5a5aae12fb5599a96442431ef44ae92350eb7da9efe6a22efd53 -lib/codeql/swift/generated/Locatable.qll bfdf2dafae2829cac8d1e863a93676228d131b5a7f3df87c40d2f3b1839962b8 af243098af0955a40862387edf7526826fde62a64e5e6ca28de9e9603a8622bf -lib/codeql/swift/generated/Location.qll 921922352d39449067d9f2788309b5f3490091097ffe35e6aa98f9368626ce2c 0795c63565c4308e745400bc70ea73675160201590a95bb418de4e2ebca32764 +lib/codeql/swift/generated/KeyPathComponent.qll c79c7bc04fc1426992ab472eedc1a20a7aa496ff3f43305400022f1a02ba44f4 a9935b68b511329d157bcd7a7d27aa4803d2163306db8b41808a2b736f80f4d8 +lib/codeql/swift/generated/Locatable.qll be20967d48a34cdba126fe298606e0adc11697831f097acba9c52a0b7ce9983e 8aa01bc376614abbc3209e25785c72f86c9b4e94bb5f471a4a0677fedaec4f61 +lib/codeql/swift/generated/Location.qll c5793987e77812059a28254dadee29bfe9b38153c0399fbb1bf6a2f5c237fdab 6e6d8802b021e36bbaad81845657769dd48a798ea33080ada05e9818a20b38f7 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll f490202e849b9cbd550ee9d758644b85d43e60d81413e6c28df2850fb1e9a2d6 6b95aeab6b53a880b230ad0c96b6deb519a7368898c844632ae96090de59df99 +lib/codeql/swift/generated/ParentChild.qll 5c5ff9812efbed0adf465d1c8b9108c893c77ff946f6feaaec7223ad38664079 94038dcd8a5e98b959ce9f09b7b54b745b0df49b91339b9396017a209abe8bb7 lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Raw.qll 87402f6b1a0173503a545b57b06c0e320459410834c9adc7a25b2ae53874075e 49e27ddf824decdf21c0531b1ebb3fa007a869ec63bde9f60d08a68fae12acc6 lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 lib/codeql/swift/generated/UnknownLocation.qll e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 -lib/codeql/swift/generated/UnspecifiedElement.qll e121c84a2990fe314ab0756832776fe98fbc41f295d532b6e154aca1c5513b13 ee70eedad752175dbeee83c07fdb2ae7f4fa080fec7ba2be408469dfa11a0b4a -lib/codeql/swift/generated/decl/AbstractStorageDecl.qll 8ed642e35b066cc65b3d8ad16cf6c726cf0b3802330b0c3d3ba87b34451005d1 3474ad1468f09bf63f3582468ed97e9ed3b3ee61db90a4d31966cc97d9ca1b18 +lib/codeql/swift/generated/UnspecifiedElement.qll ad04c197266069baf505e529e62751ab3056b4bac5db378fe1f79bbdfa29e066 a5058c7e3e0ba7d52710161e349a71f3e963d4abe07ca581ad663395fc50e972 +lib/codeql/swift/generated/decl/AbstractStorageDecl.qll 4e827d05b3b98c043f925a3bd9c00622da3dc6e3d3406f5a18b2c3a684e3774f 47e5767a6f9a87f848cccce651d8c40af8aa3e0e727fc147cbf4d5a2a3e483d9 lib/codeql/swift/generated/decl/AbstractTypeParamDecl.qll 1e268b00d0f2dbbd85aa70ac206c5e4a4612f06ba0091e5253483635f486ccf9 5479e13e99f68f1f347283535f8098964f7fd4a34326ff36ad5711b2de1ab0d0 lib/codeql/swift/generated/decl/Accessor.qll c93cdf7dbb87e6c9b09b5fcf469b952041f753914a892addeb24bb46eaa51d29 1e8104da2da146d3e4d8f5f96b87872e63162e53b46f9c7038c75db51a676599 lib/codeql/swift/generated/decl/AccessorOrNamedFunction.qll b78aaef06cdaa172dce3e1dcd6394566b10ce445906e3cf67f6bef951b1662a4 a30d9c2ff79a313c7d0209d72080fdc0fabf10379f8caed5ff2d72dc518f8ad3 lib/codeql/swift/generated/decl/AssociatedTypeDecl.qll 4169d083104f9c089223ed3c5968f757b8cd6c726887bbb6fbaf21f5ed7ee144 4169d083104f9c089223ed3c5968f757b8cd6c726887bbb6fbaf21f5ed7ee144 -lib/codeql/swift/generated/decl/CapturedDecl.qll f8b69887acb35cc8de572984fef83eb08649845b49179b68d3afef36b526bddb 94ab461ef9ab5983dece5e2b1865b6056e381e5c06f2a3ec4dfde634a9368e59 +lib/codeql/swift/generated/decl/CapturedDecl.qll bdc7479fd577a8830cf0672763656e0269f02681f40890c64ae3f413655589ef 4380339650dfbed9c4846691f0c4bc0aea51a8e11112add54e0add2222dff8a0 lib/codeql/swift/generated/decl/ClassDecl.qll a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 lib/codeql/swift/generated/decl/ConcreteVarDecl.qll 4801ccc477480c4bc4fc117976fbab152e081064e064c97fbb0f37199cb1d0a8 4d7cfbf5b39b307dd673781adc220fdef04213f2e3d080004fa658ba6d3acb8d -lib/codeql/swift/generated/decl/Decl.qll 1d620c8e43df3cb46e5446dc9f6592205040c4d2b03c2ce1e491d7628f8904d0 b02514d7548a5a1dca39a148974a1b4dfeb681ebf81ad80f78d53ea48bab6133 +lib/codeql/swift/generated/decl/Decl.qll 85640016fc2384d4a06a9c61502f38f63b3412d40ecb00d060e8ade9323e8583 b344fcb0369d0452e5154c3726af4154b212512ce287b17fb4c9451d4b74ce2b lib/codeql/swift/generated/decl/Deinitializer.qll 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe -lib/codeql/swift/generated/decl/EnumCaseDecl.qll 564718862a9fd5b99427591a83921bf57aac2074041b5b335577599e8eefda16 90899d7d7a9c695576ae4b24d19deb05e45e0e85c954ab41de154d5cc521019e +lib/codeql/swift/generated/decl/EnumCaseDecl.qll 7370ff068f6650c74f324fbcad8782067fa42ff12d57cc5f6320df6d55357c97 9044207eb9592c68c8d36af570e45b7dbb5af00e00ded65793d08cea3ee6410b lib/codeql/swift/generated/decl/EnumDecl.qll fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 -lib/codeql/swift/generated/decl/EnumElementDecl.qll 41cad9be29b7afd56ba312ce00650ed89bffec2e2aaeed7bf26cd3dc0edb502e 33ac9ee5b205d32e5cf6a31f3f4bfd0f60b49fb0265200fd9e4dbbd5426fff02 -lib/codeql/swift/generated/decl/ExtensionDecl.qll 5472aa7cea119b68571065143fb4b2e335df003184efe8b8f28a98fd3ca3691e f65c8b078d1c34047cc66f5eb75dae8243e7aa42a7f3f2c21ea1ccf76eb9e7b9 +lib/codeql/swift/generated/decl/EnumElementDecl.qll 53074d5ae6249ca07c44879f4662b4d0478418cd8bd60c5511db52cf00942cc2 c38469c60df7c14d9d9c426600d1648dc1db177bd27ba1116649c48337b95358 +lib/codeql/swift/generated/decl/ExtensionDecl.qll 51cdf6227526fc769d4361b821d01e20a2b508ad8289af1002a0a947d8df295f 6a13f93179222f8d0e7e6b5a08dd8583fa0381644847b56509a85e6f008936e6 lib/codeql/swift/generated/decl/Function.qll 92d1fbceb9e96afd00a1dfbfd15cec0063b3cba32be1c593702887acc00a388a 0cbae132d593b0313a2d75a4e428c7f1f07a88c1f0491a4b6fa237bb0da71df3 -lib/codeql/swift/generated/decl/GenericContext.qll 5bbed6687f985dc8e812e48ae6ac17ec98d6cfccc6a72bee82afde58ccad07f7 ef7a2fa2646dd619af8f49ed1a12ce880a345dfc36b44e67868d733fc3b309e6 +lib/codeql/swift/generated/decl/GenericContext.qll 9f7e17d11bf898429a921ba7726b07aab382c97f8326bd186f2bded3d090852c 14d558b6e498d49b850f862d85091a11954dad13f16c60f700cf2c66fa37c473 lib/codeql/swift/generated/decl/GenericTypeDecl.qll 71f5c9c6078567dda0a3ac17e2d2d590454776b2459267e31fed975724f84aec 669c5dbd8fad8daf007598e719ac0b2dbcb4f9fad698bffb6f1d0bcd2cee9102 lib/codeql/swift/generated/decl/GenericTypeParamDecl.qll bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 -lib/codeql/swift/generated/decl/IfConfigDecl.qll 07ae599c23c75d4a1fc7f188dce70cf1ded749368274f071b5b9639b5e54f69a ef8dc3f91edf40b9f8e84672060cea0de1a9c6545fd7aadb80225d3ca8f883e9 -lib/codeql/swift/generated/decl/ImportDecl.qll 1adafa6660d0b3968d1ee8cbcb4632d3b3baaa8a72874d3c9c0f6185eac4bc3e 8e68a538da2bac088001427cbdf6234cfe33071f82193aa52dc99cb9be893f2d -lib/codeql/swift/generated/decl/InfixOperatorDecl.qll 3d94018c33422b6fbe18348d0d47c0747358777501155d49abd3c8f5012c8a5d 855b73306f510828ad30555d6bba98cd9eab918de9e78696921ccac584828fd6 +lib/codeql/swift/generated/decl/IfConfigDecl.qll f1decc68b28dfb43ec70070156d19d6ef0943d8cf375ea639adf13da19398586 75fe6359304693a002987d57865d52b9fca84023752432c98e2f0dbc2830da7e +lib/codeql/swift/generated/decl/ImportDecl.qll 542405d7a75659d048d1ff8894a0cc0d357802c2936407ec39b7e4f69d2dd864 41ee9a9f1fc8068db587ac786145cf50f74f74161555ca94b502a57cca23288a +lib/codeql/swift/generated/decl/InfixOperatorDecl.qll 3da133c325380fbc10448b731d5826959056ca861d3a0661e7c37694e5ccb208 bb81c8e1597a1fb7e791e3c4c4ed28a73c442591bff2b12d13a7a327a7b6db08 lib/codeql/swift/generated/decl/Initializer.qll a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 lib/codeql/swift/generated/decl/MissingMemberDecl.qll eaf8989eda461ec886a2e25c1e5e80fc4a409f079c8d28671e6e2127e3167479 d74b31b5dfa54ca5411cd5d41c58f1f76cfccc1e12b4f1fdeed398b4faae5355 -lib/codeql/swift/generated/decl/ModuleDecl.qll dd7bef7f19a5d2f57f0168eda80796ed8a74c7a136b3dc0cb289c3f750ef9a25 652d44d1ac5e31e4ccf4c5d29f2c5b985c68c4254458c3bfce09c2a821631f8f +lib/codeql/swift/generated/decl/ModuleDecl.qll b080281f68ef9943f6b0a808a151375fa8bc7539baaa55689abc16aa9024ff13 f948fd2545b9535335f857d7303a0b7c77ccf62ec49ed066726c6a77b273e5f8 lib/codeql/swift/generated/decl/NamedFunction.qll e8c23d8344768fb7ffe31a6146952fb45f66e25c2dd32c91a6161aaa612e602f e8c23d8344768fb7ffe31a6146952fb45f66e25c2dd32c91a6161aaa612e602f -lib/codeql/swift/generated/decl/NominalTypeDecl.qll 64914282b062364d81b013922069404d49b8c8830cc23944281d023779a9925c 72d45c5b6073cb32e6df6b62c2c919be50314d9380b955035cfadf500b3dbccf -lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll 4dc0fc09fe314cdc6788adb4a93e87a7c8121e3fecaada19a436321d248d377a 4e20e1820ddf7b23268707a2b98bbafc400219533f357189a267f8e35b89226e +lib/codeql/swift/generated/decl/NominalTypeDecl.qll 3c935fff267db6b6339cadfec9c28764db105a2f1391a28de3d95a3fd156b2ab 14cb4f115b4c09dcdb5d276be4b3b60406486e0acca9d11458d25d0f467ef0ed +lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll b07bcb944d6adff06dad06f8b77729044399e9a2747354e71e55605fb850c705 7e415f4d88f313e52fe6fb908cfac39066ec1302bcbb4ae07ad05b46a86d6b91 lib/codeql/swift/generated/decl/OperatorDecl.qll 3ffdc7ab780ee94a975f0ce3ae4252b52762ca8dbea6f0eb95f951e404c36a5b 25e39ccd868fa2d1fbce0eb7cbf8e9c2aca67d6fd42f76e247fb0fa74a51b230 -lib/codeql/swift/generated/decl/ParamDecl.qll f5d2c9e40aa8a1a77793a6d66fc6b55ded11295ee996b883117ffd6ee2523441 e0137535d7eac959ed10b06ad769b8225c0fadeea03030c7b30191884234e9b9 -lib/codeql/swift/generated/decl/PatternBindingDecl.qll e598dc0ed9373b4ca9646cc7c408f65db6b40d4281c8cfcecd09524df81bfac8 2ff3fe7fd32004649a0d41a0bf6857ac48d3a7b2dd87f5c1ffd9d5eea0673551 +lib/codeql/swift/generated/decl/ParamDecl.qll 21c8c035eaaa0fccc184ac073cea09fb39ee6f72b7d69a7119e38fc88f7ed997 486c55bd555569bae1fb4869745e83910a9635b2ad7d62652889562fcf98a42b +lib/codeql/swift/generated/decl/PatternBindingDecl.qll d59f2b05bfd78faefeabf0ab63e135f74e9731f22dec8c9dd65beabf9bc0956b e453d5033a788781320d60eca09d4b044f505720cb23f12ba2ade59203d24f81 lib/codeql/swift/generated/decl/PostfixOperatorDecl.qll 5aa85fa325020b39769fdb18ef97ef63bd28e0d46f26c1383138221a63065083 5aa85fa325020b39769fdb18ef97ef63bd28e0d46f26c1383138221a63065083 -lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll dc867f12579cec4f9fe95b59dfc31ef0df60cccccaf41abc171a86b7fafaf3f2 4474a913c4bf4e8d60f100bf5a0d57cc042c1362b09dd3c9493cc23a75c32e84 +lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll 2cd5dbd6707fd3920d5f402a3b169c4eac4189f4bebb33eb279de6e038e7329b 183f41a3b5ef928ad733d19225c7212633a3ac4752976c19bd8f821ec8553c0e lib/codeql/swift/generated/decl/PrecedenceGroupDecl.qll d0918f238484052a0af902624b671c04eb8d018ee71ef4931c2fdbb74fa5c5d4 d0918f238484052a0af902624b671c04eb8d018ee71ef4931c2fdbb74fa5c5d4 lib/codeql/swift/generated/decl/PrefixOperatorDecl.qll 18f2a1f83ea880775344fbc57ed332e17edba97a56594da64580baeb45e95a5d 18f2a1f83ea880775344fbc57ed332e17edba97a56594da64580baeb45e95a5d lib/codeql/swift/generated/decl/ProtocolDecl.qll 4b03e3c2a7af66e66e8abc40bd2ea35e71959f471669e551f4c42af7f0fd4566 4b03e3c2a7af66e66e8abc40bd2ea35e71959f471669e551f4c42af7f0fd4566 lib/codeql/swift/generated/decl/StructDecl.qll 9343b001dfeec83a6b41e88dc1ec75744d39c397e8e48441aa4d01493f10026a 9343b001dfeec83a6b41e88dc1ec75744d39c397e8e48441aa4d01493f10026a -lib/codeql/swift/generated/decl/SubscriptDecl.qll d08d46ddff0816541b28e231ba83c41cb51b40d7ccf2e0e7465e62e17078c000 0a1f1741bea4d2a7ebde7cbaf1cd0f7730a9845a8fd45d3457dc1b2b63eab900 -lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll e90cc73d62ad6037f1ec200bf8356292fa48b6890762b68e3fba6a129c888fcd d9152cbdfbc8cfb66695ed10a5729abca1b58275616d16d19aae27fb745bf3aa -lib/codeql/swift/generated/decl/TypeAliasDecl.qll 2058a0699ddffabd7d1d554615bd7e9ce26810ef1c6c68601df46e071eb9a10c 94ba93ef3cc1028a3018831e336316e566b6028eee1d81bf4d754dbdbd401ea8 -lib/codeql/swift/generated/decl/TypeDecl.qll cc40d3a105654461a60f982b6bdb21c7e689e695d314eead245bfeeda92a4572 03d89aa4c77dacdc57cd867b4869b26cdb55a06e2ba6faf3dbb9fce8f881786b -lib/codeql/swift/generated/decl/ValueDecl.qll 7b297ed98f5e985b93c9de6be000d67f71796892599ae8274048d8ad6b6183b9 462c983d4163011b2232b684c9a6c3f01114096c4bb7f862d950380f527e3926 -lib/codeql/swift/generated/decl/VarDecl.qll c648a5432d63a547cd381646f9586b4fc72edb2cff8462533449761b1ec57a56 7f2c157975bc1de7a8b6ff980bed790d864a08f1d6c0de39c106d84d2b49b883 +lib/codeql/swift/generated/decl/SubscriptDecl.qll c0bb8fd0d9d363c253251ea4b6cdceebd316708ce61f49e321318f7ce80ea153 dda76edc25ce4b3c31bcd7cc707143e22c3f887658e8071c646668f445b9f601 +lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll f9b4f8b413e5fd3c0d48910013fe2443143d2ee237084cf3e4eb668d5bc8f460 5c85641375f5b9e658c9467f5c4913e50d4228718aad950e94f55a28edbe28c7 +lib/codeql/swift/generated/decl/TypeAliasDecl.qll b9c4baf4a2eb67d21535da5cbb9894945d66b8aecf8bd91cb8aa8c964188c82f a69db19c25da7232a9139400578cb7eda8b56eb55c7c45d38aa50cc0c063947f +lib/codeql/swift/generated/decl/TypeDecl.qll 21d075b1fb55ce2e89ad73e62edbe1ad3ca429ea5a1c6096ca7aca7eaeea9772 c099f32a24d1be26b7b6e7478b481f8086c74f67cc840a843466715afc069784 +lib/codeql/swift/generated/decl/ValueDecl.qll f34e3414f8700150ccd221aed26e58f64ed43d708a3ccb3c50eff5c12f083303 c2926bebba6bfb997f8a610f7bfd13114b21e92ba0243247543984d6ea71a33e +lib/codeql/swift/generated/decl/VarDecl.qll d326cd9d4e892e6ad2f02847e476218d0f1f1ca012c1bfeca7d656af34c870b4 a2cac56e67fdc32d6f33eac180ca4831cd355343280e2d69cd5a8e17a77a89ce lib/codeql/swift/generated/expr/AbiSafeConversionExpr.qll f4c913df3f1c139a0533f9a3a2f2e07aee96ab723c957fc7153d68564e4fdd6d f4c913df3f1c139a0533f9a3a2f2e07aee96ab723c957fc7153d68564e4fdd6d lib/codeql/swift/generated/expr/AnyHashableErasureExpr.qll f450ac8e316def1cd64dcb61411bae191144079df7f313a5973e59dc89fe367f f450ac8e316def1cd64dcb61411bae191144079df7f313a5973e59dc89fe367f lib/codeql/swift/generated/expr/AnyTryExpr.qll e4759465411c215262909d10d729642779340698165aff0a66986c7dfc822832 83ec7fb0f11e2ffe15f3a0c97318121443936733f1adef17e5baa020bca2de29 -lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll de01c3b68c2a37e9f5dee0729838923cc615d436092e78b608b6f6c23e1b4965 612f72046aa2e49b9d494cad590bfae133bd5c00908ed4c8df82730294d21fb8 -lib/codeql/swift/generated/expr/ApplyExpr.qll 798b999f3da5d6b917ff57a0dc1fde149b906ffd72c6df5bc511f6e2d20a7e8b 8bce7f52c4bce1aad5c0b8a195dd1ab6f1d82289e5eb56fca4b7543be7943d15 +lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll b441c3cad6d462ae0736d5e65742d49b280b907e8e250badb0248f501e1e9144 34a691143585fb9b9d7e3ef0b8d3c7250a73da0d323de6ac632472652bc86a1a +lib/codeql/swift/generated/expr/ApplyExpr.qll d97bce0ce47c42feda140c677c204f9d1c92fe1889760034fe8f1cb330f411d3 f7956f6bff4164adacce06ce2134bc6bf2d0e0261c9b5f7b882e04c0df5c8e0c lib/codeql/swift/generated/expr/ArchetypeToSuperExpr.qll e0b665b7389e5d0cb736426b9fd56abfec3b52f57178a12d55073f0776d8e5b7 e0b665b7389e5d0cb736426b9fd56abfec3b52f57178a12d55073f0776d8e5b7 -lib/codeql/swift/generated/expr/Argument.qll 97991761563d806ff0199e69f4c9eda93e324bb40bd41ddec98388c2146cbd6b c231f4e0320700fe64ce43123027516088b877fddde3be18565e01890f6b10ce +lib/codeql/swift/generated/expr/Argument.qll 441daab359d20018113344d026c1ace38a0acff35e68155a69a887a6fdb90684 43106272cfc5d19d60ca07b9bc4e22ff97b2b2451b67ec8884909c574634a337 lib/codeql/swift/generated/expr/ArrayExpr.qll 9894f7838b23c84c4c0ba442b790ada0231c2dc3508fd30735577397a87d9683 90ed566a71551f3549106bd60b972aca0ba52e8a2b787b58a3161634e26e773e lib/codeql/swift/generated/expr/ArrayToPointerExpr.qll afa9d62eb0f2044d8b2f5768c728558fe7d8f7be26de48261086752f57c70539 afa9d62eb0f2044d8b2f5768c728558fe7d8f7be26de48261086752f57c70539 lib/codeql/swift/generated/expr/AssignExpr.qll 97d41626dfe4e474c5e80aaee433641847a91f5c483f6da6cfc016b454545802 4ca02b4a878f0783f7d7788c85ffbb89c8ed6027c7e6d391ea9892256215358a @@ -451,7 +450,7 @@ lib/codeql/swift/generated/expr/BridgeFromObjCExpr.qll b9a6520d01613dfb8c7606177 lib/codeql/swift/generated/expr/BridgeToObjCExpr.qll 31ca13762aee9a6a17746f40ec4e1e929811c81fdadb27c48e0e7ce6a3a6222d 31ca13762aee9a6a17746f40ec4e1e929811c81fdadb27c48e0e7ce6a3a6222d lib/codeql/swift/generated/expr/BuiltinLiteralExpr.qll 052f8d0e9109a0d4496da1ae2b461417951614c88dbc9d80220908734b3f70c6 536fa290bb75deae0517d53528237eab74664958bf7fdbf8041283415dda2142 lib/codeql/swift/generated/expr/CallExpr.qll c7dc105fcb6c0956e20d40f736db35bd7f38f41c3d872858972c2ca120110d36 c7dc105fcb6c0956e20d40f736db35bd7f38f41c3d872858972c2ca120110d36 -lib/codeql/swift/generated/expr/CaptureListExpr.qll 4e94c2c66020f95af615d98756d7c1843c2744b3c1d83f73f24f6153d9d0592b e35e8190904415e2a1fe12857127c90cfaecde4f6f173d16399f45c0264d207c +lib/codeql/swift/generated/expr/CaptureListExpr.qll 671234408ead93c0d6abc453f774a88f0888956e6ad08d5a1c22aec72b2eec46 601e23e0356341fd6287fb9775f0e86bca6a0de46383e0912854e045e501d42c lib/codeql/swift/generated/expr/CheckedCastExpr.qll 146c24e72cda519676321d3bdb89d1953dfe1810d2710f04cfdc4210ace24c40 91093e0ba88ec3621b538d98454573b5eea6d43075a2ab0a08f80f9b9be336d3 lib/codeql/swift/generated/expr/ClassMetatypeToObjectExpr.qll 076c0f7369af3fffc8860429bd8e290962bf7fc8cf53bbba061de534e99cc8bf 076c0f7369af3fffc8860429bd8e290962bf7fc8cf53bbba061de534e99cc8bf lib/codeql/swift/generated/expr/ClosureExpr.qll f194fc8c5f67fcf0219e8e2de93ee2b820c27a609b2986b68d57a54445f66b61 3cae87f6c6eefb32195f06bc4c95ff6634446ecf346d3a3c94dc05c1539f3de2 @@ -462,8 +461,8 @@ lib/codeql/swift/generated/expr/ConditionalBridgeFromObjCExpr.qll 4a21e63cc54702 lib/codeql/swift/generated/expr/ConditionalCheckedCastExpr.qll 92a999dd1dcc1f498ed2e28b4d65ac697788960a66452a66b5281c287596d42b 92a999dd1dcc1f498ed2e28b4d65ac697788960a66452a66b5281c287596d42b lib/codeql/swift/generated/expr/CovariantFunctionConversionExpr.qll b749118590163eafbd538e71e4c903668451f52ae0dabbb13e504e7b1fefa9e1 abaf3f10d35bab1cf6ab44cb2e2eb1768938985ce00af4877d6043560a6b48ec lib/codeql/swift/generated/expr/CovariantReturnConversionExpr.qll f1b409f0bf54b149deb1a40fbe337579a0f6eb2498ef176ef5f64bc53e94e2fe 532d6cb2ebbb1e6da4b26df439214a5a64ec1eb8a222917ba2913f4ee8d73bd8 -lib/codeql/swift/generated/expr/DeclRefExpr.qll dda3034aba0170fb91ae62e5c8b02af27f3ac682c856af6eba2f8c57c186befe 338e7cfbea450e555191518dfa6b7b43cef3a0a029c4c0adb5101a2471c24c5e -lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll ca9f228742acf990a81308f68a66dc55b35c75f23d5f0cabfdff30a1b99064d7 a97de64329149db8ca6d25635bdda63df0a2bdb600cfe0c71017e2eb3fdecb15 +lib/codeql/swift/generated/expr/DeclRefExpr.qll 06149b37933848032fb6cc4692ff63ee54347cccb79e1fa150129a081afbf5d2 580392ea470c21a58021245f1d7fa08232a2f5314786ba8476282a5fbe403ffe +lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll 77468697fd5cafb05ca166a77e94ce9998c28624e235b626b9afbe1da9a93d4e d813ea7d5973945355a2941ccd3ca72e01745ab6320da429f3694e2465af96d3 lib/codeql/swift/generated/expr/DerivedToBaseExpr.qll 5f371b5b82262efb416af1a54073079dcf857f7a744010294f79a631c76c0e68 5f371b5b82262efb416af1a54073079dcf857f7a744010294f79a631c76c0e68 lib/codeql/swift/generated/expr/DestructureTupleExpr.qll 1214d25d0fa6a7c2f183d9b12c97c679e9b92420ca1970d802ea1fe84b42ccc8 1214d25d0fa6a7c2f183d9b12c97c679e9b92420ca1970d802ea1fe84b42ccc8 lib/codeql/swift/generated/expr/DictionaryExpr.qll f8bab2bdf683f4974be102faea2f8ff48ede5937a9112a1fa149180143052b0a 152ae4811c5282c68b9f2eb7b123631fbe461af7a7947434abf7e523b35b27e2 @@ -477,7 +476,7 @@ lib/codeql/swift/generated/expr/DynamicLookupExpr.qll 0f0d745085364bca3b67f67e34 lib/codeql/swift/generated/expr/DynamicMemberRefExpr.qll 2eab0e58a191624a9bf81a25f5ddad841f04001b7e9412a91e49b9d015259bbe 2eab0e58a191624a9bf81a25f5ddad841f04001b7e9412a91e49b9d015259bbe lib/codeql/swift/generated/expr/DynamicSubscriptExpr.qll f9d7d2fc89f1b724cab837be23188604cefa2c368fa07e942c7a408c9e824f3d f9d7d2fc89f1b724cab837be23188604cefa2c368fa07e942c7a408c9e824f3d lib/codeql/swift/generated/expr/DynamicTypeExpr.qll c29baea6ec5b0b7186b675e3322cd1cee9db8d647e16ac0f716990c22df17074 de9118fdb3778ef76de284992791d3f0f9978876f5799eda39da92c1242e603e -lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll edea1f464dc24ad8d300c547698699704cf7d9232782c2b6a536af6e058d440c 7d860abba668ac5fb078ac7b72d455824331d753751bbfbe7044a85a8365b6a7 +lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll 8df7cf11dff39ec1a8498d4df4cda2ab0fb49a88aaca671c8e4fd6d53bbf2af9 e5b064938c60634eb1060d39b435913286591e1e8d506bbb19ee8faace7105c5 lib/codeql/swift/generated/expr/ErasureExpr.qll c232bc7b612429b97dbd4bb2383c2601c7d12f63312f2c49e695c7a8a87fa72a c232bc7b612429b97dbd4bb2383c2601c7d12f63312f2c49e695c7a8a87fa72a lib/codeql/swift/generated/expr/ErrorExpr.qll 8e354eed5655e7261d939f3831eb6fa2961cdd2cebe41e3e3e7f54475e8a6083 8e354eed5655e7261d939f3831eb6fa2961cdd2cebe41e3e3e7f54475e8a6083 lib/codeql/swift/generated/expr/ExistentialMetatypeToObjectExpr.qll eb0d42aac3f6331011a0e26cf5581c5e0a1b5523d2da94672abdebe70000d65b efe2bc0424e551454acc919abe4dac7fd246b84f1ae0e5d2e31a49cbcf84ce40 @@ -498,18 +497,18 @@ lib/codeql/swift/generated/expr/InOutToPointerExpr.qll 4b9ceffe43f192fac0c428d66 lib/codeql/swift/generated/expr/InitializerRefCallExpr.qll 4556d49d78566ad70a5e784a6db4897dc78ef1f30e67f0052dbb070eca8350f0 4556d49d78566ad70a5e784a6db4897dc78ef1f30e67f0052dbb070eca8350f0 lib/codeql/swift/generated/expr/InjectIntoOptionalExpr.qll b6fafb589901d73e94eb9bb0f5e87b54378d06ccc04c51a9f4c8003d1f23ead6 b6fafb589901d73e94eb9bb0f5e87b54378d06ccc04c51a9f4c8003d1f23ead6 lib/codeql/swift/generated/expr/IntegerLiteralExpr.qll aa54660c47169a35e396ea44430c3c4ec4353e33df1a00bd82aff7119f5af71b 7ba90cf17dd34080a9923253986b0f2680b44c4a4ba6e0fbad8b39d3b20c44b9 -lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll e2c1aadf140c808a615bdc8732a154f6c1f8b79168779e1ba48753506fbd9516 5e9f20ee16b133269de6874c6776611b6f4eaec202a0e6a955a572c2a082ac40 +lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll 8090616e43d79e03c2250352da722f577c4b6531befe40f2d2910db0db3895bc ba09ffbbe3557e6fc6a3219d656e5ce886d70117eea15334cf910825f2250e6e lib/codeql/swift/generated/expr/IsExpr.qll b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 lib/codeql/swift/generated/expr/KeyPathApplicationExpr.qll 157a9c2fcf229b76d104abfa49f74337e20ac4d1fa1be2eaed1290cbd9bd1232 70ec0e7ee2e2c716ba510916fdf6d1d6dd6fd93b740a46c909ddb9e877427fe1 lib/codeql/swift/generated/expr/KeyPathDotExpr.qll ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 -lib/codeql/swift/generated/expr/KeyPathExpr.qll 654b32a92ff8015cb4b8d64c83abed601a884f4181613a7d428e975a945afff5 4c82c7b9d9232e84dd898cb7d3d79c1365481cd9d37444318a776ae509eb023a +lib/codeql/swift/generated/expr/KeyPathExpr.qll 7d088ae6d74193f06b2c121dfde182a228d5ab1498a70fd3ad7bc5cab8e76dcd 5596774318c8eed672ab360c0a1515493176d9edae64f09917ec789514928355 lib/codeql/swift/generated/expr/LazyInitializationExpr.qll b81b831893b0f1c2bcbf48a708267cd54a86dfc6af6dde8b8b57a03e045abff2 b28cf1f4017edee09278a23f403932f91fb1a21ea83778cccf7683b5a57f6480 lib/codeql/swift/generated/expr/LinearFunctionExpr.qll cd4c31bed9d0beb09fdfc57069d28adb3a661c064d9c6f52bb250011d8e212a7 cd4c31bed9d0beb09fdfc57069d28adb3a661c064d9c6f52bb250011d8e212a7 lib/codeql/swift/generated/expr/LinearFunctionExtractOriginalExpr.qll ee7d3e025815b5af392ffc006ec91e3150130f2bd708ab92dbe80f2efa9e6792 bcf9ed64cca2dcf5bb544f6347de3d6faa059a1900042a36555e11dfbe0a6013 lib/codeql/swift/generated/expr/LinearToDifferentiableFunctionExpr.qll f7aa178bff083d8e2822fda63de201d9d7f56f7f59f797ec92826001fca98143 c3ef32483f6da294c066c66b1d40159bc51366d817cf64a364f375f5e5dfa8b0 lib/codeql/swift/generated/expr/LiteralExpr.qll b501f426fa4e638b24d772c2ce4a4e0d40fce25b083a3eee361a66983683ee9d 068208879c86fbd5bed8290ce5962868af6c294a53ad1548cf89cf5a7f8e1781 lib/codeql/swift/generated/expr/LoadExpr.qll 90b9ba4c96c26c476c3692b1200c31071aa10199d3e21ef386ff48b9f0b6d33a 90b9ba4c96c26c476c3692b1200c31071aa10199d3e21ef386ff48b9f0b6d33a -lib/codeql/swift/generated/expr/LookupExpr.qll 12844a93ff8244c9a9c7091b32c56e80a1196dee5fbdd67dafa5329e8d424ed9 da9ba34043930d541751ba3bc828cfcf86cc0fcf3b58bf2a2a0b8d9ad7d73153 +lib/codeql/swift/generated/expr/LookupExpr.qll 612265f7ca68f1f62ea8ceaa74e1a876195c6c3062807b310f834aa04acfaa80 160fbb1efe0c1fb48698d786bb7f76be70b4cd96568557f90c062773fb0dff6e lib/codeql/swift/generated/expr/MagicIdentifierLiteralExpr.qll 16f0050128caf916506b1f7372dc225a12809a60b5b00f108705fcdfce3344a8 c064778526a5854bdf8cdbf4b64ad680b60df9fe71ec7a2d9aa6c36a7c4e5b31 lib/codeql/swift/generated/expr/MakeTemporarilyEscapableExpr.qll c63cd023a5c2662e2beee8dba5f9cb0012103424a245df5fde0d4a08a13a87ea 78729409bc0e387ad2ed7cd84b074dbf190f378a6c8794f4a6596ddfa1b1ad85 lib/codeql/swift/generated/expr/MemberRefExpr.qll e7db805b904d9b5d1e2bc2c171656e9da58f02a585127c45f52f7f8e691dc2e5 b44b5208e0b72060527a6fdb24b17b208f2263d78690d13548fba937fe0db3cd @@ -517,34 +516,34 @@ lib/codeql/swift/generated/expr/MetatypeConversionExpr.qll 714ecbc8ac51fdaaa4075 lib/codeql/swift/generated/expr/MethodLookupExpr.qll 526c9001c311a890db2409a46180a7fedbb11b6dcd8ee23dda4d4644e65bed3a 4b287235a19b85880136ac3485a85742aad7217021c9f6729bf2a39be5ebd1a1 lib/codeql/swift/generated/expr/NilLiteralExpr.qll 6f44106bc5396c87681676fc3e1239fe052d1a481d0a854afa8b66369668b058 6f44106bc5396c87681676fc3e1239fe052d1a481d0a854afa8b66369668b058 lib/codeql/swift/generated/expr/NumberLiteralExpr.qll 8acc7df8fe83b7d36d66b2feed0b8859bfde873c6a88dd676c9ebed32f39bd04 4bbafc8996b2e95522d8167417668b536b2651817f732554de3083c4857af96a -lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll efc72580627467dce30ab784bfb963bd21297440bd6287600d0b3f2c5836c340 29a7974a65bde8f434de159e9a6ea0f6f48609d4d3332a216261f3c64cf3a070 -lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll 199b3a5196bff35681ba2e4bdb546cfbe0a2e265f535d05cfdb89af9c382c1a6 7c6b962565841a634c850d088fd404a3e6f3045e05ff555e1cde0ec02ba8dc8d +lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll 94a8344bff75033a3aae101c103419bd2201aa6992393d3450e4531ec33d4c83 78870c097692943f2eefb3ee86ccc86579411f35a4fa6e8753bf307009f85dba +lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll f609e898670d4fc7937e9f5024dbf9d82c98bdfcef140cee6e13998046fbe044 cd8647e0b186ce74d27ac0fcfe037972f7e12a326a0ef53c51305cb7db783a0c lib/codeql/swift/generated/expr/OneWayExpr.qll 8464649694b671a8462476fcd3827b07f8448069c7caa9e9efce44d7ce87aee0 c3e143ecd28238342a1d911a468087cc58a751106385f01cbe5a44e19c862d0e lib/codeql/swift/generated/expr/OpaqueValueExpr.qll 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 -lib/codeql/swift/generated/expr/OpenExistentialExpr.qll 55ff1b4fdf23b787538f8b8cdc5f382d874221cec230f8fa35189ebf6de09b58 8235fe3387753a0ac389e297bf67b416991117587a98a566620ac9b328887dd6 +lib/codeql/swift/generated/expr/OpenExistentialExpr.qll dfa76a8ce3613f6beb15a1e1ef37588b3862b02044aedad39a70a72d53b0dd4b 0bb2c70df80bccac424e281c772d9cdeac184dabfdbacf609a5a8519e80e923e lib/codeql/swift/generated/expr/OptionalEvaluationExpr.qll 76a3a789b3a4f17dd494f973f099766aa1db97c38cbbd93542e664a7cd7e1680 f56ce693b59cee6713a7cfdb2937a8a4e791d6e80c241ecd333ab197482a2d1b lib/codeql/swift/generated/expr/OptionalTryExpr.qll f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 -lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll 9e695cca00e162beadad513d6833f117cee0f364da6f16c7ed3809573c1fbfe2 ff29f1f265e22eefc9166f77fa8adca7f89d3f769591149e21c58c0789577a88 -lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll fee0ef58103e48b9238f1dd94d530a54e8ffaea95924cdbb38057701360a849d 2e851c3aee89aa3cbc3b67846a723b98708233e74e872641988c3200476d2da2 +lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll 94b793be9a37626fe0b1b7c93ac37b2a00e4fb93ab96e4a230aaba66ef1721de 136ac6a349db23144fc71f3aa1383fb68370b13a8615eb6ad398b29a55f2cae3 +lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll f2ef6518501e4bf7c51d009cb996dc88d56374a4dc572ce8514993591896deba e8519550ec34428715452f6716160e580cbbc894c2b78dd34c33835e11728f19 lib/codeql/swift/generated/expr/ParenExpr.qll f3fb35017423ee7360cab737249c01623cafc5affe8845f3898697d3bd2ef9d7 f3fb35017423ee7360cab737249c01623cafc5affe8845f3898697d3bd2ef9d7 lib/codeql/swift/generated/expr/PointerToPointerExpr.qll 7d6fa806bba09804705f9cef5be66e09cbbbbda9a4c5eae75d4380f1527bb1bd 7d6fa806bba09804705f9cef5be66e09cbbbbda9a4c5eae75d4380f1527bb1bd lib/codeql/swift/generated/expr/PostfixUnaryExpr.qll d1094c42aa03158bf89bace09b0a92b3056d560ebf69ddbf286accce7940d3ab d1094c42aa03158bf89bace09b0a92b3056d560ebf69ddbf286accce7940d3ab lib/codeql/swift/generated/expr/PrefixUnaryExpr.qll f66dee3c70ed257914de4dd4e8501bb49c9fe6c156ddad86cdcc636cf49b5f62 f66dee3c70ed257914de4dd4e8501bb49c9fe6c156ddad86cdcc636cf49b5f62 lib/codeql/swift/generated/expr/PropertyWrapperValuePlaceholderExpr.qll 0d604764ca2e77a51b7e7062a1f57c6f46dd007717bdebf765eb7b737ef5062d cff734718467dfd4abc12dcf7e72c5745fe4e917204cdd22e42973f30eb06df7 lib/codeql/swift/generated/expr/ProtocolMetatypeToObjectExpr.qll b692be6e5b249c095b77f4adcad5760f48bc07f6f53767ee3d236025ee4a2a51 efa47435cde494f3477164c540ac1ce0b036cb9c60f5f8ec7bfca82a88e208fb -lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll 87984796ee7bb5f8f474563d03e667b09ff36ccba5e084504e24ab3d9e90d4f2 b4885cb5a72edad07011e3e576ff3ce08ef6399320786ce1cf9d7a0a6350eb6f +lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll 66d4cbf211cae63a443d85f83a2799cb6ac66c061e691d0531ff5edeec9af6f3 7be66e5be4c6671abcb03af92d00ce5f5ba46797941ffbb98675f6cd15db59c7 lib/codeql/swift/generated/expr/RegexLiteralExpr.qll a11eb6f6ce7cebb35ab9ff51eae85f272980140814d7e6bded454069457a1312 bdb4bb65c9f4e187cf743ed13c0213bb7e55db9cc3adeae2169df5e32b003940 lib/codeql/swift/generated/expr/SelfApplyExpr.qll c0815a4d6d4f08bd0c7bc170fa817ebcb2328c937c8ef16391fb0da71aff17ae 0979f035e8d4b54e93f17163a4df3c2aa65f23d56c491fa72376887e3e5c10ac lib/codeql/swift/generated/expr/SequenceExpr.qll 62301b2e4c76de4820c6deef0ee95c8b328ed14ba8eac70aa10cc8fb0f3c5ace feb960c796ea517abc9587bd76f7ae9aabfd9a6b0984fe2d8380e803b002eede lib/codeql/swift/generated/expr/StringLiteralExpr.qll f420c5cd51a223b6f98177147967266e0094a5718ba2d57ae2d3acbb64bbb4b6 30d6dab2a93fd95e652a700902c4d106fecfce13880c2ece565de29f2504bedf lib/codeql/swift/generated/expr/StringToPointerExpr.qll ef69b570aa90697d438f5787a86797955b4b2f985960b5859a7bd13b9ecb9cd3 ef69b570aa90697d438f5787a86797955b4b2f985960b5859a7bd13b9ecb9cd3 -lib/codeql/swift/generated/expr/SubscriptExpr.qll 70ca2812ac4018c062fcb099e20433c7960325e68cfc544599d1860793b1464f d01d4b4ed833cb0390c3e96e75ef51150721245b0277946d75daca32d4085d9b -lib/codeql/swift/generated/expr/SuperRefExpr.qll f550961b912bdcaf159d4729b0a3f6911e97365e6d429717d4a9770a2a83a184 e5735644d755ac2ee56f6c3ab13ca6657c21cd00a366665ea858d405d32cb112 -lib/codeql/swift/generated/expr/TapExpr.qll 8556465559ed243c16396a1b426b666362c1bab1535a12faf9c1050e1b06c668 ea1c30b90d3620e580294d7d7010a720be688e10a9469405cd58b3da55070dc6 +lib/codeql/swift/generated/expr/SubscriptExpr.qll 8a2bf1f0ded1888546791e0e59b969267f0352223e2abeb38e91dfa2144a38ae 009566ef61689d14844730235b0e0c31ee01e95e2002cf7272cbabc97539dce9 +lib/codeql/swift/generated/expr/SuperRefExpr.qll 4fe3e827cff256d304bc73f0d44b6091dbea68d8176ff3af36dec80ab349f7dc 7e1c3975515db1aacdd8f5c90ff38cfc568e2c9e79495bb7832d72f856add2e8 +lib/codeql/swift/generated/expr/TapExpr.qll 6583473139cc6c93838e802d8e229ad90d90a2ef960600d95db6d12831402ff3 a7478c0c9e9a9899c1840838150e127e3bd192bb340249642efede3dd51d260a lib/codeql/swift/generated/expr/TryExpr.qll e6619905d9b2e06708c3bf41dace8c4e6332903f7111b3a59609d2bb7a6483ee e6619905d9b2e06708c3bf41dace8c4e6332903f7111b3a59609d2bb7a6483ee lib/codeql/swift/generated/expr/TupleElementExpr.qll e0050f30b31c58bcfbaaa61137484f9463aab435cbe1fd0dddd7a4b9d3a8ae46 0192eb79f1b1bff6185dddbc8ed37865cb669a670ffb9f5b63c34c1bf53a73c2 lib/codeql/swift/generated/expr/TupleExpr.qll b834c6347ec355f1135274f65bd7ca3768be42ea173225227a6b543c2fb2243b fddb421e1cdc8ae24afb6b72c0636b3341c5b039a4277fc99f00bbb077645cf8 -lib/codeql/swift/generated/expr/TypeExpr.qll accffc2dbe4a1f1ebdaeb4ca6a130faf139288a7470740213d5379ddc94dad18 e4595beff0e7b7cd698e2bb708ea10586cc2f2de5d6f9dcf3da3c3d9b43d33eb +lib/codeql/swift/generated/expr/TypeExpr.qll 0ebb5040199b71ea2f8922848b6d7ad2d4ac585b763485195e4180a118839dfa fb991cb078cecdfd0ec0d19d896635e7b834481c30970bd83fdd4e9792548416 lib/codeql/swift/generated/expr/UnderlyingToOpaqueExpr.qll 13d6c7a16ec0c4c92d12e052437dfa84274394ee8a4ca9b2c9e59514564dc683 13d6c7a16ec0c4c92d12e052437dfa84274394ee8a4ca9b2c9e59514564dc683 lib/codeql/swift/generated/expr/UnevaluatedInstanceExpr.qll 21dedc617838eed25a8d3a011296fda78f99aee0e8ae2c06789484da6886cfea 21dedc617838eed25a8d3a011296fda78f99aee0e8ae2c06789484da6886cfea lib/codeql/swift/generated/expr/UnresolvedDeclRefExpr.qll 17e83f6418f39cfd3b7768ba694dafce2807f97239d3ac0939fc0c3761ae3571 910e9440cae403b13b6dd501a3dbbda564a1d7d61a532e99a1825590c2d9a4ab @@ -558,45 +557,45 @@ lib/codeql/swift/generated/expr/VarargExpansionExpr.qll ac50264811fc0303220f7825 lib/codeql/swift/generated/pattern/AnyPattern.qll ce091e368da281381539d17e3bac59497ad51bb9c167d8991b661db11c482775 ce091e368da281381539d17e3bac59497ad51bb9c167d8991b661db11c482775 lib/codeql/swift/generated/pattern/BindingPattern.qll 61ae8b380b43c80710cf7d33c718c45b06cfa3680990e38e4191b3732236595c 1ff0450958cce5a5bfd00942d4846e3b2652499c738bd2790255632c883af0dd lib/codeql/swift/generated/pattern/BoolPattern.qll 118300aa665defa688a7c28f82deb73fa76adce1429d19aa082c71cfcbeb0903 0cd6db87e925e89f8ad6d464762d01d63ddfd34b05a31d5e80eb41aec37480b4 -lib/codeql/swift/generated/pattern/EnumElementPattern.qll 4aad6e1db45b8d39f61827e44335b2d7c1b9346538933bea82e4cec4b0993e3a 645edf97eb83f077f82c5f08cec912b845c826c2067f38f050b6e78031fe3a2e +lib/codeql/swift/generated/pattern/EnumElementPattern.qll 2d92a861316d46190e11880b0c383651e4ea15ea8fb81f55c08c4ce733bee2c7 c5915d7a3b62f7c009daac2e7d87c7d435a81a128bdfcc1db9ad281600acfb67 lib/codeql/swift/generated/pattern/ExprPattern.qll 169cef487e499a21d0d2cc4eda7268eb29cb6b1081fa6a0bc4e8571677f063f3 b7f3160f0812cf565873b607a247e184f17cc0289758f9a46748e90e783abd4f -lib/codeql/swift/generated/pattern/IsPattern.qll 864c38251026a523f91f0c097899cbc0c281f29d5c11142d5434cd182e8d70b8 be03f3a3aacbd44dc8e6a03f88d241d1247a3686c0d7d8eb4b50fa57c675aac9 +lib/codeql/swift/generated/pattern/IsPattern.qll c809159dff26b86d44f560742d66e75b3cf143cdfc0f3933b959864412770248 7375cb8140da3c1531b55b084c4b6aa8009495dd40697a13f05b258d3f5677cc lib/codeql/swift/generated/pattern/NamedPattern.qll 5d25e51eb83e86363b95a6531ffb164e5a6070b4a577f3900140edbef0e83c71 9e88b2b2b90a547b402d4782e8d494bc555d4200763c094dd985fe3b7ebc1ec8 lib/codeql/swift/generated/pattern/OptionalSomePattern.qll 5b9c7032584619d4921d1a1324e3ce4bd7207f0d4daa703e1e059f983bf1b132 e6d44514cd123a7ad27f657a2b83d46277a961a849139380ece886430a862920 lib/codeql/swift/generated/pattern/ParenPattern.qll 337cb03dcb7384f7ef13e35d843b3498c0ae391374f5e870d1e52c2d1baacd95 cba288ee99726f5bbf15cf61971e000a835cf6e8b7507dcf6f6c6dea91ec287a lib/codeql/swift/generated/pattern/Pattern.qll 0e96528a8dd87185f4fb23ba33ea418932762127e99739d7e56e5c8988e024d1 ba1e010c9f7f891048fb8c4ff8ea5a6c664c09e43d74b860d559f6459f82554a lib/codeql/swift/generated/pattern/TuplePattern.qll b3a138b0942f7e3eecb52ad2f095584a6cd5f555e9487c6eaad6a5527ae99f0c d6ff67ecc7395571acef4b82da514cb737c72d97ea557d89da534469feda340c -lib/codeql/swift/generated/pattern/TypedPattern.qll 95185ae7acddb74ac68f2d2e31d83e64e3bac3fdbd7a8301a6dc8bb1d89d7918 5d6edf73b4ac2f81843fda26894f5dbf8aa2a7c129af5e1a3256370683fa619c -lib/codeql/swift/generated/stmt/BraceStmt.qll 15461198f638b8995687ad8a20ef47c8fac24445a8c28ea5113bbaabe43e4be3 72fa14dbb9cd31032a5f35754991beb6183c2ef37f942707dbfc8911687d8c6e -lib/codeql/swift/generated/stmt/BreakStmt.qll 7dca1ed723117cc245636c7ec5f31a69dbbb228eae2f6423ffa1f327f964d1c8 43052e648b31c6edf88c28fc8aa0ec440601c06776d5a32e7ef1efbb59f64cf2 -lib/codeql/swift/generated/stmt/CaseLabelItem.qll d04772471f1651c0f3c15cb7fa003431b2a51bbffa945a14ae85bb3e58015249 406b2d411a1aa3a513f93e9602ce34138bd47d84a8c5b9fc226ed3e0c972ae08 -lib/codeql/swift/generated/stmt/CaseStmt.qll 01b7cb7fe5839c02fec5af4ddc9d6c7646583305e17543f1e5a6993b8467c3cd 62ab05c856c1a567aa7aaa04390fee9cd65d44ad3e244a1f781e97710b89653d -lib/codeql/swift/generated/stmt/ConditionElement.qll 2f60c9326681613939b411d9c5e53e0e0e5cf756b551af4e150b8be964d8e05d 4155edf57ccc61b87f5d51684e57c06cd0bc6733579275f089de51975546eab1 -lib/codeql/swift/generated/stmt/ContinueStmt.qll 572747312c2a7c4e6ad1c82c58f8ac55ce05d5e1f828160fe139c3d2c100eb61 a54d57cc434f7d04412bf130391e9c571f8f11f90be501d736e96f341b0c1de9 -lib/codeql/swift/generated/stmt/DeferStmt.qll 099b98183d770608f63ee09b290e71042e4cbbbc6a83b0f0fa10614af418c712 d5504347c08ab2b4764d5cb03a3b590a97144240d68f626db0778697ef9638c1 -lib/codeql/swift/generated/stmt/DoCatchStmt.qll 4a05ba358b289c052f1e7d6b86dae206e91a8033687c3fabddac1556173a8140 8743746aeb98f28e7786233db4a9eacfcf73aea3f602be9e1f8c0d956d22aeb1 -lib/codeql/swift/generated/stmt/DoStmt.qll b22efabd7431e703ae33dd1df69a9e3ceb49f512ab2c46be9c7eba2d53a1e37f 8d7796e2b4676da59aa8425014a16b82ef47d4ac22af60a10c5076a691af17d1 +lib/codeql/swift/generated/pattern/TypedPattern.qll 6a9fd2815755eddc6918d6be8221c7afb90e4fba4fcb8eb54ff42754269bb481 f198c3b09553a5f5f3d97f8088ef82c00552b9635560750c56d801b09dbd9e26 +lib/codeql/swift/generated/stmt/BraceStmt.qll eea1a33767c14a3b96aea6bbe10f17c3ecd1d8ac263de07e475e23b46d85a20d a5ee6c19a38e968c245886c28c82513f39ca90a80a9ea11d0e3139a35f682046 +lib/codeql/swift/generated/stmt/BreakStmt.qll 879cf66911cc7f53e7e8f4ae8244681018fb17d6501b269fb7cf9d8481f0b539 c78fc1b0e3e76321fc1653aa8b0aabaaacf082e01a003b78f693b106cc05faa0 +lib/codeql/swift/generated/stmt/CaseLabelItem.qll 9536d2909a274c3a969eec25f8e5966adfaa9b0d6451ea6319d9f7bb2fd6fe07 02e25f036db50e9a6e9a7ceab6002dd605b73afb55fa1dee6f22e7af33a40913 +lib/codeql/swift/generated/stmt/CaseStmt.qll c180478c6161439bc76bd39edfab343faba7450900ffedcadd3ccea12dc3a08c b537eb517db76113cfbc91c59e6bdfbf16ff83d639dfe6fd6892171f71a97090 +lib/codeql/swift/generated/stmt/ConditionElement.qll 29c1f9ab045cceac466836c8c6b9b158395351a76d4c4f8725d98663ea75b9de 09342a6d9632a1af973ef21fd03d30ca85b94ebb7d51991b4b573ce9096f97f4 +lib/codeql/swift/generated/stmt/ContinueStmt.qll bf300c9655f750db8e71eb530d8972eca1ac9bf022023c8d99e299de8f5b3a44 746a2432752743e18e2b5fa4b46407e5d4c0e6ee38635c6de0846452cbc5eec5 +lib/codeql/swift/generated/stmt/DeferStmt.qll 230f8c8f53c86afd3169b36214c03c54ac3e5240b1c1c1ade4446b45c4c3c32a d0d9e728be7506aa07904c53087eb1273a82762139866767abb0b851f3e559ee +lib/codeql/swift/generated/stmt/DoCatchStmt.qll b418fdb6d48c2c0d30d11c0b256692af879846113c89ccdd21a84cd27ccfddec 5aea94c795e300ee1d99119c86d201228537b24a1e281abb79a14b2edbb498af +lib/codeql/swift/generated/stmt/DoStmt.qll 582f56113ecc384ee80610ae80e2a040fbe58c56b72c76b6c7da3daaeee739bd 3778445dc2f6173d4182cbda47ca0d0e066d931379ed7da89bb3afd1fda1e81b lib/codeql/swift/generated/stmt/FailStmt.qll d8f5816c51c5027fd6dacc8d9f5ddd21f691c138dfc80c6c79e250402a1fe165 d8f5816c51c5027fd6dacc8d9f5ddd21f691c138dfc80c6c79e250402a1fe165 -lib/codeql/swift/generated/stmt/FallthroughStmt.qll 0f5caceabd3f683914cd598c60e78f0c225a06b017784182e9bf1525ebf4eff8 fe328559e580ebcd38aac3b6402f1a40cd1c922e92b52456b18e79e6e241d7b4 -lib/codeql/swift/generated/stmt/ForEachStmt.qll 105f4905d2c9b832b01dabfc87a90294886ed867be119c83b1af779b61cca8c3 8aeae81570d9444f16e0335ac2d1b8645dc37e2b6b30ccdfeeda77b0d3c8af14 -lib/codeql/swift/generated/stmt/GuardStmt.qll 135faa385310d9398db6630c799ee57da6e5546e8ae09190b0aab8397c330c57 eb98434209466449d82dd75049850aa3d550f2c0d2b6e0a70f2ee8d2dae4d830 -lib/codeql/swift/generated/stmt/IfStmt.qll a01212a13060f36b0c5ff29a18aa64a450662b284d37d8cff10ce648507684b2 05e9617901b871d59fa9f08f3397aac7ebe7026ae482e316e591c2622ba64a2f -lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll 2865e39a960ec4f610cccc6cb93ecf2b3ef457fb4c3acb961ffcf84ed9c1f33e cb8b7f16520ead1299d898ccd22efb89a74e9b3d658fdb613af0797b60d80bb7 +lib/codeql/swift/generated/stmt/FallthroughStmt.qll aa400a95593395d97b196a78462fb5ab7cad0497b395cdd98885e1593271614d 4df6bfa7d2f4e2b5e5155351e445bb6c710e7c20c82fa3321564b11ef60b086a +lib/codeql/swift/generated/stmt/ForEachStmt.qll 0c4b3c9540aaf89c135de6618dc7f07680a44bb6e874d8b12b2457ecad7d766d 52fbec89382d3b207f379e126654008393be560c8efe4a490fda1e2c48914235 +lib/codeql/swift/generated/stmt/GuardStmt.qll f31660bbe32231e310ff3d33dfece761ee7ec888fe74683359f86a3766e7c378 ce1f8279839e0b6311107ea9473871cbcfdc7c12d2368ac55b989f9bff2c5e7c +lib/codeql/swift/generated/stmt/IfStmt.qll 80f1caba3a477e589b6aa3543ec1787005ab1ffab91a77832512c79dffce48c7 2126cf386e917a230175ba7e07450e390b4bd65da6fce1af8395e5ffd3f79dca +lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll 057c6c556ecd836ca7f40d208c04e43039dde53e41eb27cc27f5f502a38a86fa 2ee979a35e0e9fa72253ab21d57c18b7268b7acc1edb4ec514b73b99b0aa2c6c lib/codeql/swift/generated/stmt/LabeledStmt.qll 734f0bb5b40d72c3c949a08af15c01b3ae3a3e315f3196f75da27e03a2635d63 f1fbea28c7eef71135e60e144714b1027d71f07ccfabbb65d6a98aa89523720e -lib/codeql/swift/generated/stmt/PoundAssertStmt.qll d672d599679838fb9fcc7e9e3b4641a7d514ee35d94f9eaa9d56f1e893d57863 7ca6f2571015c105887b4c045c2305a05ad86813cf5fcf28b577efcc3d483717 -lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll e9a4ac23dafb18a2bc23a045eb7ed8a96193600071d46351474ae899f7e24f7d 8bdfd1e1c75b95ba156dc0c90b5fcc185b0bee84feb144c7dc1b5f159703c79a -lib/codeql/swift/generated/stmt/ReturnStmt.qll c27a59f427f39d6eaebc96c6d975480be535945572e5a88ab961c34ef166df1a 269912d84e69f97348ea2cf46ab38d08cf92b7fc6bf6255e649a64580bf171ad +lib/codeql/swift/generated/stmt/PoundAssertStmt.qll c7a2effdfde66cf6308815affa966d63a9a251ddc27d492320733f1b2398ecdb 83b886c58dbdd845e4be08309c2be1e8954cd0aa1a8ce079d429f96beaef02bf +lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll 5edf21c6f6a9ec95f1f4ada10a47f46e38550c307cae8b74dad4c26275e24ace 6a2c1cdc99ef31c9a8f49cc4cb207b832bb90d55f69ef3196948105daeaf8d45 +lib/codeql/swift/generated/stmt/ReturnStmt.qll bed521194ae4f9a60d3ea0a9ea46dd7dbbc62799272d752871524a8eedbefc46 eb28b591ad77d842211a0df931fd693581c0e792b93421679b64a38de637d836 lib/codeql/swift/generated/stmt/Stmt.qll b2a4f3712e3575321a4bc65d31b9eb8ddcd2d20af9863f3b9240e78e4b32ccff e0fc13b3af867aa53b21f58a5be1b7d1333b3e8543a4d214a346468f783dbf40 -lib/codeql/swift/generated/stmt/StmtCondition.qll 3a9b82fc0776c1693c620fd96b3dbf94052ca0a2134ea4c9c83e51a1df6accad d2f809dd6820aa05c1630cd09ca12f22f94698155661aecd5d3837e340354ff2 -lib/codeql/swift/generated/stmt/SwitchStmt.qll 2e43f3eb536bb8924311d2fe84b2b21f712875caeaa8c4b13047b782c06ae453 ff72f4a01c3d7d227a28481d5a95b0858c15619067dd159332693af05fd0f146 -lib/codeql/swift/generated/stmt/ThrowStmt.qll c6f419f7d7021061a913fd70e64e43d55efe4350f73a21921cbd0654fabfa928 b76d221ad122710050651a62efb92b318d48109ec5326971c66cf9876dde9e14 -lib/codeql/swift/generated/stmt/WhileStmt.qll 550fef68aa3e81fcc615a296fabeacacef7648fe8e0316daef8a2767654f3020 5a60c959f042ebd9142b26432ad905cc2079664568d1b0bdf22085d4a24a92b9 -lib/codeql/swift/generated/stmt/YieldStmt.qll 5b0a6e0a656f9db4095d128c3e7d6bf1265ff218045ad91bd0699097c6c3cce7 45f54dbd94af7c2ab7e53858a7c3389636726d3d5fb45b876b5daad1896d1305 +lib/codeql/swift/generated/stmt/StmtCondition.qll b8dabf10de10f7c21abe0c7911084a41beb6e7125016a9bc2e15a6ace6d31837 d3ad8923495c273b83d80c4c9f64665798273c843f4cd1862b0300a93c2ac2d6 +lib/codeql/swift/generated/stmt/SwitchStmt.qll e303f93ba166044326071368b8c3ef74c2a87c1c586b1d05cf645150f8958b1a 4a8e919ba35423b49d4400d0d0730a0372d5f75a741f49776654bae773250561 +lib/codeql/swift/generated/stmt/ThrowStmt.qll d486c63f0f224e088cd67deb296d47266c8cfa2212853f950f6d0457941a0ca2 c4315440944ccb312af7ee8ee18b5eb2b98909ba9655e4729ea0e0d6a87ff014 +lib/codeql/swift/generated/stmt/WhileStmt.qll ee2661a76fdb516095bfcfb3210b4e24fc0f9619e985c9916fc0f5150736dbb1 b6c95a8e410f79c8d0a7bc994f92bf34b51400a2ba49b67af28a5256687855a9 +lib/codeql/swift/generated/stmt/YieldStmt.qll 81e2e31455da36b08f21f905d3e5b87e9f5c10ba50990fa5722a2d9488378da4 21d9e9523ba28bd291753b331379945c621241ccadb0cb444755ee5947cb24d1 lib/codeql/swift/generated/type/AnyBuiltinIntegerType.qll a263451163e027c4c4223ec288e090b7e0d399cc46eb962013342bfeac5f6b86 d850ec1ee1902945b172ddd0ecd8884e399e963f939c04bc8bfaadacebdf55a9 lib/codeql/swift/generated/type/AnyFunctionType.qll ecd701702fc4f5a2205208faad7598f3083028914e72aacdaa6311f522468352 342e2265f0593c3f388a7f293b589f332c977d7863d697901445d68f0b93a222 -lib/codeql/swift/generated/type/AnyGenericType.qll a6da9ae1024bdafa244f3f5843fe16efe06f5d8e7305c5712f6b9ff409347427 11694abc90753c3f1a27e4745919f851334e0b79eb576831403c7866014b64aa +lib/codeql/swift/generated/type/AnyGenericType.qll 8b64a517c57c6c7e46eca923a5611c28c626c920818b5b9060f1772c10d1a636 151ce25c5b86e51d4e0f4a11c058eb1555a8d3f286029b37732b47b3b23e3667 lib/codeql/swift/generated/type/AnyMetatypeType.qll 6805a6895e748e02502105d844b66fab5111dbb0d727534d305a0396dacc9465 58e0794b8d6dccd9809f5b83bf64b162e69f3f84b5f3161b88aed10f16a8ede8 -lib/codeql/swift/generated/type/ArchetypeType.qll 2642f841dac57a4c2447ceb5c3a42bf9e59bdb426556307dae863bd4009950e0 e7136d1929951d7dc928d0ebab99aca84eee8bf71aad86f480c4820da26adec0 +lib/codeql/swift/generated/type/ArchetypeType.qll 49560392daec2e41846dba8254a1ce420ca17a0e6d45c6a6b670f3f9e44e2c18 6865b7359c413602d7de11aec850811a012cad846a5839817c4d5644c6138d8a lib/codeql/swift/generated/type/ArraySliceType.qll 72d0409e2704e89ebca364ae28d55c874152f55dd1deaac6c954617f6566f3c2 72d0409e2704e89ebca364ae28d55c874152f55dd1deaac6c954617f6566f3c2 lib/codeql/swift/generated/type/BoundGenericClassType.qll c82971dcd306a4cbc6bb885ae300556717eb2d068066b7752a36480e5eb14b5f c82971dcd306a4cbc6bb885ae300556717eb2d068066b7752a36480e5eb14b5f lib/codeql/swift/generated/type/BoundGenericEnumType.qll 89fcee52adbe6c9b130eae45cf43b2a2c302e8812f8519ea885e5d41dec3ec56 89fcee52adbe6c9b130eae45cf43b2a2c302e8812f8519ea885e5d41dec3ec56 @@ -616,7 +615,7 @@ lib/codeql/swift/generated/type/BuiltinType.qll 0f90f2fd18b67edf20712ff51484afd5 lib/codeql/swift/generated/type/BuiltinUnsafeValueBufferType.qll d569e7c255de5e87bb0eb68ae5e7fea011121e01b2868007485af91da7417cd6 d569e7c255de5e87bb0eb68ae5e7fea011121e01b2868007485af91da7417cd6 lib/codeql/swift/generated/type/BuiltinVectorType.qll f51ce577abec2a1de3ae77a5cd9719aa4a1a6f3f5ec492c7444e410fb1de802a f51ce577abec2a1de3ae77a5cd9719aa4a1a6f3f5ec492c7444e410fb1de802a lib/codeql/swift/generated/type/ClassType.qll b52f0383d3dcbf7cf56d0b143cbb63783cb5fa319bcbfc4754e362d935e0fb53 b52f0383d3dcbf7cf56d0b143cbb63783cb5fa319bcbfc4754e362d935e0fb53 -lib/codeql/swift/generated/type/DependentMemberType.qll 0596086099ef55db0647b436e4d4ad6482496e8d491b6497e31b6f4ecdafe5d0 2de600fd4ac4739afdf4cd84822da467d195c7cc6d7099fe7ac446eae147979d +lib/codeql/swift/generated/type/DependentMemberType.qll 348f4b1eb1ed6e311212c1565716c814f9f4198ec4be7e748fbd10cef1f98ce4 a17c65acda68c87b7148047372a9779ce9eda53dbaa81208f0b9b57262001791 lib/codeql/swift/generated/type/DictionaryType.qll 1a30cd9815e9162cbf07d193a35d834837f8b8aa8ab936ea8c4400ea66181937 d4100b99422db8b81632cd86144c316ed8504616df742223cb6cde1211704d14 lib/codeql/swift/generated/type/DynamicSelfType.qll 331e731ce6ebf8e4b152efcbfbebe35d506c03633dab75483ae660f967259c58 4066ab0cd3c768fe25aba0d2ddaa4e394070f97dbe77b375c6fd39447eef8fd9 lib/codeql/swift/generated/type/EnumType.qll dcf653c7ee2e76882d9f415fbbc208905b8d8ed68cc32e36c0439a9205e65b35 dcf653c7ee2e76882d9f415fbbc208905b8d8ed68cc32e36c0439a9205e65b35 @@ -629,10 +628,10 @@ lib/codeql/swift/generated/type/GenericTypeParamType.qll f515debe8b21f3ea6551e4f lib/codeql/swift/generated/type/InOutType.qll 93906f54e2e109a8e83bf10665a9cfb518b96c6f8d8ea50e8d994a2802082e61 1cdf37ee0a2785e1a3298022f0d9aa8e9bce38e8d7268d631bb6544bdf07e636 lib/codeql/swift/generated/type/LValueType.qll ed2c9347139582c311b6ae58a26fd4462cdcd4ec1f1d0ea3c9967d0bec54683c d027432cc73850731f33b1aaf7e2aa57d97ed7e3171de3dc53902e6ed7e38b46 lib/codeql/swift/generated/type/MetatypeType.qll cd752f81257820f74c1f5c016e19bdc9b0f8ff8ddcc231daa68061a85c4b38e2 cd752f81257820f74c1f5c016e19bdc9b0f8ff8ddcc231daa68061a85c4b38e2 -lib/codeql/swift/generated/type/ModuleType.qll 46178692ceeda03ded0af1ab96af9e3ef4ba426e7345a0e2abfc6b35eebd9fc1 135549ca669d27c737159cc8327963879c11e32177a3b72d2076decb0927c475 +lib/codeql/swift/generated/type/ModuleType.qll 77fc9ea296b5be29aa8eded4cdfdbc7ca09a4c443f6720f31f9728a6e5bf115d c551af9fa41b1da433f52c89e3d126ac11caad8ab6a59baeda7bdbd7b11487cf lib/codeql/swift/generated/type/NominalOrBoundGenericNominalType.qll 27d87dc4792b7f46fa1b708aadecef742ab2a78b23d4eb28ce392da49766122f 380b827d026202cbfcd825e975ebbdf8f53784a0426ce5454cb1b43cc42dfe16 lib/codeql/swift/generated/type/NominalType.qll f7e85d544eaaa259c727b8b4ba691578861d15612a134d19936a20943270b629 87472017a129921d2af9d380f69c293f4deba788e7660b0fe085a455e76562e8 -lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll 2126dd1e66b3b8fb4a2ac1808674f1c502cabe7cce11ecde407e78bbb1a1546e e78d3b63cc551a0dd284969c8ba6294466b1ddbcd17a0fdb745237a3793313ac +lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll 54f267ce066c2bc3c1a4ef93154a2b99c1c6a7253c9d75f5d215a4e8fe036c1d f2d397bc48875d7c47e239d859a40ee191dad8340c7f2861d461c8a4f339fa49 lib/codeql/swift/generated/type/OpenedArchetypeType.qll ed97d3fb8810424643953a0d5ebd93e58d1b2e397ea01ccde0dcd8e68c41adb2 ed97d3fb8810424643953a0d5ebd93e58d1b2e397ea01ccde0dcd8e68c41adb2 lib/codeql/swift/generated/type/OptionalType.qll d99dd5ec5636cc6c3e0e52bf27d0d8bf8dfcff25739cd7e1b845f5d96b1a5ac9 d99dd5ec5636cc6c3e0e52bf27d0d8bf8dfcff25739cd7e1b845f5d96b1a5ac9 lib/codeql/swift/generated/type/ParameterizedProtocolType.qll 5ec7f5d9412f071099a75e920dce686e3a3b3697d94f2b03d4456858060d31d1 9d8f3ae67ebe290102f6c3fc4bda14d66865b13a782fe9e80e3e2464da14f18e @@ -647,8 +646,8 @@ lib/codeql/swift/generated/type/SugarType.qll 4ea82201ae20e769c0c3e6e158bae86493 lib/codeql/swift/generated/type/SyntaxSugarType.qll 253e036452e0ba8ae3bb60d6ed22f4efb8436f4ef19f158f1114a6f9a14df42c 743fe4dede40ca173b19d5757d14e0f606fe36f51119445503e8eea7cf6df3b0 lib/codeql/swift/generated/type/TupleType.qll af224031c3bea6dfca6138903cca940a4f00ba6494ad7b591b9f017d69ee9a6c f59ad1bb4994196ec49836ae169e550a70dbb25a359ff889ed6456882fe2d9a0 lib/codeql/swift/generated/type/Type.qll c08acc943c9b52662a465d77fcd39d12f869c42b24a3755225b3bddbb1cf72f5 6d82c5bddded75fd5598bb559ecfa07360ad802d5e9541af2c334dc9d0159335 -lib/codeql/swift/generated/type/TypeAliasType.qll 1c7b7d66f277907d04462712ff5271b84987656351da8e486d718b8d138ef545 2dc20e1fd98bee6a8e5b35cf7a048716b2b6d2e5ba6610ecc4f7f667da930885 -lib/codeql/swift/generated/type/TypeRepr.qll bb78cc2265734d8ecbd32ca85e38c853e9f35569aaf4dc8353d20471b3559c3d c2abc1d161590cbdc4cac7e147e114f8a28ba5f6405dba7ead51abe85991505d +lib/codeql/swift/generated/type/TypeAliasType.qll 7c1397c4a145d3265e8d1b4dac4ae6a58a2c4026145cfb2d8d28c01309b0ea26 0e3c3a2c166285f4ac1b417b8cc74a5095c8a8e1a102d7b5ca2829a06b61de23 +lib/codeql/swift/generated/type/TypeRepr.qll 25a412f029bf2d4b283ea07f0f0ff5713b1b4f369f8cb06991328fdee030e14a 2a39717f2e023c96015b797b59812b0e0bef1ea2780ee83869b68da549abbf2f lib/codeql/swift/generated/type/UnarySyntaxSugarType.qll 6f3822691d04531cc1dd6a78fb184f3e18d42ee324123dc4338fdd368fbd0bd6 d489aac77955de0d71fd5c271fddccd40050db4ef8ce8d817320ca9554057c3a lib/codeql/swift/generated/type/UnboundGenericType.qll 43549cbdaaa05c3c6e3d6757aca7c549b67f3c1f7d7f0a987121de0c80567a78 43549cbdaaa05c3c6e3d6757aca7c549b67f3c1f7d7f0a987121de0c80567a78 lib/codeql/swift/generated/type/UnmanagedStorageType.qll 198727a7c9557a0a92c6d833768086f0a0a18c546b4bfd486d7ff7ad5677a6aa 198727a7c9557a0a92c6d833768086f0a0a18c546b4bfd486d7ff7ad5677a6aa @@ -819,7 +818,8 @@ test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getArgum test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getType.ql 07d59d9962f3705f8f32302c0d730c179ca980172dd000b724a72e768fbf39db cd146e19249590316bb83efec19dd41234723513025cf9df45313f78f2b364dd test/extractor-tests/generated/expr/OneWayExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OpaqueValueExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 -test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 +test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql 48da42e3a2d44f4ca6b159bc8ba273352984b34fd14a3d6ca15ec9d6c38a2608 ba6a769c8c3c8cea40d64e0339515f59aded493d2c8f9c2447b10bcc43bed5f7 +test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql f8d4ddc40e4bef7760446bfb90f3d2b7438fd5a0a2aa092efd59493fa8a98b23 e54f77a98a38c2c68414a5e6de8de18189ce7f0e68f9c945ab387e52d7e04a12 test/extractor-tests/generated/expr/OptionalEvaluationExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OptionalTryExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OtherInitializerRefExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 diff --git a/swift/ql/.gitattributes b/swift/ql/.gitattributes index 71cc5c58ecf..0f00752d7db 100644 --- a/swift/ql/.gitattributes +++ b/swift/ql/.gitattributes @@ -26,7 +26,6 @@ /lib/codeql/swift/elements/decl/ConcreteVarDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/DeinitializerConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/EnumCaseDeclConstructor.qll linguist-generated -/lib/codeql/swift/elements/decl/EnumDecl.qll linguist-generated /lib/codeql/swift/elements/decl/EnumDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/EnumElementDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/ExtensionDeclConstructor.qll linguist-generated @@ -821,7 +820,8 @@ /test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getType.ql linguist-generated /test/extractor-tests/generated/expr/OneWayExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OpaqueValueExpr/MISSING_SOURCE.txt linguist-generated -/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt linguist-generated +/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql linguist-generated +/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql linguist-generated /test/extractor-tests/generated/expr/OptionalEvaluationExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OptionalTryExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OtherInitializerRefExpr/MISSING_SOURCE.txt linguist-generated diff --git a/swift/ql/test/library-tests/controlflow/graph/consistency.ql b/swift/ql/consistency-queries/CfgConsistency.ql similarity index 100% rename from swift/ql/test/library-tests/controlflow/graph/consistency.ql rename to swift/ql/consistency-queries/CfgConsistency.ql diff --git a/swift/ql/consistency-queries/PrintAstConsistency.ql b/swift/ql/consistency-queries/PrintAstConsistency.ql new file mode 100644 index 00000000000..12c7dfe5991 --- /dev/null +++ b/swift/ql/consistency-queries/PrintAstConsistency.ql @@ -0,0 +1 @@ +import codeql.swift.printast.Consistency diff --git a/java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md b/swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md similarity index 51% rename from java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md rename to swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md index 3a037075967..a3f2e4bbe81 100644 --- a/java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md +++ b/swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md @@ -1,5 +1,4 @@ --- -category: minorAnalysis +category: newQuery --- -* Added models for the `io.jsonwebtoken` library. - +* Added two consistency queries for checking control flow and AST printing internals. diff --git a/swift/ql/consistency-queries/qlpack.yml b/swift/ql/consistency-queries/qlpack.yml new file mode 100644 index 00000000000..57ef2babccf --- /dev/null +++ b/swift/ql/consistency-queries/qlpack.yml @@ -0,0 +1,4 @@ +name: codeql/swift-consistency-queries +groups: [swift, test, consistency-queries] +dependencies: + codeql/swift-all: ${workspace} diff --git a/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md b/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md new file mode 100644 index 00000000000..6e26484f5dc --- /dev/null +++ b/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Some models for the `Data` class have been generalized to `DataProtocol` so that they apply more widely. \ No newline at end of file diff --git a/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md new file mode 100644 index 00000000000..208486b8f27 --- /dev/null +++ b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md @@ -0,0 +1,5 @@ +--- +category: fix +--- + +* Fixed a number of inconsistencies in the abstract syntax tree (AST) and in the control-flow graph (CFG). This may lead to more results in queries that use these libraries, or libraries that depend on them (such as dataflow). diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll index d3eb3aaa244..4ec5d691256 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll @@ -111,31 +111,21 @@ module Stmts { override predicate propagatesAbnormal(ControlFlowElement node) { none() } - private predicate isBodyOfTapExpr() { any(TapExpr tap).getBody() = ast } - - // Note: If the brace statement is the body of a `TapExpr`, the first element is the variable - // declaration (see https://github.com/apple/swift/blob/main/include/swift/AST/Expr.h#L848) - // that's initialized by the `TapExpr`. In `TapExprTree` we've already visited this declaration, - // along with its initializer. So we skip the first element here. - private AstNode getFirstElement() { - if this.isBodyOfTapExpr() then result = ast.getElement(1) else result = ast.getFirstElement() - } - override predicate first(ControlFlowElement first) { this.firstInner(first) or - not exists(this.getFirstElement()) and first.asAstNode() = ast + not exists(ast.getFirstElement()) and first.asAstNode() = ast } override predicate last(ControlFlowElement last, Completion c) { this.lastInner(last, c) or - not exists(this.getFirstElement()) and + not exists(ast.getFirstElement()) and last.asAstNode() = ast and c instanceof SimpleCompletion } - predicate firstInner(ControlFlowElement first) { astFirst(this.getFirstElement(), first) } + predicate firstInner(ControlFlowElement first) { astFirst(ast.getFirstElement(), first) } /** Gets the body of the i'th `defer` statement. */ private BraceStmt getDeferStmtBody(int i) { @@ -969,6 +959,15 @@ module Decls { result.asAstNode() = ast.getPattern(j).getFullyUnresolved() ) or + // synthesized pattern bindings for property wrappers may be sharing the init with the backed + // variable declaration, so we need to skip those + not exists(VarDecl decl | + ast = + [ + decl.getPropertyWrapperBackingVarBinding(), + decl.getPropertyWrapperProjectionVarBinding() + ] + ) and exists(int j | i = 2 * j + 1 and result.asAstNode() = ast.getInit(j).getFullyConverted() @@ -1397,20 +1396,12 @@ module Exprs { override TapExpr ast; final override ControlFlowElement getChildElement(int i) { - // We first visit the local variable declaration. + // We first visit the expression that gives the local variable its initial value. i = 0 and - result.asAstNode() = ast.getVar() - or - // Then we visit the expression that gives the local variable its initial value. - i = 1 and result.asAstNode() = ast.getSubExpr().getFullyConverted() or - // And finally, we visit the body that potentially mutates the local variable. - // Note that the CFG for the body will skip the first element in the - // body because it's guaranteed to be the variable declaration - // that we've already visited at i = 0. See the explanation - // in `BraceStmtTree` for why this is necessary. - i = 2 and + // And then we visit the body that potentially mutates the local variable. + i = 1 and result.asAstNode() = ast.getBody() } } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll index e13636a911e..d5306461784 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll @@ -117,8 +117,8 @@ string getComponentSpecific(SummaryComponent sc) { or exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + rk + "]" and - not rk instanceof NormalReturnKind + not rk = getReturnValueKind() and + result = "ReturnValue" + "[" + rk + "]" ) } diff --git a/swift/ql/lib/codeql/swift/elements/Locatable.qll b/swift/ql/lib/codeql/swift/elements/Locatable.qll index 80afa75c1de..25877d7f074 100644 --- a/swift/ql/lib/codeql/swift/elements/Locatable.qll +++ b/swift/ql/lib/codeql/swift/elements/Locatable.qll @@ -4,10 +4,10 @@ private import codeql.swift.elements.UnknownLocation class Locatable extends Generated::Locatable { pragma[nomagic] - override Location getImmediateLocation() { - result = Generated::Locatable.super.getImmediateLocation() + override Location getLocation() { + result = Generated::Locatable.super.getLocation() or - not exists(Generated::Locatable.super.getImmediateLocation()) and + not exists(Generated::Locatable.super.getLocation()) and result instanceof UnknownLocation } diff --git a/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll b/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll index b97ef6e4e8f..df8823fe028 100644 --- a/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll +++ b/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll @@ -6,7 +6,7 @@ private import codeql.swift.elements.File * A `Location` that is given to something that is not associated with any position in the source code. */ class UnknownLocation extends Generated::UnknownLocation { - override File getImmediateFile() { result instanceof UnknownFile } + override File getFile() { result instanceof UnknownFile } override int getStartLine() { result = 0 } diff --git a/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll b/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll index cbafea24532..b062beeb197 100644 --- a/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll +++ b/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll @@ -19,5 +19,5 @@ class UnspecifiedElement extends Generated::UnspecifiedElement { ) } - override Location getImmediateLocation() { result = this.getParent().(Locatable).getLocation() } + override Location getLocation() { result = this.getParent().(Locatable).getLocation() } } diff --git a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll index f7c42dc9a2f..91f597c8d38 100644 --- a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll +++ b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll @@ -1,4 +1,36 @@ -// generated by codegen/codegen.py, remove this comment if you wish to edit this file private import codeql.swift.generated.decl.EnumDecl +private import codeql.swift.elements.decl.EnumCaseDecl +private import codeql.swift.elements.decl.EnumElementDecl +private import codeql.swift.elements.decl.Decl -class EnumDecl extends Generated::EnumDecl { } +/** + * An enumeration declaration, for example: + * ``` + * enum MyColours { + * case red + * case green + * case blue + * } + * ``` + */ +class EnumDecl extends Generated::EnumDecl { + /** + * Gets the `index`th enumeration element of this enumeration (0-based). + */ + final EnumElementDecl getEnumElement(int index) { + result = + rank[index + 1](int memberIndex, Decl d | + d = this.getMember(memberIndex) and + d instanceof EnumElementDecl + | + d order by memberIndex + ) + } + + /** + * Gets an enumeration element of this enumeration. + */ + final EnumElementDecl getAnEnumElement() { + result = this.getMember(_).(EnumCaseDecl).getElement(_) + } +} diff --git a/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll index 4dbdff505b4..ba036ddafcf 100644 --- a/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll +++ b/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll @@ -14,7 +14,7 @@ class MethodLookupExpr extends Generated::MethodLookupExpr { result = Synth::convertExprFromRaw(this.getUnderlying().getBase()) } - override Decl getImmediateMember() { + override Decl getMember() { result = this.getMethodRef().(DeclRefExpr).getDecl() or result = this.getMethodRef().(OtherInitializerRefExpr).getInitializer() diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll index d1ede40a14d..c057293f00e 100644 --- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll +++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll @@ -26,9 +26,9 @@ private class DataSummaries extends SummaryModelCsv { ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint", ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint", ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint", - ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", - ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", - ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint", ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint", ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint", diff --git a/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll b/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll index c0c7ec1ad00..3659bf7f16f 100644 --- a/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll +++ b/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll @@ -32,27 +32,14 @@ module Generated { /** * Gets the `index`th spec of this availability info (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AvailabilitySpec getImmediateSpec(int index) { + AvailabilitySpec getSpec(int index) { result = Synth::convertAvailabilitySpecFromRaw(Synth::convertAvailabilityInfoToRaw(this) .(Raw::AvailabilityInfo) .getSpec(index)) } - /** - * Gets the `index`th spec of this availability info (0-based). - */ - final AvailabilitySpec getSpec(int index) { - exists(AvailabilitySpec immediate | - immediate = this.getImmediateSpec(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the specs of this availability info. */ diff --git a/swift/ql/lib/codeql/swift/generated/Callable.qll b/swift/ql/lib/codeql/swift/generated/Callable.qll index db03af1dbd0..124828a8e0d 100644 --- a/swift/ql/lib/codeql/swift/generated/Callable.qll +++ b/swift/ql/lib/codeql/swift/generated/Callable.qll @@ -20,27 +20,14 @@ module Generated { /** * Gets the self parameter of this callable, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateSelfParam() { + ParamDecl getSelfParam() { result = Synth::convertParamDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getSelfParam()) } - /** - * Gets the self parameter of this callable, if it exists. - */ - final ParamDecl getSelfParam() { - exists(ParamDecl immediate | - immediate = this.getImmediateSelfParam() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getSelfParam()` exists. */ @@ -48,27 +35,14 @@ module Generated { /** * Gets the `index`th parameter of this callable (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getParam(index)) } - /** - * Gets the `index`th parameter of this callable (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this callable. */ @@ -79,27 +53,14 @@ module Generated { */ final int getNumberOfParams() { result = count(int i | exists(this.getParam(i))) } - /** - * Gets the body of this callable, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - BraceStmt getImmediateBody() { - result = - Synth::convertBraceStmtFromRaw(Synth::convertCallableToRaw(this).(Raw::Callable).getBody()) - } - /** * Gets the body of this callable, if it exists. * * The body is absent within protocol declarations. */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + BraceStmt getBody() { + result = + Synth::convertBraceStmtFromRaw(Synth::convertCallableToRaw(this).(Raw::Callable).getBody()) } /** @@ -109,27 +70,14 @@ module Generated { /** * Gets the `index`th capture of this callable (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CapturedDecl getImmediateCapture(int index) { + CapturedDecl getCapture(int index) { result = Synth::convertCapturedDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getCapture(index)) } - /** - * Gets the `index`th capture of this callable (0-based). - */ - final CapturedDecl getCapture(int index) { - exists(CapturedDecl immediate | - immediate = this.getImmediateCapture(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the captures of this callable. */ diff --git a/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll b/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll index a6b48cc2e0c..564e0397357 100644 --- a/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll +++ b/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll @@ -32,27 +32,14 @@ module Generated { /** * Gets the `index`th argument to an array or dictionary subscript expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateSubscriptArgument(int index) { + Argument getSubscriptArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertKeyPathComponentToRaw(this) .(Raw::KeyPathComponent) .getSubscriptArgument(index)) } - /** - * Gets the `index`th argument to an array or dictionary subscript expression (0-based). - */ - final Argument getSubscriptArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateSubscriptArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments to an array or dictionary subscript expression. */ @@ -79,27 +66,14 @@ module Generated { /** * Gets the property or subscript operator, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDeclRef() { + ValueDecl getDeclRef() { result = Synth::convertValueDeclFromRaw(Synth::convertKeyPathComponentToRaw(this) .(Raw::KeyPathComponent) .getDeclRef()) } - /** - * Gets the property or subscript operator, if it exists. - */ - final ValueDecl getDeclRef() { - exists(ValueDecl immediate | - immediate = this.getImmediateDeclRef() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getDeclRef()` exists. */ @@ -128,7 +102,7 @@ module Generated { final Type getComponentType() { exists(Type immediate | immediate = this.getImmediateComponentType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/Locatable.qll b/swift/ql/lib/codeql/swift/generated/Locatable.qll index bb8b832a6af..9696d5d23ad 100644 --- a/swift/ql/lib/codeql/swift/generated/Locatable.qll +++ b/swift/ql/lib/codeql/swift/generated/Locatable.qll @@ -8,27 +8,14 @@ module Generated { class Locatable extends Synth::TLocatable, Element { /** * Gets the location associated with this element in the code, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Location getImmediateLocation() { + Location getLocation() { result = Synth::convertLocationFromRaw(Synth::convertLocatableToRaw(this) .(Raw::Locatable) .getLocation()) } - /** - * Gets the location associated with this element in the code, if it exists. - */ - final Location getLocation() { - exists(Location immediate | - immediate = this.getImmediateLocation() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getLocation()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/Location.qll b/swift/ql/lib/codeql/swift/generated/Location.qll index 9cdbd95fe8d..a95b34a9afa 100644 --- a/swift/ql/lib/codeql/swift/generated/Location.qll +++ b/swift/ql/lib/codeql/swift/generated/Location.qll @@ -8,25 +8,12 @@ module Generated { class Location extends Synth::TLocation, Element { /** * Gets the file of this location. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - File getImmediateFile() { + File getFile() { result = Synth::convertFileFromRaw(Synth::convertLocationToRaw(this).(Raw::Location).getFile()) } - /** - * Gets the file of this location. - */ - final File getFile() { - exists(File immediate | - immediate = this.getImmediateFile() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the start line of this location. */ diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 09c48606353..c2b8b7f38c4 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -16,22 +16,22 @@ private module Impl { bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and n = bElement and nSelfParam = n + 1 and - nParam = nSelfParam + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = nSelfParam + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and nBody = nParam + 1 and - nCapture = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateCapture(i)) | i) and + nCapture = nBody + 1 + max(int i | i = -1 or exists(e.getCapture(i)) | i) and ( none() or result = getImmediateChildOfElement(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateSelfParam() and partialPredicateCall = "SelfParam()" + index = n and result = e.getSelfParam() and partialPredicateCall = "SelfParam()" or - result = e.getImmediateParam(index - nSelfParam) and + result = e.getParam(index - nSelfParam) and partialPredicateCall = "Param(" + (index - nSelfParam).toString() + ")" or - index = nParam and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nParam and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateCapture(index - nBody) and + result = e.getCapture(index - nBody) and partialPredicateCall = "Capture(" + (index - nBody).toString() + ")" ) ) @@ -195,13 +195,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nSpec = n + 1 + max(int i | i = -1 or exists(e.getImmediateSpec(i)) | i) and + nSpec = n + 1 + max(int i | i = -1 or exists(e.getSpec(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateSpec(index - n) and + result = e.getSpec(index - n) and partialPredicateCall = "Spec(" + (index - n).toString() + ")" ) ) @@ -229,14 +229,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nSubscriptArgument = - n + 1 + max(int i | i = -1 or exists(e.getImmediateSubscriptArgument(i)) | i) and + nSubscriptArgument = n + 1 + max(int i | i = -1 or exists(e.getSubscriptArgument(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateSubscriptArgument(index - n) and + result = e.getSubscriptArgument(index - n) and partialPredicateCall = "SubscriptArgument(" + (index - n).toString() + ")" ) ) @@ -295,13 +294,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nMember = n + 1 + max(int i | i = -1 or exists(e.getImmediateMember(i)) | i) and + nMember = n + 1 + max(int i | i = -1 or exists(e.getMember(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateMember(index - n) and + result = e.getMember(index - n) and partialPredicateCall = "Member(" + (index - n).toString() + ")" ) ) @@ -314,14 +313,13 @@ private module Impl { b = 0 and bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and n = bElement and - nGenericTypeParam = - n + 1 + max(int i | i = -1 or exists(e.getImmediateGenericTypeParam(i)) | i) and + nGenericTypeParam = n + 1 + max(int i | i = -1 or exists(e.getGenericTypeParam(i)) | i) and ( none() or result = getImmediateChildOfElement(e, index - b, partialPredicateCall) or - result = e.getImmediateGenericTypeParam(index - n) and + result = e.getGenericTypeParam(index - n) and partialPredicateCall = "GenericTypeParam(" + (index - n).toString() + ")" ) ) @@ -504,7 +502,7 @@ private module Impl { or result = getImmediateChildOfDecl(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -529,13 +527,13 @@ private module Impl { b = 0 and bValueDecl = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfValueDecl(e, i, _)) | i) and n = bValueDecl and - nAccessor = n + 1 + max(int i | i = -1 or exists(e.getImmediateAccessor(i)) | i) and + nAccessor = n + 1 + max(int i | i = -1 or exists(e.getAccessor(i)) | i) and ( none() or result = getImmediateChildOfValueDecl(e, index - b, partialPredicateCall) or - result = e.getImmediateAccessor(index - n) and + result = e.getAccessor(index - n) and partialPredicateCall = "Accessor(" + (index - n).toString() + ")" ) ) @@ -548,13 +546,13 @@ private module Impl { b = 0 and bValueDecl = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfValueDecl(e, i, _)) | i) and n = bValueDecl and - nParam = n + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = n + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and ( none() or result = getImmediateChildOfValueDecl(e, index - b, partialPredicateCall) or - result = e.getImmediateParam(index - n) and + result = e.getParam(index - n) and partialPredicateCall = "Param(" + (index - n).toString() + ")" ) ) @@ -749,7 +747,7 @@ private module Impl { bAbstractStorageDecl + 1 + max(int i | i = -1 or exists(getImmediateChildOfGenericContext(e, i, _)) | i) and n = bGenericContext and - nParam = n + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = n + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and ( none() or @@ -758,7 +756,7 @@ private module Impl { result = getImmediateChildOfGenericContext(e, index - bAbstractStorageDecl, partialPredicateCall) or - result = e.getImmediateParam(index - n) and + result = e.getParam(index - n) and partialPredicateCall = "Param(" + (index - n).toString() + ")" ) ) @@ -784,19 +782,19 @@ private module Impl { result = getImmediateChildOfAbstractStorageDecl(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediatePropertyWrapperBackingVarBinding() and + result = e.getPropertyWrapperBackingVarBinding() and partialPredicateCall = "PropertyWrapperBackingVarBinding()" or index = nPropertyWrapperBackingVarBinding and - result = e.getImmediatePropertyWrapperBackingVar() and + result = e.getPropertyWrapperBackingVar() and partialPredicateCall = "PropertyWrapperBackingVar()" or index = nPropertyWrapperBackingVar and - result = e.getImmediatePropertyWrapperProjectionVarBinding() and + result = e.getPropertyWrapperProjectionVarBinding() and partialPredicateCall = "PropertyWrapperProjectionVarBinding()" or index = nPropertyWrapperProjectionVarBinding and - result = e.getImmediatePropertyWrapperProjectionVar() and + result = e.getPropertyWrapperProjectionVar() and partialPredicateCall = "PropertyWrapperProjectionVar()" ) ) @@ -929,11 +927,11 @@ private module Impl { result = getImmediateChildOfVarDecl(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediatePropertyWrapperLocalWrappedVarBinding() and + result = e.getPropertyWrapperLocalWrappedVarBinding() and partialPredicateCall = "PropertyWrapperLocalWrappedVarBinding()" or index = nPropertyWrapperLocalWrappedVarBinding and - result = e.getImmediatePropertyWrapperLocalWrappedVar() and + result = e.getPropertyWrapperLocalWrappedVar() and partialPredicateCall = "PropertyWrapperLocalWrappedVar()" ) ) @@ -1082,7 +1080,7 @@ private module Impl { bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nFunction = n + 1 and - nArgument = nFunction + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = nFunction + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or @@ -1090,7 +1088,7 @@ private module Impl { or index = n and result = e.getImmediateFunction() and partialPredicateCall = "Function()" or - result = e.getImmediateArgument(index - nFunction) and + result = e.getArgument(index - nFunction) and partialPredicateCall = "Argument(" + (index - nFunction).toString() + ")" ) ) @@ -1140,14 +1138,14 @@ private module Impl { b = 0 and bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and - nBindingDecl = n + 1 + max(int i | i = -1 or exists(e.getImmediateBindingDecl(i)) | i) and + nBindingDecl = n + 1 + max(int i | i = -1 or exists(e.getBindingDecl(i)) | i) and nClosureBody = nBindingDecl + 1 and ( none() or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateBindingDecl(index - n) and + result = e.getBindingDecl(index - n) and partialPredicateCall = "BindingDecl(" + (index - n).toString() + ")" or index = nBindingDecl and @@ -1470,15 +1468,15 @@ private module Impl { bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nRoot = n + 1 and - nComponent = nRoot + 1 + max(int i | i = -1 or exists(e.getImmediateComponent(i)) | i) and + nComponent = nRoot + 1 + max(int i | i = -1 or exists(e.getComponent(i)) | i) and ( none() or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateRoot() and partialPredicateCall = "Root()" + index = n and result = e.getRoot() and partialPredicateCall = "Root()" or - result = e.getImmediateComponent(index - nRoot) and + result = e.getComponent(index - nRoot) and partialPredicateCall = "Component(" + (index - nRoot).toString() + ")" ) ) @@ -1615,13 +1613,12 @@ private module Impl { private Element getImmediateChildOfOpenExistentialExpr( OpenExistentialExpr e, int index, string partialPredicateCall ) { - exists(int b, int bExpr, int n, int nSubExpr, int nExistential, int nOpaqueExpr | + exists(int b, int bExpr, int n, int nSubExpr, int nExistential | b = 0 and bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nSubExpr = n + 1 and nExistential = nSubExpr + 1 and - nOpaqueExpr = nExistential + 1 and ( none() or @@ -1632,10 +1629,6 @@ private module Impl { index = nSubExpr and result = e.getImmediateExistential() and partialPredicateCall = "Existential()" - or - index = nExistential and - result = e.getImmediateOpaqueExpr() and - partialPredicateCall = "OpaqueExpr()" ) ) } @@ -1773,7 +1766,7 @@ private module Impl { or index = n and result = e.getImmediateSubExpr() and partialPredicateCall = "SubExpr()" or - index = nSubExpr and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nSubExpr and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -1824,7 +1817,7 @@ private module Impl { or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateTypeRepr() and partialPredicateCall = "TypeRepr()" + index = n and result = e.getTypeRepr() and partialPredicateCall = "TypeRepr()" ) ) } @@ -2515,31 +2508,18 @@ private module Impl { private Element getImmediateChildOfInterpolatedStringLiteralExpr( InterpolatedStringLiteralExpr e, int index, string partialPredicateCall ) { - exists( - int b, int bLiteralExpr, int n, int nInterpolationCountExpr, int nLiteralCapacityExpr, - int nAppendingExpr - | + exists(int b, int bLiteralExpr, int n, int nAppendingExpr | b = 0 and bLiteralExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLiteralExpr(e, i, _)) | i) and n = bLiteralExpr and - nInterpolationCountExpr = n + 1 and - nLiteralCapacityExpr = nInterpolationCountExpr + 1 and - nAppendingExpr = nLiteralCapacityExpr + 1 and + nAppendingExpr = n + 1 and ( none() or result = getImmediateChildOfLiteralExpr(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediateInterpolationCountExpr() and - partialPredicateCall = "InterpolationCountExpr()" - or - index = nInterpolationCountExpr and - result = e.getImmediateLiteralCapacityExpr() and - partialPredicateCall = "LiteralCapacityExpr()" - or - index = nLiteralCapacityExpr and result = e.getImmediateAppendingExpr() and partialPredicateCall = "AppendingExpr()" ) @@ -2688,13 +2668,13 @@ private module Impl { bLiteralExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLiteralExpr(e, i, _)) | i) and n = bLiteralExpr and - nArgument = n + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = n + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or result = getImmediateChildOfLiteralExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateArgument(index - n) and + result = e.getArgument(index - n) and partialPredicateCall = "Argument(" + (index - n).toString() + ")" ) ) @@ -2850,13 +2830,13 @@ private module Impl { bLookupExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLookupExpr(e, i, _)) | i) and n = bLookupExpr and - nArgument = n + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = n + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or result = getImmediateChildOfLookupExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateArgument(index - n) and + result = e.getArgument(index - n) and partialPredicateCall = "Argument(" + (index - n).toString() + ")" ) ) @@ -3267,9 +3247,7 @@ private module Impl { or result = getImmediateChildOfPattern(e, index - b, partialPredicateCall) or - index = n and - result = e.getImmediateCastTypeRepr() and - partialPredicateCall = "CastTypeRepr()" + index = n and result = e.getCastTypeRepr() and partialPredicateCall = "CastTypeRepr()" or index = nCastTypeRepr and result = e.getImmediateSubPattern() and @@ -3364,9 +3342,7 @@ private module Impl { or index = n and result = e.getImmediateSubPattern() and partialPredicateCall = "SubPattern()" or - index = nSubPattern and - result = e.getImmediateTypeRepr() and - partialPredicateCall = "TypeRepr()" + index = nSubPattern and result = e.getTypeRepr() and partialPredicateCall = "TypeRepr()" ) ) } @@ -3419,7 +3395,7 @@ private module Impl { partialPredicateCall = "Initializer()" or index = nInitializer and - result = e.getImmediateAvailability() and + result = e.getAvailability() and partialPredicateCall = "Availability()" ) ) @@ -3445,13 +3421,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nElement = n + 1 + max(int i | i = -1 or exists(e.getImmediateElement(i)) | i) and + nElement = n + 1 + max(int i | i = -1 or exists(e.getElement(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateElement(index - n) and + result = e.getElement(index - n) and partialPredicateCall = "Element(" + (index - n).toString() + ")" ) ) @@ -3493,15 +3469,15 @@ private module Impl { bStmt = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfStmt(e, i, _)) | i) and n = bStmt and nBody = n + 1 and - nLabel = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateLabel(i)) | i) and + nLabel = nBody + 1 + max(int i | i = -1 or exists(e.getLabel(i)) | i) and ( none() or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateLabel(index - nBody) and + result = e.getLabel(index - nBody) and partialPredicateCall = "Label(" + (index - nBody).toString() + ")" ) ) @@ -3533,7 +3509,7 @@ private module Impl { or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3654,15 +3630,15 @@ private module Impl { b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLabeledStmt(e, i, _)) | i) and n = bLabeledStmt and nBody = n + 1 and - nCatch = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateCatch(i)) | i) and + nCatch = nBody + 1 + max(int i | i = -1 or exists(e.getCatch(i)) | i) and ( none() or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateCatch(index - nBody) and + result = e.getCatch(index - nBody) and partialPredicateCall = "Catch(" + (index - nBody).toString() + ")" ) ) @@ -3680,7 +3656,7 @@ private module Impl { or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3710,7 +3686,7 @@ private module Impl { or index = nSequence and result = e.getImmediateWhere() and partialPredicateCall = "Where()" or - index = nWhere and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nWhere and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3729,7 +3705,7 @@ private module Impl { or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateCondition() and partialPredicateCall = "Condition()" + index = n and result = e.getCondition() and partialPredicateCall = "Condition()" ) ) } @@ -3751,7 +3727,7 @@ private module Impl { or index = n and result = e.getImmediateCondition() and partialPredicateCall = "Condition()" or - index = nCondition and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nCondition and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3763,7 +3739,7 @@ private module Impl { b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLabeledStmt(e, i, _)) | i) and n = bLabeledStmt and nExpr = n + 1 and - nCase = nExpr + 1 + max(int i | i = -1 or exists(e.getImmediateCase(i)) | i) and + nCase = nExpr + 1 + max(int i | i = -1 or exists(e.getCase(i)) | i) and ( none() or @@ -3771,7 +3747,7 @@ private module Impl { or index = n and result = e.getImmediateExpr() and partialPredicateCall = "Expr()" or - result = e.getImmediateCase(index - nExpr) and + result = e.getCase(index - nExpr) and partialPredicateCall = "Case(" + (index - nExpr).toString() + ")" ) ) @@ -3790,7 +3766,7 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3809,9 +3785,9 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateThen() and partialPredicateCall = "Then()" + index = n and result = e.getThen() and partialPredicateCall = "Then()" or - index = nThen and result = e.getImmediateElse() and partialPredicateCall = "Else()" + index = nThen and result = e.getElse() and partialPredicateCall = "Else()" ) ) } @@ -3829,7 +3805,7 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index dc5ddeed979..bfe16826992 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -310,6 +310,10 @@ module Raw { /** * Gets the `index`th member of this declaration (0-based). + * + * Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + * on the order of members given by `getMember`. In some cases the order of members may not + * align with expectations, and could change in future releases. */ Decl getMember(int index) { decl_members(this, index, result) } } @@ -1434,22 +1438,35 @@ module Raw { /** * INTERNAL: Do not use. + * An implicit expression created by the compiler when a method is called on a protocol. For example in + * ``` + * protocol P { + * func foo() -> Int + * } + * func bar(x: P) -> Int { + * return x.foo() + * } + * `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + * an `OpaqueValueExpr`. + * ``` */ class OpenExistentialExpr extends @open_existential_expr, Expr { override string toString() { result = "OpenExistentialExpr" } /** * Gets the sub expression of this open existential expression. + * + * This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used. */ Expr getSubExpr() { open_existential_exprs(this, result, _, _) } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. */ Expr getExistential() { open_existential_exprs(this, _, result, _) } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. */ OpaqueValueExpr getOpaqueExpr() { open_existential_exprs(this, _, _, result) } } @@ -1961,20 +1978,6 @@ module Raw { interpolated_string_literal_expr_interpolation_exprs(this, result) } - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - */ - Expr getInterpolationCountExpr() { - interpolated_string_literal_expr_interpolation_count_exprs(this, result) - } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - */ - Expr getLiteralCapacityExpr() { - interpolated_string_literal_expr_literal_capacity_exprs(this, result) - } - /** * Gets the appending expression of this interpolated string literal expression, if it exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll index f2f78d9cafc..7a5c1b5903f 100644 --- a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll +++ b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll @@ -27,7 +27,7 @@ module Generated { final Element getParent() { exists(Element immediate | immediate = this.getImmediateParent() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll index 0ecb0836313..b60203d43b4 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll @@ -8,27 +8,14 @@ module Generated { class AbstractStorageDecl extends Synth::TAbstractStorageDecl, ValueDecl { /** * Gets the `index`th accessor of this abstract storage declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Accessor getImmediateAccessor(int index) { + Accessor getAccessor(int index) { result = Synth::convertAccessorFromRaw(Synth::convertAbstractStorageDeclToRaw(this) .(Raw::AbstractStorageDecl) .getAccessor(index)) } - /** - * Gets the `index`th accessor of this abstract storage declaration (0-based). - */ - final Accessor getAccessor(int index) { - exists(Accessor immediate | - immediate = this.getImmediateAccessor(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the accessors of this abstract storage declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll index 9749202fec3..d2c54edfde9 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the the declaration captured by the parent closure. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDecl() { + ValueDecl getDecl() { result = Synth::convertValueDeclFromRaw(Synth::convertCapturedDeclToRaw(this) .(Raw::CapturedDecl) .getDecl()) } - /** - * Gets the the declaration captured by the parent closure. - */ - final ValueDecl getDecl() { - exists(ValueDecl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if this captured declaration is direct. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll index 33cb4ec46ca..9b7516b31da 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll @@ -8,45 +8,23 @@ module Generated { class Decl extends Synth::TDecl, AstNode { /** * Gets the module of this declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateModule() { + ModuleDecl getModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertDeclToRaw(this).(Raw::Decl).getModule()) } - /** - * Gets the module of this declaration. - */ - final ModuleDecl getModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th member of this declaration (0-based). * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + * on the order of members given by `getMember`. In some cases the order of members may not + * align with expectations, and could change in future releases. */ - Decl getImmediateMember(int index) { + Decl getMember(int index) { result = Synth::convertDeclFromRaw(Synth::convertDeclToRaw(this).(Raw::Decl).getMember(index)) } - /** - * Gets the `index`th member of this declaration (0-based). - */ - final Decl getMember(int index) { - exists(Decl immediate | - immediate = this.getImmediateMember(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the members of this declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll index 59834181269..68966a3a7d3 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th element of this enum case declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement(int index) { + EnumElementDecl getElement(int index) { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumCaseDeclToRaw(this) .(Raw::EnumCaseDecl) .getElement(index)) } - /** - * Gets the `index`th element of this enum case declaration (0-based). - */ - final EnumElementDecl getElement(int index) { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the elements of this enum case declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll index 148124d0f8f..e8c68320053 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll @@ -17,27 +17,14 @@ module Generated { /** * Gets the `index`th parameter of this enum element declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertEnumElementDeclToRaw(this) .(Raw::EnumElementDecl) .getParam(index)) } - /** - * Gets the `index`th parameter of this enum element declaration (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this enum element declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll index 2863c3aca52..5fa3dd2bc3a 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll @@ -12,50 +12,24 @@ module Generated { /** * Gets the extended type declaration of this extension declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - NominalTypeDecl getImmediateExtendedTypeDecl() { + NominalTypeDecl getExtendedTypeDecl() { result = Synth::convertNominalTypeDeclFromRaw(Synth::convertExtensionDeclToRaw(this) .(Raw::ExtensionDecl) .getExtendedTypeDecl()) } - /** - * Gets the extended type declaration of this extension declaration. - */ - final NominalTypeDecl getExtendedTypeDecl() { - exists(NominalTypeDecl immediate | - immediate = this.getImmediateExtendedTypeDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th protocol of this extension declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ProtocolDecl getImmediateProtocol(int index) { + ProtocolDecl getProtocol(int index) { result = Synth::convertProtocolDeclFromRaw(Synth::convertExtensionDeclToRaw(this) .(Raw::ExtensionDecl) .getProtocol(index)) } - /** - * Gets the `index`th protocol of this extension declaration (0-based). - */ - final ProtocolDecl getProtocol(int index) { - exists(ProtocolDecl immediate | - immediate = this.getImmediateProtocol(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the protocols of this extension declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll b/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll index 4855a60fa10..ade061da641 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll @@ -8,27 +8,14 @@ module Generated { class GenericContext extends Synth::TGenericContext, Element { /** * Gets the `index`th generic type parameter of this generic context (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - GenericTypeParamDecl getImmediateGenericTypeParam(int index) { + GenericTypeParamDecl getGenericTypeParam(int index) { result = Synth::convertGenericTypeParamDeclFromRaw(Synth::convertGenericContextToRaw(this) .(Raw::GenericContext) .getGenericTypeParam(index)) } - /** - * Gets the `index`th generic type parameter of this generic context (0-based). - */ - final GenericTypeParamDecl getGenericTypeParam(int index) { - exists(GenericTypeParamDecl immediate | - immediate = this.getImmediateGenericTypeParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the generic type parameters of this generic context. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll index 23c42ea9c6c..aec001a1122 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll @@ -27,7 +27,7 @@ module Generated { final AstNode getActiveElement(int index) { exists(AstNode immediate | immediate = this.getImmediateActiveElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll index df928494a73..8686d55c405 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll @@ -16,27 +16,14 @@ module Generated { /** * Gets the imported module of this import declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateImportedModule() { + ModuleDecl getImportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertImportDeclToRaw(this) .(Raw::ImportDecl) .getImportedModule()) } - /** - * Gets the imported module of this import declaration, if it exists. - */ - final ModuleDecl getImportedModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateImportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getImportedModule()` exists. */ @@ -44,27 +31,14 @@ module Generated { /** * Gets the `index`th declaration of this import declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDeclaration(int index) { + ValueDecl getDeclaration(int index) { result = Synth::convertValueDeclFromRaw(Synth::convertImportDeclToRaw(this) .(Raw::ImportDecl) .getDeclaration(index)) } - /** - * Gets the `index`th declaration of this import declaration (0-based). - */ - final ValueDecl getDeclaration(int index) { - exists(ValueDecl immediate | - immediate = this.getImmediateDeclaration(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the declarations of this import declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll index e9749c13355..30649ed8ec6 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the precedence group of this infix operator declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - PrecedenceGroupDecl getImmediatePrecedenceGroup() { + PrecedenceGroupDecl getPrecedenceGroup() { result = Synth::convertPrecedenceGroupDeclFromRaw(Synth::convertInfixOperatorDeclToRaw(this) .(Raw::InfixOperatorDecl) .getPrecedenceGroup()) } - /** - * Gets the precedence group of this infix operator declaration, if it exists. - */ - final PrecedenceGroupDecl getPrecedenceGroup() { - exists(PrecedenceGroupDecl immediate | - immediate = this.getImmediatePrecedenceGroup() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPrecedenceGroup()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll index 3fc71350932..6654dfd4e49 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll @@ -24,28 +24,14 @@ module Generated { /** * Gets the `index`th imported module of this module declaration (0-based). *Gets any of the imported modules of this module declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getAnImmediateImportedModule() { + ModuleDecl getAnImportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleDeclToRaw(this) .(Raw::ModuleDecl) .getAnImportedModule()) } - /** - * Gets the `index`th imported module of this module declaration (0-based). - *Gets any of the imported modules of this module declaration. - */ - final ModuleDecl getAnImportedModule() { - exists(ModuleDecl immediate | - immediate = this.getAnImmediateImportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the number of imported modules of this module declaration. */ @@ -54,28 +40,14 @@ module Generated { /** * Gets the `index`th exported module of this module declaration (0-based). *Gets any of the exported modules of this module declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getAnImmediateExportedModule() { + ModuleDecl getAnExportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleDeclToRaw(this) .(Raw::ModuleDecl) .getAnExportedModule()) } - /** - * Gets the `index`th exported module of this module declaration (0-based). - *Gets any of the exported modules of this module declaration. - */ - final ModuleDecl getAnExportedModule() { - exists(ModuleDecl immediate | - immediate = this.getAnImmediateExportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the number of exported modules of this module declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll index b007e2b1b52..5f9543d3ab7 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll @@ -25,7 +25,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll index 33eaec9bc2e..e815fe5561a 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll @@ -22,27 +22,14 @@ module Generated { /** * Gets the naming declaration of this opaque type declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateNamingDeclaration() { + ValueDecl getNamingDeclaration() { result = Synth::convertValueDeclFromRaw(Synth::convertOpaqueTypeDeclToRaw(this) .(Raw::OpaqueTypeDecl) .getNamingDeclaration()) } - /** - * Gets the naming declaration of this opaque type declaration. - */ - final ValueDecl getNamingDeclaration() { - exists(ValueDecl immediate | - immediate = this.getImmediateNamingDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th opaque generic parameter of this opaque type declaration (0-based). * @@ -62,7 +49,7 @@ module Generated { final GenericTypeParamType getOpaqueGenericParam(int index) { exists(GenericTypeParamType immediate | immediate = this.getImmediateOpaqueGenericParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll index 99f80d18772..da45ffbeb2e 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll @@ -16,29 +16,16 @@ module Generated { /** * Gets the property wrapper local wrapped variable binding of this parameter declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper local wrapped projection + * variable for this variable, if any. */ - PatternBindingDecl getImmediatePropertyWrapperLocalWrappedVarBinding() { + PatternBindingDecl getPropertyWrapperLocalWrappedVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertParamDeclToRaw(this) .(Raw::ParamDecl) .getPropertyWrapperLocalWrappedVarBinding()) } - /** - * Gets the property wrapper local wrapped variable binding of this parameter declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper local wrapped projection - * variable for this variable, if any. - */ - final PatternBindingDecl getPropertyWrapperLocalWrappedVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperLocalWrappedVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperLocalWrappedVarBinding()` exists. */ @@ -49,29 +36,16 @@ module Generated { /** * Gets the property wrapper local wrapped variable of this parameter declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized local wrapped value, shadowing this parameter declaration in case it + * has a property wrapper. */ - VarDecl getImmediatePropertyWrapperLocalWrappedVar() { + VarDecl getPropertyWrapperLocalWrappedVar() { result = Synth::convertVarDeclFromRaw(Synth::convertParamDeclToRaw(this) .(Raw::ParamDecl) .getPropertyWrapperLocalWrappedVar()) } - /** - * Gets the property wrapper local wrapped variable of this parameter declaration, if it exists. - * - * This is the synthesized local wrapped value, shadowing this parameter declaration in case it - * has a property wrapper. - */ - final VarDecl getPropertyWrapperLocalWrappedVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperLocalWrappedVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperLocalWrappedVar()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll index 00ca18b1185..290803257bd 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll @@ -28,7 +28,7 @@ module Generated { final Expr getInit(int index) { exists(Expr immediate | immediate = this.getImmediateInit(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -61,7 +61,7 @@ module Generated { final Pattern getPattern(int index) { exists(Pattern immediate | immediate = this.getImmediatePattern(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll index fe7cfaf701f..3c5a663ce72 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll @@ -39,7 +39,7 @@ module Generated { final StringLiteralExpr getMessage() { exists(StringLiteralExpr immediate | immediate = this.getImmediateMessage() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll index a6fe783be42..b6e7f963d6d 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll @@ -12,27 +12,14 @@ module Generated { /** * Gets the `index`th parameter of this subscript declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertSubscriptDeclToRaw(this) .(Raw::SubscriptDecl) .getParam(index)) } - /** - * Gets the `index`th parameter of this subscript declaration (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this subscript declaration. */ @@ -62,7 +49,7 @@ module Generated { final Type getElementType() { exists(Type immediate | immediate = this.getImmediateElementType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll index d53c5ec5e3f..9af4944bd3d 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the body of this top level code declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertTopLevelCodeDeclToRaw(this) .(Raw::TopLevelCodeDecl) .getBody()) } - - /** - * Gets the body of this top level code declaration. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll index d0e7fa1164d..e35b6895874 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll @@ -38,7 +38,7 @@ module Generated { final Type getAliasedType() { exists(Type immediate | immediate = this.getImmediateAliasedType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll index 7a70183bac1..bae701326d2 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll @@ -30,7 +30,7 @@ module Generated { final Type getBaseType(int index) { exists(Type immediate | immediate = this.getImmediateBaseType(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll index 237d668eade..026e410b569 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll @@ -25,7 +25,7 @@ module Generated { final Type getInterfaceType() { exists(Type immediate | immediate = this.getImmediateInterfaceType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll index 86f91c9d128..6d72f5bd4ed 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll @@ -48,7 +48,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -71,7 +71,7 @@ module Generated { final Type getAttachedPropertyWrapperType() { exists(Type immediate | immediate = this.getImmediateAttachedPropertyWrapperType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -101,7 +101,7 @@ module Generated { final Pattern getParentPattern() { exists(Pattern immediate | immediate = this.getImmediateParentPattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -129,7 +129,7 @@ module Generated { final Expr getParentInitializer() { exists(Expr immediate | immediate = this.getImmediateParentInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -141,29 +141,16 @@ module Generated { /** * Gets the property wrapper backing variable binding of this variable declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper backing variable for this + * variable, if any. See `getPropertyWrapperBackingVar`. */ - PatternBindingDecl getImmediatePropertyWrapperBackingVarBinding() { + PatternBindingDecl getPropertyWrapperBackingVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertVarDeclToRaw(this) .(Raw::VarDecl) .getPropertyWrapperBackingVarBinding()) } - /** - * Gets the property wrapper backing variable binding of this variable declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper backing variable for this - * variable, if any. See `getPropertyWrapperBackingVar`. - */ - final PatternBindingDecl getPropertyWrapperBackingVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperBackingVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperBackingVarBinding()` exists. */ @@ -171,19 +158,6 @@ module Generated { exists(this.getPropertyWrapperBackingVarBinding()) } - /** - * Gets the property wrapper backing variable of this variable declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - VarDecl getImmediatePropertyWrapperBackingVar() { - result = - Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) - .(Raw::VarDecl) - .getPropertyWrapperBackingVar()) - } - /** * Gets the property wrapper backing variable of this variable declaration, if it exists. * @@ -203,11 +177,11 @@ module Generated { * ``` * This predicate returns such variable declaration. */ - final VarDecl getPropertyWrapperBackingVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperBackingVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + VarDecl getPropertyWrapperBackingVar() { + result = + Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) + .(Raw::VarDecl) + .getPropertyWrapperBackingVar()) } /** @@ -218,29 +192,16 @@ module Generated { /** * Gets the property wrapper projection variable binding of this variable declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper projection variable for this + * variable, if any. See `getPropertyWrapperProjectionVar`. */ - PatternBindingDecl getImmediatePropertyWrapperProjectionVarBinding() { + PatternBindingDecl getPropertyWrapperProjectionVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertVarDeclToRaw(this) .(Raw::VarDecl) .getPropertyWrapperProjectionVarBinding()) } - /** - * Gets the property wrapper projection variable binding of this variable declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper projection variable for this - * variable, if any. See `getPropertyWrapperProjectionVar`. - */ - final PatternBindingDecl getPropertyWrapperProjectionVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperProjectionVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperProjectionVarBinding()` exists. */ @@ -248,19 +209,6 @@ module Generated { exists(this.getPropertyWrapperProjectionVarBinding()) } - /** - * Gets the property wrapper projection variable of this variable declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - VarDecl getImmediatePropertyWrapperProjectionVar() { - result = - Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) - .(Raw::VarDecl) - .getPropertyWrapperProjectionVar()) - } - /** * Gets the property wrapper projection variable of this variable declaration, if it exists. * @@ -286,11 +234,11 @@ module Generated { * ``` * This predicate returns such variable declaration. */ - final VarDecl getPropertyWrapperProjectionVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperProjectionVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + VarDecl getPropertyWrapperProjectionVar() { + result = + Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) + .(Raw::VarDecl) + .getPropertyWrapperProjectionVar()) } /** diff --git a/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll index 3ee26f38f89..1710534e9a6 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll @@ -50,25 +50,12 @@ module Generated { /** * Gets the parameter declaration owning this wrapper application. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam() { + ParamDecl getParam() { result = Synth::convertParamDeclFromRaw(Synth::convertAppliedPropertyWrapperExprToRaw(this) .(Raw::AppliedPropertyWrapperExpr) .getParam()) } - - /** - * Gets the parameter declaration owning this wrapper application. - */ - final ParamDecl getParam() { - exists(ParamDecl immediate | - immediate = this.getImmediateParam() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll index 6529ca4882a..01aabf3ef17 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll @@ -29,27 +29,14 @@ module Generated { /** * Gets the `index`th argument passed to the applied function (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertApplyExprToRaw(this) .(Raw::ApplyExpr) .getArgument(index)) } - /** - * Gets the `index`th argument passed to the applied function (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments passed to the applied function. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/Argument.qll b/swift/ql/lib/codeql/swift/generated/expr/Argument.qll index 3040a549ec9..16b8da0887f 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/Argument.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/Argument.qll @@ -30,7 +30,7 @@ module Generated { final Expr getExpr() { exists(Expr immediate | immediate = this.getImmediateExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll index b3a6653ce77..521eb9f074d 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll @@ -11,27 +11,14 @@ module Generated { /** * Gets the `index`th binding declaration of this capture list expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - PatternBindingDecl getImmediateBindingDecl(int index) { + PatternBindingDecl getBindingDecl(int index) { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertCaptureListExprToRaw(this) .(Raw::CaptureListExpr) .getBindingDecl(index)) } - /** - * Gets the `index`th binding declaration of this capture list expression (0-based). - */ - final PatternBindingDecl getBindingDecl(int index) { - exists(PatternBindingDecl immediate | - immediate = this.getImmediateBindingDecl(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the binding declarations of this capture list expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll index 6aa2c0522f5..0f8bef8745a 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll @@ -11,25 +11,12 @@ module Generated { /** * Gets the declaration of this declaration reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Decl getImmediateDecl() { + Decl getDecl() { result = Synth::convertDeclFromRaw(Synth::convertDeclRefExprToRaw(this).(Raw::DeclRefExpr).getDecl()) } - /** - * Gets the declaration of this declaration reference expression. - */ - final Decl getDecl() { - exists(Decl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th replacement type of this declaration reference expression (0-based). * diff --git a/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll index e457353ada4..23f791afff8 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the parameter declaration of this default argument expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParamDecl() { + ParamDecl getParamDecl() { result = Synth::convertParamDeclFromRaw(Synth::convertDefaultArgumentExprToRaw(this) .(Raw::DefaultArgumentExpr) .getParamDecl()) } - /** - * Gets the parameter declaration of this default argument expression. - */ - final ParamDecl getParamDecl() { - exists(ParamDecl immediate | - immediate = this.getImmediateParamDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the parameter index of this default argument expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll index 0ec0a3275dd..146c769f2a1 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the element of this enum is case expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement() { + EnumElementDecl getElement() { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumIsCaseExprToRaw(this) .(Raw::EnumIsCaseExpr) .getElement()) } - - /** - * Gets the element of this enum is case expression. - */ - final EnumElementDecl getElement() { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll index c7f67891199..abdcf4a1850 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll @@ -1,7 +1,6 @@ // generated by codegen/codegen.py private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw -import codeql.swift.elements.expr.Expr import codeql.swift.elements.expr.LiteralExpr import codeql.swift.elements.expr.OpaqueValueExpr import codeql.swift.elements.expr.TapExpr @@ -38,62 +37,6 @@ module Generated { */ final predicate hasInterpolationExpr() { exists(this.getInterpolationExpr()) } - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - Expr getImmediateInterpolationCountExpr() { - result = - Synth::convertExprFromRaw(Synth::convertInterpolatedStringLiteralExprToRaw(this) - .(Raw::InterpolatedStringLiteralExpr) - .getInterpolationCountExpr()) - } - - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - */ - final Expr getInterpolationCountExpr() { - exists(Expr immediate | - immediate = this.getImmediateInterpolationCountExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - - /** - * Holds if `getInterpolationCountExpr()` exists. - */ - final predicate hasInterpolationCountExpr() { exists(this.getInterpolationCountExpr()) } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - Expr getImmediateLiteralCapacityExpr() { - result = - Synth::convertExprFromRaw(Synth::convertInterpolatedStringLiteralExprToRaw(this) - .(Raw::InterpolatedStringLiteralExpr) - .getLiteralCapacityExpr()) - } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - */ - final Expr getLiteralCapacityExpr() { - exists(Expr immediate | - immediate = this.getImmediateLiteralCapacityExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - - /** - * Holds if `getLiteralCapacityExpr()` exists. - */ - final predicate hasLiteralCapacityExpr() { exists(this.getLiteralCapacityExpr()) } - /** * Gets the appending expression of this interpolated string literal expression, if it exists. * diff --git a/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll index a74a289cf83..cd1d20d37aa 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll @@ -14,27 +14,14 @@ module Generated { /** * Gets the root of this key path expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateRoot() { + TypeRepr getRoot() { result = Synth::convertTypeReprFromRaw(Synth::convertKeyPathExprToRaw(this) .(Raw::KeyPathExpr) .getRoot()) } - /** - * Gets the root of this key path expression, if it exists. - */ - final TypeRepr getRoot() { - exists(TypeRepr immediate | - immediate = this.getImmediateRoot() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getRoot()` exists. */ @@ -42,27 +29,14 @@ module Generated { /** * Gets the `index`th component of this key path expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - KeyPathComponent getImmediateComponent(int index) { + KeyPathComponent getComponent(int index) { result = Synth::convertKeyPathComponentFromRaw(Synth::convertKeyPathExprToRaw(this) .(Raw::KeyPathExpr) .getComponent(index)) } - /** - * Gets the `index`th component of this key path expression (0-based). - */ - final KeyPathComponent getComponent(int index) { - exists(KeyPathComponent immediate | - immediate = this.getImmediateComponent(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the components of this key path expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll index a2d5edccbff..496312312fc 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll @@ -29,25 +29,12 @@ module Generated { /** * Gets the member of this lookup expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Decl getImmediateMember() { + Decl getMember() { result = Synth::convertDeclFromRaw(Synth::convertLookupExprToRaw(this).(Raw::LookupExpr).getMember()) } - /** - * Gets the member of this lookup expression, if it exists. - */ - final Decl getMember() { - exists(Decl immediate | - immediate = this.getImmediateMember() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getMember()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll index 1a19498c020..8445d13227e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the method of this obj c selector expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Function getImmediateMethod() { + Function getMethod() { result = Synth::convertFunctionFromRaw(Synth::convertObjCSelectorExprToRaw(this) .(Raw::ObjCSelectorExpr) .getMethod()) } - - /** - * Gets the method of this obj c selector expression. - */ - final Function getMethod() { - exists(Function immediate | - immediate = this.getImmediateMethod() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll index adbc4cb3f34..57aaae68bb5 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll @@ -22,27 +22,14 @@ module Generated { /** * Gets the `index`th argument of this object literal expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertObjectLiteralExprToRaw(this) .(Raw::ObjectLiteralExpr) .getArgument(index)) } - /** - * Gets the `index`th argument of this object literal expression (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments of this object literal expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll index 72d7f0c6361..21a602c15a1 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll @@ -5,6 +5,19 @@ import codeql.swift.elements.expr.Expr import codeql.swift.elements.expr.OpaqueValueExpr module Generated { + /** + * An implicit expression created by the compiler when a method is called on a protocol. For example in + * ``` + * protocol P { + * func foo() -> Int + * } + * func bar(x: P) -> Int { + * return x.foo() + * } + * `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + * an `OpaqueValueExpr`. + * ``` + */ class OpenExistentialExpr extends Synth::TOpenExistentialExpr, Expr { override string getAPrimaryQlClass() { result = "OpenExistentialExpr" } @@ -23,6 +36,8 @@ module Generated { /** * Gets the sub expression of this open existential expression. + * + * This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used. */ final Expr getSubExpr() { exists(Expr immediate | @@ -32,7 +47,7 @@ module Generated { } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the * behavior of both the `Immediate` and non-`Immediate` versions. @@ -45,7 +60,7 @@ module Generated { } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. */ final Expr getExistential() { exists(Expr immediate | @@ -55,7 +70,7 @@ module Generated { } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the * behavior of both the `Immediate` and non-`Immediate` versions. @@ -68,7 +83,7 @@ module Generated { } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. */ final OpaqueValueExpr getOpaqueExpr() { exists(OpaqueValueExpr immediate | diff --git a/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll index cf66c7d3c79..674f5a217e7 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the initializer of this other initializer reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Initializer getImmediateInitializer() { + Initializer getInitializer() { result = Synth::convertInitializerFromRaw(Synth::convertOtherInitializerRefExprToRaw(this) .(Raw::OtherInitializerRefExpr) .getInitializer()) } - - /** - * Gets the initializer of this other initializer reference expression. - */ - final Initializer getInitializer() { - exists(Initializer immediate | - immediate = this.getImmediateInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll index 8a923e918f7..c13924bba35 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll @@ -15,27 +15,14 @@ module Generated { /** * Gets the `index`th possible declaration of this overloaded declaration reference expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediatePossibleDeclaration(int index) { + ValueDecl getPossibleDeclaration(int index) { result = Synth::convertValueDeclFromRaw(Synth::convertOverloadedDeclRefExprToRaw(this) .(Raw::OverloadedDeclRefExpr) .getPossibleDeclaration(index)) } - /** - * Gets the `index`th possible declaration of this overloaded declaration reference expression (0-based). - */ - final ValueDecl getPossibleDeclaration(int index) { - exists(ValueDecl immediate | - immediate = this.getImmediatePossibleDeclaration(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the possible declarations of this overloaded declaration reference expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll index 6a2c298e360..fa8bc92876e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the self of this rebind self in initializer expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateSelf() { + VarDecl getSelf() { result = Synth::convertVarDeclFromRaw(Synth::convertRebindSelfInInitializerExprToRaw(this) .(Raw::RebindSelfInInitializerExpr) .getSelf()) } - - /** - * Gets the self of this rebind self in initializer expression. - */ - final VarDecl getSelf() { - exists(VarDecl immediate | - immediate = this.getImmediateSelf() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll index 8e9734917b7..561383ff57e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th argument of this subscript expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertSubscriptExprToRaw(this) .(Raw::SubscriptExpr) .getArgument(index)) } - /** - * Gets the `index`th argument of this subscript expression (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments of this subscript expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll index 5058db3f175..9731b002eef 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the self of this super reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateSelf() { + VarDecl getSelf() { result = Synth::convertVarDeclFromRaw(Synth::convertSuperRefExprToRaw(this) .(Raw::SuperRefExpr) .getSelf()) } - - /** - * Gets the self of this super reference expression. - */ - final VarDecl getSelf() { - exists(VarDecl immediate | - immediate = this.getImmediateSelf() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll index 0132d9363f3..596a565115a 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll @@ -37,44 +37,18 @@ module Generated { /** * Gets the body of this tap expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertTapExprToRaw(this).(Raw::TapExpr).getBody()) } - /** - * Gets the body of this tap expression. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the variable of this tap expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateVar() { + VarDecl getVar() { result = Synth::convertVarDeclFromRaw(Synth::convertTapExprToRaw(this).(Raw::TapExpr).getVar()) } - - /** - * Gets the variable of this tap expression. - */ - final VarDecl getVar() { - exists(VarDecl immediate | - immediate = this.getImmediateVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll index 96fb7141531..d070555e6a6 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the type representation of this type expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateTypeRepr() { + TypeRepr getTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertTypeExprToRaw(this) .(Raw::TypeExpr) .getTypeRepr()) } - /** - * Gets the type representation of this type expression, if it exists. - */ - final TypeRepr getTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll index bbed4615ce1..b6ef3dd514e 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the element of this enum element pattern. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement() { + EnumElementDecl getElement() { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumElementPatternToRaw(this) .(Raw::EnumElementPattern) .getElement()) } - /** - * Gets the element of this enum element pattern. - */ - final EnumElementDecl getElement() { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the sub pattern of this enum element pattern, if it exists. * diff --git a/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll index 7864297866c..a0fffd05155 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the cast type representation of this is pattern, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateCastTypeRepr() { + TypeRepr getCastTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertIsPatternToRaw(this) .(Raw::IsPattern) .getCastTypeRepr()) } - /** - * Gets the cast type representation of this is pattern, if it exists. - */ - final TypeRepr getCastTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateCastTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getCastTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll index 2570eca03f8..40a7884bd31 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll @@ -33,27 +33,14 @@ module Generated { /** * Gets the type representation of this typed pattern, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateTypeRepr() { + TypeRepr getTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertTypedPatternToRaw(this) .(Raw::TypedPattern) .getTypeRepr()) } - /** - * Gets the type representation of this typed pattern, if it exists. - */ - final TypeRepr getTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll index 08cc9c6ce2b..d136e02df08 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll @@ -27,7 +27,7 @@ module Generated { final AstNode getElement(int index) { exists(AstNode immediate | immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll index f9adaeb9ddb..2c8de492f08 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll @@ -21,25 +21,12 @@ module Generated { /** * Gets the target of this break statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateTarget() { + Stmt getTarget() { result = Synth::convertStmtFromRaw(Synth::convertBreakStmtToRaw(this).(Raw::BreakStmt).getTarget()) } - /** - * Gets the target of this break statement, if it exists. - */ - final Stmt getTarget() { - exists(Stmt immediate | - immediate = this.getImmediateTarget() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTarget()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll b/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll index b69e392cc1e..c27e1ed893b 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll @@ -28,7 +28,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -51,7 +51,7 @@ module Generated { final Expr getGuard() { exists(Expr immediate | immediate = this.getImmediateGuard() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll index e39ba24d48c..d0c2db1d752 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll @@ -11,48 +11,22 @@ module Generated { /** * Gets the body of this case statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertCaseStmtToRaw(this).(Raw::CaseStmt).getBody()) } - /** - * Gets the body of this case statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th label of this case statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseLabelItem getImmediateLabel(int index) { + CaseLabelItem getLabel(int index) { result = Synth::convertCaseLabelItemFromRaw(Synth::convertCaseStmtToRaw(this) .(Raw::CaseStmt) .getLabel(index)) } - /** - * Gets the `index`th label of this case statement (0-based). - */ - final CaseLabelItem getLabel(int index) { - exists(CaseLabelItem immediate | - immediate = this.getImmediateLabel(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the labels of this case statement. */ @@ -65,27 +39,14 @@ module Generated { /** * Gets the `index`th variable of this case statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateVariable(int index) { + VarDecl getVariable(int index) { result = Synth::convertVarDeclFromRaw(Synth::convertCaseStmtToRaw(this) .(Raw::CaseStmt) .getVariable(index)) } - /** - * Gets the `index`th variable of this case statement (0-based). - */ - final VarDecl getVariable(int index) { - exists(VarDecl immediate | - immediate = this.getImmediateVariable(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the variables of this case statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll b/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll index 2eddaa245e7..6555c537e30 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll @@ -29,7 +29,7 @@ module Generated { final Expr getBoolean() { exists(Expr immediate | immediate = this.getImmediateBoolean() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -57,7 +57,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -85,7 +85,7 @@ module Generated { final Expr getInitializer() { exists(Expr immediate | immediate = this.getImmediateInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -96,27 +96,14 @@ module Generated { /** * Gets the availability of this condition element, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AvailabilityInfo getImmediateAvailability() { + AvailabilityInfo getAvailability() { result = Synth::convertAvailabilityInfoFromRaw(Synth::convertConditionElementToRaw(this) .(Raw::ConditionElement) .getAvailability()) } - /** - * Gets the availability of this condition element, if it exists. - */ - final AvailabilityInfo getAvailability() { - exists(AvailabilityInfo immediate | - immediate = this.getImmediateAvailability() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getAvailability()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll index d247f507d9a..617c903dc52 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll @@ -21,27 +21,14 @@ module Generated { /** * Gets the target of this continue statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateTarget() { + Stmt getTarget() { result = Synth::convertStmtFromRaw(Synth::convertContinueStmtToRaw(this) .(Raw::ContinueStmt) .getTarget()) } - /** - * Gets the target of this continue statement, if it exists. - */ - final Stmt getTarget() { - exists(Stmt immediate | - immediate = this.getImmediateTarget() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTarget()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll index 21da3aa706c..17cf8f07db0 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this defer statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertDeferStmtToRaw(this).(Raw::DeferStmt).getBody()) } - - /** - * Gets the body of this defer statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll index 180c4103841..51639d9289c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll @@ -11,48 +11,22 @@ module Generated { /** * Gets the body of this do catch statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertDoCatchStmtToRaw(this).(Raw::DoCatchStmt).getBody()) } - /** - * Gets the body of this do catch statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th catch of this do catch statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateCatch(int index) { + CaseStmt getCatch(int index) { result = Synth::convertCaseStmtFromRaw(Synth::convertDoCatchStmtToRaw(this) .(Raw::DoCatchStmt) .getCatch(index)) } - /** - * Gets the `index`th catch of this do catch statement (0-based). - */ - final CaseStmt getCatch(int index) { - exists(CaseStmt immediate | - immediate = this.getImmediateCatch(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the catches of this do catch statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll index b4661b21d8e..b77a310de90 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this do statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertDoStmtToRaw(this).(Raw::DoStmt).getBody()) } - - /** - * Gets the body of this do statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll index 20fadcc91f3..e9e05ea4c9a 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll @@ -10,48 +10,22 @@ module Generated { /** * Gets the fallthrough source of this fallthrough statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateFallthroughSource() { + CaseStmt getFallthroughSource() { result = Synth::convertCaseStmtFromRaw(Synth::convertFallthroughStmtToRaw(this) .(Raw::FallthroughStmt) .getFallthroughSource()) } - /** - * Gets the fallthrough source of this fallthrough statement. - */ - final CaseStmt getFallthroughSource() { - exists(CaseStmt immediate | - immediate = this.getImmediateFallthroughSource() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the fallthrough dest of this fallthrough statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateFallthroughDest() { + CaseStmt getFallthroughDest() { result = Synth::convertCaseStmtFromRaw(Synth::convertFallthroughStmtToRaw(this) .(Raw::FallthroughStmt) .getFallthroughDest()) } - - /** - * Gets the fallthrough dest of this fallthrough statement. - */ - final CaseStmt getFallthroughDest() { - exists(CaseStmt immediate | - immediate = this.getImmediateFallthroughDest() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll index fccf5f3ed3b..ad5422a7ec0 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll @@ -29,7 +29,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -52,7 +52,7 @@ module Generated { final Expr getSequence() { exists(Expr immediate | immediate = this.getImmediateSequence() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -73,7 +73,7 @@ module Generated { final Expr getWhere() { exists(Expr immediate | immediate = this.getImmediateWhere() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -84,25 +84,12 @@ module Generated { /** * Gets the body of this for each statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertForEachStmtToRaw(this) .(Raw::ForEachStmt) .getBody()) } - - /** - * Gets the body of this for each statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll index 53d1a8a54aa..01989e827df 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this guard statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertGuardStmtToRaw(this).(Raw::GuardStmt).getBody()) } - - /** - * Gets the body of this guard statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll index 1f0ad8717cd..1c33e2383df 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll @@ -10,44 +10,18 @@ module Generated { /** * Gets the then of this if statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateThen() { + Stmt getThen() { result = Synth::convertStmtFromRaw(Synth::convertIfStmtToRaw(this).(Raw::IfStmt).getThen()) } - /** - * Gets the then of this if statement. - */ - final Stmt getThen() { - exists(Stmt immediate | - immediate = this.getImmediateThen() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the else of this if statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateElse() { + Stmt getElse() { result = Synth::convertStmtFromRaw(Synth::convertIfStmtToRaw(this).(Raw::IfStmt).getElse()) } - /** - * Gets the else of this if statement, if it exists. - */ - final Stmt getElse() { - exists(Stmt immediate | - immediate = this.getImmediateElse() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getElse()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll index 41f728962bd..e2796dffb82 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll @@ -8,25 +8,12 @@ module Generated { class LabeledConditionalStmt extends Synth::TLabeledConditionalStmt, LabeledStmt { /** * Gets the condition of this labeled conditional statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - StmtCondition getImmediateCondition() { + StmtCondition getCondition() { result = Synth::convertStmtConditionFromRaw(Synth::convertLabeledConditionalStmtToRaw(this) .(Raw::LabeledConditionalStmt) .getCondition()) } - - /** - * Gets the condition of this labeled conditional statement. - */ - final StmtCondition getCondition() { - exists(StmtCondition immediate | - immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll index b2f9624447e..a38be8e4b18 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll @@ -27,7 +27,7 @@ module Generated { final Expr getCondition() { exists(Expr immediate | immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll index 2f4ada62ccf..a9b9c606f0e 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll @@ -28,31 +28,18 @@ module Generated { final Expr getCondition() { exists(Expr immediate | immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } /** * Gets the body of this repeat while statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertRepeatWhileStmtToRaw(this) .(Raw::RepeatWhileStmt) .getBody()) } - - /** - * Gets the body of this repeat while statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll index c37671aba34..8e9d421da46 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll @@ -25,7 +25,7 @@ module Generated { final Expr getResult() { exists(Expr immediate | immediate = this.getImmediateResult() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll b/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll index 1be4eaf361a..6ba5e85f0b4 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th element of this statement condition (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ConditionElement getImmediateElement(int index) { + ConditionElement getElement(int index) { result = Synth::convertConditionElementFromRaw(Synth::convertStmtConditionToRaw(this) .(Raw::StmtCondition) .getElement(index)) } - /** - * Gets the `index`th element of this statement condition (0-based). - */ - final ConditionElement getElement(int index) { - exists(ConditionElement immediate | - immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the elements of this statement condition. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll index 819be668d5c..9cfc7cfb2d2 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll @@ -26,33 +26,20 @@ module Generated { final Expr getExpr() { exists(Expr immediate | immediate = this.getImmediateExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } /** * Gets the `index`th case of this switch statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateCase(int index) { + CaseStmt getCase(int index) { result = Synth::convertCaseStmtFromRaw(Synth::convertSwitchStmtToRaw(this) .(Raw::SwitchStmt) .getCase(index)) } - /** - * Gets the `index`th case of this switch statement (0-based). - */ - final CaseStmt getCase(int index) { - exists(CaseStmt immediate | - immediate = this.getImmediateCase(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the cases of this switch statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll index fd6c6920b00..294e7ed5bb8 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll @@ -25,7 +25,7 @@ module Generated { final Expr getSubExpr() { exists(Expr immediate | immediate = this.getImmediateSubExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll index 0482887cc57..3ed59b4cc3c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this while statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertWhileStmtToRaw(this).(Raw::WhileStmt).getBody()) } - - /** - * Gets the body of this while statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll index df8b51cb2c4..31a691ba91c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll @@ -27,7 +27,7 @@ module Generated { final Expr getResult(int index) { exists(Expr immediate | immediate = this.getImmediateResult(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll b/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll index 3cb6fe2786c..57a0ace8b58 100644 --- a/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll @@ -36,25 +36,12 @@ module Generated { /** * Gets the declaration of this any generic type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - GenericTypeDecl getImmediateDeclaration() { + GenericTypeDecl getDeclaration() { result = Synth::convertGenericTypeDeclFromRaw(Synth::convertAnyGenericTypeToRaw(this) .(Raw::AnyGenericType) .getDeclaration()) } - - /** - * Gets the declaration of this any generic type. - */ - final GenericTypeDecl getDeclaration() { - exists(GenericTypeDecl immediate | - immediate = this.getImmediateDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll b/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll index 7d907166dcf..2128967a8f8 100644 --- a/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll @@ -60,27 +60,14 @@ module Generated { /** * Gets the `index`th protocol of this archetype type (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ProtocolDecl getImmediateProtocol(int index) { + ProtocolDecl getProtocol(int index) { result = Synth::convertProtocolDeclFromRaw(Synth::convertArchetypeTypeToRaw(this) .(Raw::ArchetypeType) .getProtocol(index)) } - /** - * Gets the `index`th protocol of this archetype type (0-based). - */ - final ProtocolDecl getProtocol(int index) { - exists(ProtocolDecl immediate | - immediate = this.getImmediateProtocol(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the protocols of this archetype type. */ diff --git a/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll b/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll index 007748ae2c4..8192ed17213 100644 --- a/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the associated type declaration of this dependent member type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AssociatedTypeDecl getImmediateAssociatedTypeDecl() { + AssociatedTypeDecl getAssociatedTypeDecl() { result = Synth::convertAssociatedTypeDeclFromRaw(Synth::convertDependentMemberTypeToRaw(this) .(Raw::DependentMemberType) .getAssociatedTypeDecl()) } - - /** - * Gets the associated type declaration of this dependent member type. - */ - final AssociatedTypeDecl getAssociatedTypeDecl() { - exists(AssociatedTypeDecl immediate | - immediate = this.getImmediateAssociatedTypeDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll b/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll index e43a1107533..6303b4df206 100644 --- a/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the module of this module type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateModule() { + ModuleDecl getModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleTypeToRaw(this) .(Raw::ModuleType) .getModule()) } - - /** - * Gets the module of this module type. - */ - final ModuleDecl getModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll b/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll index b503969d8ab..520c7785287 100644 --- a/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll @@ -15,25 +15,12 @@ module Generated { /** * Gets the declaration of this opaque type archetype type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - OpaqueTypeDecl getImmediateDeclaration() { + OpaqueTypeDecl getDeclaration() { result = Synth::convertOpaqueTypeDeclFromRaw(Synth::convertOpaqueTypeArchetypeTypeToRaw(this) .(Raw::OpaqueTypeArchetypeType) .getDeclaration()) } - - /** - * Gets the declaration of this opaque type archetype type. - */ - final OpaqueTypeDecl getDeclaration() { - exists(OpaqueTypeDecl immediate | - immediate = this.getImmediateDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll b/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll index fa6ea238996..6bb41db6655 100644 --- a/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the declaration of this type alias type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeAliasDecl getImmediateDecl() { + TypeAliasDecl getDecl() { result = Synth::convertTypeAliasDeclFromRaw(Synth::convertTypeAliasTypeToRaw(this) .(Raw::TypeAliasType) .getDecl()) } - - /** - * Gets the declaration of this type alias type. - */ - final TypeAliasDecl getDecl() { - exists(TypeAliasDecl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll b/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll index 4a3d11bd074..4dc124e2bda 100644 --- a/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll +++ b/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll @@ -25,7 +25,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/printast/Consistency.qll b/swift/ql/lib/codeql/swift/printast/Consistency.qll new file mode 100644 index 00000000000..8aaf160ad24 --- /dev/null +++ b/swift/ql/lib/codeql/swift/printast/Consistency.qll @@ -0,0 +1,40 @@ +/** Provides a set of checks that the AST is actually a tree. */ + +private import codeql.swift.printast.PrintAstNode + +/** Checks that no child has more than one parent. */ +query predicate doubleParents( + PrintAstNode parent1, string label1, PrintAstNode parent2, string label2, PrintAstNode child +) { + parent1 != parent2 and + parent1.hasChild(child, _, label1) and + parent2.hasChild(child, _, label2) +} + +/** Checks that no two children share the same index. */ +query predicate doubleChildren( + PrintAstNode parent, int index, string label1, PrintAstNode child1, string label2, + PrintAstNode child2 +) { + child1 != child2 and + parent.hasChild(child1, index, label1) and + parent.hasChild(child2, index, label2) +} + +/** Checks that no child is under different indexes. */ +query predicate doubleIndexes( + PrintAstNode parent, int index1, string label1, int index2, string label2, PrintAstNode child +) { + index1 != index2 and + parent.hasChild(child, index1, label1) and + parent.hasChild(child, index2, label2) +} + +private predicate isChildOf(PrintAstNode parent, PrintAstNode child) { + parent.hasChild(child, _, _) +} + +/** Checks that there is no back edge. */ +query predicate parentChildLoops(PrintAstNode parent, PrintAstNode child) { + isChildOf(parent, child) and isChildOf*(child, parent) +} diff --git a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll index 57e68648636..5b2a1d22d4d 100644 --- a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll +++ b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll @@ -28,7 +28,7 @@ private predicate shouldPrint(Locatable e) { any(PrintAstConfiguration config).s /** * An AST node that should be printed. */ -private newtype TPrintAstNode = TLocatable(Locatable ast) +private newtype TPrintAstNode = TPrintLocatable(Locatable ast) /** * A node in the output tree. @@ -60,6 +60,11 @@ class PrintAstNode extends TPrintAstNode { * the property is `key`. */ string getProperty(string key) { none() } + + /** + * Gets the underlying AST node, if any. + */ + abstract Locatable getAstNode(); } private string prettyPrint(Locatable e) { @@ -73,10 +78,10 @@ private class Unresolved extends Locatable { /** * A graph node representing a real Locatable node. */ -class PrintLocatable extends PrintAstNode, TLocatable { +class PrintLocatable extends PrintAstNode, TPrintLocatable { Locatable ast; - PrintLocatable() { this = TLocatable(ast) } + PrintLocatable() { this = TPrintLocatable(ast) } override string toString() { result = prettyPrint(ast) } @@ -87,9 +92,9 @@ class PrintLocatable extends PrintAstNode, TLocatable { c = getChildAndAccessor(ast, i, accessor) and ( // use even indexes for normal children, leaving odd slots for conversions if any - child = TLocatable(c) and index = 2 * i and label = accessor + child = TPrintLocatable(c) and index = 2 * i and label = accessor or - child = TLocatable(c.getFullyUnresolved().(Unresolved)) and + child = TPrintLocatable(c.getFullyUnresolved().(Unresolved)) and index = 2 * i + 1 and ( if c instanceof Expr @@ -100,6 +105,8 @@ class PrintLocatable extends PrintAstNode, TLocatable { ) } + final override Locatable getAstNode() { result = ast } + final override Location getLocation() { result = ast.getLocation() } } @@ -112,17 +119,38 @@ class PrintUnresolved extends PrintLocatable { override predicate hasChild(PrintAstNode child, int index, string label) { // only print immediate unresolved children from the "parallel" AST - child = TLocatable(getImmediateChildAndAccessor(ast, index, label).(Unresolved)) + child = TPrintLocatable(getImmediateChildAndAccessor(ast, index, label).(Unresolved)) } } +private predicate hasPropertyWrapperElement(VarDecl d, Locatable a) { + a = [d.getPropertyWrapperBackingVar(), d.getPropertyWrapperProjectionVar()] or + a = [d.getPropertyWrapperBackingVarBinding(), d.getPropertyWrapperProjectionVarBinding()] +} + /** - * A specialization of graph node for `VarDecl`, to add typing information. + * A specialization of graph node for `VarDecl`, to add typing information and deal with ambiguity + * over property wrapper children. */ class PrintVarDecl extends PrintLocatable { override VarDecl ast; override string getProperty(string key) { key = "Type" and result = ast.getType().toString() } + + override predicate hasChild(PrintAstNode child, int index, string label) { + PrintLocatable.super.hasChild(child, index, label) and + // exclude property wrapper related children when they are already listed in the enclosing + // nominal type declaration or for a wrapped parameter for which this is a virtual local variable copy + not exists(Locatable childAst | + childAst = child.getAstNode() and + hasPropertyWrapperElement(ast, childAst) and + ( + childAst = ast.getDeclaringDecl().getAMember() + or + ast instanceof ConcreteVarDecl and hasPropertyWrapperElement(any(ParamDecl p), childAst) + ) + ) + } } /** @@ -135,3 +163,23 @@ class PrintFunction extends PrintLocatable { key = "InterfaceType" and result = ast.getInterfaceType().toString() } } + +/** + * A specialization of graph node for `PatternBindingDecl`, to solve ambiguity on `getInit`. + * When a property wrapper is involved, `getInit` may become shared between the explicit binding and + * the implicit compiler synthesized one. + */ +class PrintPatternBindingDecl extends PrintLocatable { + override PatternBindingDecl ast; + + override predicate hasChild(PrintAstNode child, int index, string label) { + PrintLocatable.super.hasChild(child, index, label) and + // exclude `getInit` that are already the initializer of a variable that has this as a property wrapper backer + not exists(Expr init, VarDecl var | + init = child.getAstNode() and + init = ast.getAnInit() and + var.getPropertyWrapperBackingVarBinding() = ast and + var.getParentInitializer() = init + ) + } +} diff --git a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll index 560a332fc76..efc8eeefe35 100644 --- a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll +++ b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll @@ -38,27 +38,34 @@ class StringType extends TStringType { csvLabel = "nsstring-length" or this = TStringUtf8() and - name = "String.utf8" and - singular = "a String.utf8" and + name = "String.UTF8View" and + singular = "a String.UTF8View" and equivClass = this and csvLabel = "string-utf8-length" or this = TStringUtf16() and - name = "String.utf16" and - singular = "a String.utf16" and + name = "String.UTF16View" and + singular = "a String.UTF16View" and equivClass = TNsString() and csvLabel = "string-utf16-length" or this = TStringUnicodeScalars() and - name = "String.unicodeScalars" and - singular = "a String.unicodeScalars" and + name = "String.UnicodeScalarView" and + singular = "a String.UnicodeScalarView" and equivClass = this and csvLabel = "string-unicodescalars-length" } - /** Gets a textual representation of this string type. */ + /** + * Gets a textual representation of this string type. + */ string toString() { result = name } + /** + * Gets the name of this string type. + */ + string getName() { result = name } + /** * Gets the equivalence class for this string type. If these are equal, * they should be treated as equivalent. @@ -142,21 +149,16 @@ private class ExtraStringLengthConflationSource extends StringLengthConflationSo StringType stringType; ExtraStringLengthConflationSource() { - exists(MemberRefExpr memberRef, string typeName | + // source is the result of a call to `[stringType].count`. + exists(MemberRefExpr memberRef | ( - // result of a call to `String.utf8.count` - typeName = "String.UTF8View" and stringType = TStringUtf8() or - // result of a call to `String.utf16.count` - typeName = "String.UTF16View" and stringType = TStringUtf16() or - // result of a call to `String.unicodeScalars.count` - typeName = "String.UnicodeScalarView" and stringType = TStringUnicodeScalars() ) and - memberRef.getBase().getType().(NominalType).getName() = typeName and + memberRef.getBase().getType().(NominalType).getName() = stringType.getName() and memberRef.getMember().(VarDecl).getName() = "count" and this.asExpr() = memberRef ) @@ -180,14 +182,6 @@ private class StringLengthConflationSinks extends SinkModelCsv { override predicate row(string row) { row = [ - ";Sequence;true;dropFirst(_:);;;Argument[0];string-length", - ";Sequence;true;dropLast(_:);;;Argument[0];string-length", - ";Sequence;true;prefix(_:);;;Argument[0];string-length", - ";Sequence;true;suffix(_:);;;Argument[0];string-length", - ";Collection;true;formIndex(_:offsetBy:);;;Argument[0..1];string-length", - ";Collection;true;formIndex(_:offsetBy:limitBy:);;;Argument[0..1];string-length", - ";Collection;true;removeFirst(_:);;;Argument[0];string-length", - ";RangeReplaceableCollection;true;removeLast(_:);;;Argument[0];string-length", ";String;true;index(_:offsetBy:);;;Argument[0..1];string-length", ";String;true;index(_:offsetBy:limitBy:);;;Argument[0..1];string-length", ";String.Index;true;init(encodedOffset:);;;Argument[0];string-length", @@ -203,3 +197,45 @@ private class StringLengthConflationSinks extends SinkModelCsv { ] } } + +/** + * An extra sink that don't fit into the CSV scheme (because we care about the actual + * type the method is being called on, not just the type it's declared on). + */ +private class ExtraStringLengthConflationSink extends StringLengthConflationSink { + StringType stringType; + + ExtraStringLengthConflationSink() { + // sink is a length or offset argument of a call to `[stringType].[method]`. + exists(CallExpr call | + ( + stringType = TString() + or + stringType = TStringUtf8() + or + stringType = TStringUtf16() + or + stringType = TStringUnicodeScalars() + ) and + ( + call.getQualifier().getType().(NominalType).getName() = stringType.getName() or + call.getQualifier().getType().(InOutType).getObjectType().(NominalType).getName() = + stringType.getName() + ) and + ( + call.getStaticTarget().getName() = + [ + "dropFirst(_:)", "dropLast(_:)", "prefix(_:)", "suffix(_:)", "removeFirst(_:)", + "removeLast(_:)" + ] and + this.asExpr() = call.getArgument(0).getExpr() + or + call.getStaticTarget().getName() = + ["formIndex(_:offsetBy:)", "formIndex(_:offsetBy:limitBy:)"] and + this.asExpr() = call.getArgument([0, 1]).getExpr() + ) + ) + } + + override StringType getCorrectStringType() { result = stringType } +} diff --git a/swift/ql/lib/swift.dbscheme b/swift/ql/lib/swift.dbscheme index ba4171b90d0..44e36e15e90 100644 --- a/swift/ql/lib/swift.dbscheme +++ b/swift/ql/lib/swift.dbscheme @@ -1382,18 +1382,6 @@ interpolated_string_literal_expr_interpolation_exprs( //dir=expr int interpolation_expr: @opaque_value_expr_or_none ref ); -#keyset[id] -interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr - int id: @interpolated_string_literal_expr ref, - int interpolation_count_expr: @expr_or_none ref -); - -#keyset[id] -interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr - int id: @interpolated_string_literal_expr ref, - int literal_capacity_expr: @expr_or_none ref -); - #keyset[id] interpolated_string_literal_expr_appending_exprs( //dir=expr int id: @interpolated_string_literal_expr ref, diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql new file mode 100644 index 00000000000..fc9d93c02b6 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql @@ -0,0 +1,13 @@ +class Element extends @element { + string toString() { none() } +} + +from Element i, string value +where + integer_literal_exprs(i, value) and + not exists(Element interpolated | + interpolated_string_literal_expr_interpolation_count_exprs(interpolated, i) + or + interpolated_string_literal_expr_literal_capacity_exprs(interpolated, i) + ) +select i, value diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme new file mode 100644 index 00000000000..ba4171b90d0 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme @@ -0,0 +1,2630 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_count_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int literal_capacity_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme new file mode 100644 index 00000000000..44e36e15e90 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme @@ -0,0 +1,2618 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties new file mode 100644 index 00000000000..fa6dbe30ef6 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties @@ -0,0 +1,5 @@ +description: Remove `getInterpolationCountExpr` and `getLiteralCapacityExpr` from `InterpolatedStringLiteralExpr` +compatibility: full +interpolated_string_literal_expr_interpolation_count_exprs.rel: delete +interpolated_string_literal_expr_literal_capacity_exprs.rel: delete +integer_literal_exprs.rel: run integer_literal_exprs.ql diff --git a/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md new file mode 100644 index 00000000000..7166b5e9ed7 --- /dev/null +++ b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed some false positive results from the `swift/string-length-conflation` query, caused by imprecise sinks. diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index 2d76f1d3e7e..69601b3d931 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -6,7 +6,7 @@ * @problem.severity error * @security-severity 7.5 * @precision high - * @id swift/clear-text-logging + * @id swift/cleartext-logging * @tags security * external/cwe/cwe-312 * external/cwe/cwe-359 @@ -18,7 +18,9 @@ import codeql.swift.dataflow.DataFlow import codeql.swift.security.CleartextLoggingQuery import CleartextLoggingFlow::PathGraph -from CleartextLoggingFlow::PathNode src, CleartextLoggingFlow::PathNode sink -where CleartextLoggingFlow::flowPath(src, sink) -select sink.getNode(), src, sink, "This $@ is written to a log file.", src.getNode(), - "potentially sensitive information" +from CleartextLoggingFlow::PathNode source, CleartextLoggingFlow::PathNode sink +where CleartextLoggingFlow::flowPath(source, sink) +select sink.getNode(), source, sink, + "This operation writes '" + sink.toString() + + "' to a log file. It may contain unencrypted sensitive data from $@.", source, + source.getNode().toString() diff --git a/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..9d02611e7a7 --- /dev/null +++ b/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,6 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..770537cf684 --- /dev/null +++ b/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| unspecified.swift:12:20:12:21 | (...) | +| unspecified.swift:25:9:28:9 | switch ErrorExpr { ... } | diff --git a/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..9d02611e7a7 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,6 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..08c7e13fdcc --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,14 @@ +multipleSuccessors +| method_lookups.swift:42:9:42:19 | call to baz(_:) | successor | method_lookups.swift:42:3:42:19 | await ... | +| method_lookups.swift:42:9:42:19 | call to baz(_:) | successor | method_lookups.swift:44:7:44:7 | f | +| method_lookups.swift:48:9:48:19 | call to foo(_:_:) | successor | method_lookups.swift:48:3:48:19 | await ... | +| method_lookups.swift:48:9:48:19 | call to foo(_:_:) | successor | method_lookups.swift:49:9:49:11 | .bar() | +| method_lookups.swift:49:9:49:15 | call to bar() | successor | method_lookups.swift:49:3:49:15 | await ... | +| method_lookups.swift:49:9:49:15 | call to bar() | successor | method_lookups.swift:50:9:50:13 | .baz(_:) | +| method_lookups.swift:50:9:50:19 | call to baz(_:) | successor | method_lookups.swift:50:3:50:19 | await ... | +| method_lookups.swift:50:9:50:19 | call to baz(_:) | successor | method_lookups.swift:52:7:52:7 | f | +deadEnd +| method_lookups.swift:42:3:42:19 | await ... | +| method_lookups.swift:48:3:48:19 | await ... | +| method_lookups.swift:49:3:49:15 | await ... | +| method_lookups.swift:50:3:50:19 | await ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..73431518cde --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,3 @@ +doubleIndexes +| method_lookups.swift:44:13:44:13 | [AutoClosureExpr] { ... } | 2 | getParam(0) | 4 | getParam(1) | file://:0:0:0:0 | [ParamDecl] argument | +| method_lookups.swift:44:13:44:13 | [AutoClosureExpr] { ... } | 4 | getParam(1) | 2 | getParam(0) | file://:0:0:0:0 | [ParamDecl] argument | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt deleted file mode 100644 index 25daf3d23a2..00000000000 --- a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt +++ /dev/null @@ -1,4 +0,0 @@ -// generated by codegen/codegen.py - -After a source file is added in this directory and codegen/codegen.py is run again, test queries -will appear and this file will be deleted diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected new file mode 100644 index 00000000000..4d2e4f05c6e --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected @@ -0,0 +1 @@ +| open_existentials.swift:14:5:14:19 | OpenExistentialExpr | hasType: | yes | getSubExpr: | open_existentials.swift:14:5:14:19 | call to foo() | getExistential: | open_existentials.swift:14:5:14:13 | call to createP() | getOpaqueExpr: | open_existentials.swift:14:5:14:13 | OpaqueValueExpr | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql new file mode 100644 index 00000000000..ddff95364d2 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql @@ -0,0 +1,16 @@ +// generated by codegen/codegen.py +import codeql.swift.elements +import TestUtils + +from + OpenExistentialExpr x, string hasType, Expr getSubExpr, Expr getExistential, + OpaqueValueExpr getOpaqueExpr +where + toBeTested(x) and + not x.isUnknown() and + (if x.hasType() then hasType = "yes" else hasType = "no") and + getSubExpr = x.getSubExpr() and + getExistential = x.getExistential() and + getOpaqueExpr = x.getOpaqueExpr() +select x, "hasType:", hasType, "getSubExpr:", getSubExpr, "getExistential:", getExistential, + "getOpaqueExpr:", getOpaqueExpr diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected new file mode 100644 index 00000000000..2103b344895 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected @@ -0,0 +1 @@ +| open_existentials.swift:14:5:14:19 | OpenExistentialExpr | () | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql new file mode 100644 index 00000000000..11f926e60ce --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql @@ -0,0 +1,7 @@ +// generated by codegen/codegen.py +import codeql.swift.elements +import TestUtils + +from OpenExistentialExpr x +where toBeTested(x) and not x.isUnknown() +select x, x.getType() diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift new file mode 100644 index 00000000000..1cd9a688da6 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift @@ -0,0 +1,15 @@ +protocol P { + func foo() -> () +} + +class C : P { + func foo() {} +} + +func createP() -> P { + return C() +} + +func test() { + createP().foo() +} diff --git a/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..1ad4ad0b970 --- /dev/null +++ b/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| patterns.swift:16:10:16:14 | =~ ... | diff --git a/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/controlflow/graph/consistency.expected b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected similarity index 57% rename from swift/ql/test/library-tests/controlflow/graph/consistency.expected rename to swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected index 0440ab97c1a..fdfaa9f18cd 100644 --- a/swift/ql/test/library-tests/controlflow/graph/consistency.expected +++ b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected @@ -1,8 +1,3 @@ -nonUniqueSetRepresentation -breakInvariant2 -breakInvariant3 -breakInvariant4 -breakInvariant5 multipleSuccessors | cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:33:49:33:60 | call to isZero(x:) | | cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:35:5:37:3 | case ... | @@ -10,15 +5,16 @@ multipleSuccessors | cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | -simpleAndNormalSuccessors deadEnd | cfg.swift:33:49:33:60 | call to isZero(x:) | | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | | file://:0:0:0:0 | ... = ... | | file://:0:0:0:0 | ... = ... | -nonUniqueSplitKind -nonUniqueListOrder +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| patterns.swift:16:10:16:14 | =~ ... | diff --git a/swift/ql/test/library-tests/ast/PrintAst.expected b/swift/ql/test/library-tests/ast/PrintAst.expected index b4665b644e8..f1fbb4f1544 100644 --- a/swift/ql/test/library-tests/ast/PrintAst.expected +++ b/swift/ql/test/library-tests/ast/PrintAst.expected @@ -206,8 +206,6 @@ cfg.swift: # 40| getExpr(): [VarargExpansionExpr] [...] # 40| getSubExpr(): [ArrayExpr] [...] # 40| getElement(0): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 1 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 14 # 40| getAppendingExpr(): [TapExpr] TapExpr # 40| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 40| getBody(): [BraceStmt] { ... } @@ -1422,8 +1420,6 @@ cfg.swift: # 262| getBody(): [BraceStmt] { ... } # 263| getElement(0): [ReturnStmt] return ... # 263| getResult(): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 4 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 37 # 263| getAppendingExpr(): [TapExpr] TapExpr # 263| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 263| getBody(): [BraceStmt] { ... } @@ -4293,8 +4289,6 @@ expressions.swift: # 7| getBody(): [BraceStmt] { ... } # 7| getElement(0): [PatternBindingDecl] var ... = ... # 7| getInit(0): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 1 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 6 # 7| getAppendingExpr(): [TapExpr] TapExpr # 7| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 7| getBody(): [BraceStmt] { ... } diff --git a/swift/ql/test/library-tests/ast/no_double_children.ql b/swift/ql/test/library-tests/ast/no_double_children.ql deleted file mode 100644 index ffd27bedb03..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_children.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent, int index, PrintAstNode child1, PrintAstNode child2 -where - child1 != child2 and - parent.hasChild(child1, index, _) and - parent.hasChild(child2, index, _) -select parent, index, child1, child2 diff --git a/swift/ql/test/library-tests/ast/no_double_indexes.ql b/swift/ql/test/library-tests/ast/no_double_indexes.ql deleted file mode 100644 index c6308a99100..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_indexes.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent, int index1, int index2, PrintAstNode child -where - index1 != index2 and - parent.hasChild(child, index1, _) and - parent.hasChild(child, index2, _) -select parent, child, index1, index2 diff --git a/swift/ql/test/library-tests/ast/no_double_parents.ql b/swift/ql/test/library-tests/ast/no_double_parents.ql deleted file mode 100644 index 5a62076a9ea..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_parents.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent1, PrintAstNode parent2, PrintAstNode child -where - parent1 != parent2 and - parent1.hasChild(child, _, _) and - parent2.hasChild(child, _, _) -select parent1, parent2, child diff --git a/swift/ql/test/library-tests/ast/no_parent_child_loops.ql b/swift/ql/test/library-tests/ast/no_parent_child_loops.ql deleted file mode 100644 index e7ffea56cc7..00000000000 --- a/swift/ql/test/library-tests/ast/no_parent_child_loops.ql +++ /dev/null @@ -1,7 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -predicate isChildOf(PrintAstNode parent, PrintAstNode child) { parent.hasChild(child, _, _) } - -from PrintAstNode parent, PrintAstNode child -where isChildOf(parent, child) and isChildOf*(child, parent) -select parent, child diff --git a/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..0c4047134f3 --- /dev/null +++ b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,12 @@ +multipleSuccessors +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:35:5:37:3 | case ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | +deadEnd +| cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/controlflow/graph/Cfg.expected b/swift/ql/test/library-tests/controlflow/graph/Cfg.expected index b62245dbe2a..de69eda9614 100644 --- a/swift/ql/test/library-tests/controlflow/graph/Cfg.expected +++ b/swift/ql/test/library-tests/controlflow/graph/Cfg.expected @@ -349,6 +349,7 @@ cfg.swift: #-----| match -> print(_:separator:terminator:) # 40| print(_:separator:terminator:) +#-----| -> OpaqueValueExpr # 40| call to print(_:separator:terminator:) #-----| -> 0 @@ -366,7 +367,6 @@ cfg.swift: #-----| -> [...] # 40| OpaqueValueExpr -#-----| -> .appendLiteral(_:) # 40| TapExpr #-----| -> "..." @@ -2777,6 +2777,7 @@ cfg.swift: #-----| -> y # 262| y +#-----| -> OpaqueValueExpr # 263| return ... #-----| return -> exit interpolatedString(x:y:) (normal) @@ -2788,7 +2789,6 @@ cfg.swift: #-----| -> return ... # 263| OpaqueValueExpr -#-----| -> .appendLiteral(_:) # 263| TapExpr #-----| -> "..." diff --git a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..500c114c6c9 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,3 @@ +multipleSuccessors +| test.swift:488:8:488:12 | let ...? | no-match | test.swift:488:27:488:27 | y | +| test.swift:488:8:488:12 | let ...? | no-match | test.swift:493:9:493:9 | tuple1 | diff --git a/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected index 3d58e8a40ad..9986d248b84 100644 --- a/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected +++ b/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected @@ -150,7 +150,7 @@ | stringinterpolation.swift:13:3:13:3 | self | stringinterpolation.swift:13:3:13:3 | &... | | stringinterpolation.swift:13:23:13:23 | "..." | stringinterpolation.swift:13:3:13:3 | [post] &... | | stringinterpolation.swift:13:23:13:23 | "..." | stringinterpolation.swift:13:23:13:23 | [post] "..." | -| stringinterpolation.swift:13:23:13:23 | SSA def($interpolation) | stringinterpolation.swift:13:24:13:24 | SSA phi($interpolation) | +| stringinterpolation.swift:13:23:13:23 | SSA def($interpolation) | stringinterpolation.swift:13:24:13:24 | $interpolation | | stringinterpolation.swift:13:23:13:23 | TapExpr | stringinterpolation.swift:13:23:13:23 | "..." | | stringinterpolation.swift:13:23:13:23 | first is: | stringinterpolation.swift:13:23:13:23 | [post] first is: | | stringinterpolation.swift:13:23:13:23 | first is: | stringinterpolation.swift:13:24:13:24 | [post] &... | @@ -158,7 +158,6 @@ | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:23:13:23 | [post] first is: | | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:24:13:24 | [post] &... | | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:35:13:35 | $interpolation | -| stringinterpolation.swift:13:24:13:24 | SSA phi($interpolation) | stringinterpolation.swift:13:24:13:24 | $interpolation | | stringinterpolation.swift:13:24:13:24 | [post] &... | stringinterpolation.swift:13:35:13:35 | $interpolation | | stringinterpolation.swift:13:35:13:35 | $interpolation | stringinterpolation.swift:13:35:13:35 | &... | | stringinterpolation.swift:13:35:13:35 | &... | stringinterpolation.swift:13:35:13:35 | [post] &... | @@ -179,7 +178,7 @@ | stringinterpolation.swift:19:2:19:2 | p1 | stringinterpolation.swift:20:2:20:2 | p1 | | stringinterpolation.swift:20:2:20:2 | [post] p1 | stringinterpolation.swift:22:21:22:21 | p1 | | stringinterpolation.swift:20:2:20:2 | p1 | stringinterpolation.swift:22:21:22:21 | p1 | -| stringinterpolation.swift:22:12:22:12 | SSA def($interpolation) | stringinterpolation.swift:22:13:22:13 | SSA phi($interpolation) | +| stringinterpolation.swift:22:12:22:12 | SSA def($interpolation) | stringinterpolation.swift:22:13:22:13 | $interpolation | | stringinterpolation.swift:22:12:22:12 | TapExpr | stringinterpolation.swift:22:12:22:12 | "..." | | stringinterpolation.swift:22:12:22:12 | pair: | stringinterpolation.swift:22:12:22:12 | [post] pair: | | stringinterpolation.swift:22:12:22:12 | pair: | stringinterpolation.swift:22:13:22:13 | [post] &... | @@ -187,7 +186,6 @@ | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:12:22:12 | [post] pair: | | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:13:22:13 | [post] &... | | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:20:22:20 | $interpolation | -| stringinterpolation.swift:22:13:22:13 | SSA phi($interpolation) | stringinterpolation.swift:22:13:22:13 | $interpolation | | stringinterpolation.swift:22:13:22:13 | [post] &... | stringinterpolation.swift:22:20:22:20 | $interpolation | | stringinterpolation.swift:22:20:22:20 | $interpolation | stringinterpolation.swift:22:20:22:20 | &... | | stringinterpolation.swift:22:20:22:20 | &... | stringinterpolation.swift:22:20:22:20 | [post] &... | @@ -203,7 +201,7 @@ | stringinterpolation.swift:22:30:22:30 | &... | stringinterpolation.swift:22:30:22:30 | [post] | | stringinterpolation.swift:22:30:22:30 | &... | stringinterpolation.swift:22:30:22:30 | [post] &... | | stringinterpolation.swift:22:30:22:30 | [post] &... | stringinterpolation.swift:22:12:22:12 | TapExpr | -| stringinterpolation.swift:23:12:23:12 | SSA def($interpolation) | stringinterpolation.swift:23:13:23:13 | SSA phi($interpolation) | +| stringinterpolation.swift:23:12:23:12 | SSA def($interpolation) | stringinterpolation.swift:23:13:23:13 | $interpolation | | stringinterpolation.swift:23:12:23:12 | TapExpr | stringinterpolation.swift:23:12:23:12 | "..." | | stringinterpolation.swift:23:12:23:12 | pair: | stringinterpolation.swift:23:12:23:12 | [post] pair: | | stringinterpolation.swift:23:12:23:12 | pair: | stringinterpolation.swift:23:13:23:13 | [post] &... | @@ -211,7 +209,6 @@ | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:12:23:12 | [post] pair: | | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:13:23:13 | [post] &... | | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:20:23:20 | $interpolation | -| stringinterpolation.swift:23:13:23:13 | SSA phi($interpolation) | stringinterpolation.swift:23:13:23:13 | $interpolation | | stringinterpolation.swift:23:13:23:13 | [post] &... | stringinterpolation.swift:23:20:23:20 | $interpolation | | stringinterpolation.swift:23:20:23:20 | $interpolation | stringinterpolation.swift:23:20:23:20 | &... | | stringinterpolation.swift:23:20:23:20 | &... | stringinterpolation.swift:23:20:23:20 | [post] &... | @@ -227,7 +224,7 @@ | stringinterpolation.swift:23:31:23:31 | &... | stringinterpolation.swift:23:31:23:31 | [post] | | stringinterpolation.swift:23:31:23:31 | &... | stringinterpolation.swift:23:31:23:31 | [post] &... | | stringinterpolation.swift:23:31:23:31 | [post] &... | stringinterpolation.swift:23:12:23:12 | TapExpr | -| stringinterpolation.swift:24:12:24:12 | SSA def($interpolation) | stringinterpolation.swift:24:13:24:13 | SSA phi($interpolation) | +| stringinterpolation.swift:24:12:24:12 | SSA def($interpolation) | stringinterpolation.swift:24:13:24:13 | $interpolation | | stringinterpolation.swift:24:12:24:12 | TapExpr | stringinterpolation.swift:24:12:24:12 | "..." | | stringinterpolation.swift:24:12:24:12 | pair: | stringinterpolation.swift:24:12:24:12 | [post] pair: | | stringinterpolation.swift:24:12:24:12 | pair: | stringinterpolation.swift:24:13:24:13 | [post] &... | @@ -235,7 +232,6 @@ | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:12:24:12 | [post] pair: | | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:13:24:13 | [post] &... | | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:20:24:20 | $interpolation | -| stringinterpolation.swift:24:13:24:13 | SSA phi($interpolation) | stringinterpolation.swift:24:13:24:13 | $interpolation | | stringinterpolation.swift:24:13:24:13 | [post] &... | stringinterpolation.swift:24:20:24:20 | $interpolation | | stringinterpolation.swift:24:20:24:20 | $interpolation | stringinterpolation.swift:24:20:24:20 | &... | | stringinterpolation.swift:24:20:24:20 | &... | stringinterpolation.swift:24:20:24:20 | [post] &... | @@ -258,7 +254,7 @@ | stringinterpolation.swift:27:2:27:2 | p2 | stringinterpolation.swift:28:2:28:2 | p2 | | stringinterpolation.swift:28:2:28:2 | [post] p2 | stringinterpolation.swift:30:21:30:21 | p2 | | stringinterpolation.swift:28:2:28:2 | p2 | stringinterpolation.swift:30:21:30:21 | p2 | -| stringinterpolation.swift:30:12:30:12 | SSA def($interpolation) | stringinterpolation.swift:30:13:30:13 | SSA phi($interpolation) | +| stringinterpolation.swift:30:12:30:12 | SSA def($interpolation) | stringinterpolation.swift:30:13:30:13 | $interpolation | | stringinterpolation.swift:30:12:30:12 | TapExpr | stringinterpolation.swift:30:12:30:12 | "..." | | stringinterpolation.swift:30:12:30:12 | pair: | stringinterpolation.swift:30:12:30:12 | [post] pair: | | stringinterpolation.swift:30:12:30:12 | pair: | stringinterpolation.swift:30:13:30:13 | [post] &... | @@ -266,7 +262,6 @@ | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:12:30:12 | [post] pair: | | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:13:30:13 | [post] &... | | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:20:30:20 | $interpolation | -| stringinterpolation.swift:30:13:30:13 | SSA phi($interpolation) | stringinterpolation.swift:30:13:30:13 | $interpolation | | stringinterpolation.swift:30:13:30:13 | [post] &... | stringinterpolation.swift:30:20:30:20 | $interpolation | | stringinterpolation.swift:30:20:30:20 | $interpolation | stringinterpolation.swift:30:20:30:20 | &... | | stringinterpolation.swift:30:20:30:20 | &... | stringinterpolation.swift:30:20:30:20 | [post] &... | @@ -282,7 +277,7 @@ | stringinterpolation.swift:30:30:30:30 | &... | stringinterpolation.swift:30:30:30:30 | [post] | | stringinterpolation.swift:30:30:30:30 | &... | stringinterpolation.swift:30:30:30:30 | [post] &... | | stringinterpolation.swift:30:30:30:30 | [post] &... | stringinterpolation.swift:30:12:30:12 | TapExpr | -| stringinterpolation.swift:31:12:31:12 | SSA def($interpolation) | stringinterpolation.swift:31:13:31:13 | SSA phi($interpolation) | +| stringinterpolation.swift:31:12:31:12 | SSA def($interpolation) | stringinterpolation.swift:31:13:31:13 | $interpolation | | stringinterpolation.swift:31:12:31:12 | TapExpr | stringinterpolation.swift:31:12:31:12 | "..." | | stringinterpolation.swift:31:12:31:12 | pair: | stringinterpolation.swift:31:12:31:12 | [post] pair: | | stringinterpolation.swift:31:12:31:12 | pair: | stringinterpolation.swift:31:13:31:13 | [post] &... | @@ -290,7 +285,6 @@ | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:12:31:12 | [post] pair: | | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:13:31:13 | [post] &... | | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:20:31:20 | $interpolation | -| stringinterpolation.swift:31:13:31:13 | SSA phi($interpolation) | stringinterpolation.swift:31:13:31:13 | $interpolation | | stringinterpolation.swift:31:13:31:13 | [post] &... | stringinterpolation.swift:31:20:31:20 | $interpolation | | stringinterpolation.swift:31:20:31:20 | $interpolation | stringinterpolation.swift:31:20:31:20 | &... | | stringinterpolation.swift:31:20:31:20 | &... | stringinterpolation.swift:31:20:31:20 | [post] &... | @@ -306,7 +300,7 @@ | stringinterpolation.swift:31:31:31:31 | &... | stringinterpolation.swift:31:31:31:31 | [post] | | stringinterpolation.swift:31:31:31:31 | &... | stringinterpolation.swift:31:31:31:31 | [post] &... | | stringinterpolation.swift:31:31:31:31 | [post] &... | stringinterpolation.swift:31:12:31:12 | TapExpr | -| stringinterpolation.swift:32:12:32:12 | SSA def($interpolation) | stringinterpolation.swift:32:13:32:13 | SSA phi($interpolation) | +| stringinterpolation.swift:32:12:32:12 | SSA def($interpolation) | stringinterpolation.swift:32:13:32:13 | $interpolation | | stringinterpolation.swift:32:12:32:12 | TapExpr | stringinterpolation.swift:32:12:32:12 | "..." | | stringinterpolation.swift:32:12:32:12 | pair: | stringinterpolation.swift:32:12:32:12 | [post] pair: | | stringinterpolation.swift:32:12:32:12 | pair: | stringinterpolation.swift:32:13:32:13 | [post] &... | @@ -314,7 +308,6 @@ | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:12:32:12 | [post] pair: | | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:13:32:13 | [post] &... | | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:20:32:20 | $interpolation | -| stringinterpolation.swift:32:13:32:13 | SSA phi($interpolation) | stringinterpolation.swift:32:13:32:13 | $interpolation | | stringinterpolation.swift:32:13:32:13 | [post] &... | stringinterpolation.swift:32:20:32:20 | $interpolation | | stringinterpolation.swift:32:20:32:20 | $interpolation | stringinterpolation.swift:32:20:32:20 | &... | | stringinterpolation.swift:32:20:32:20 | &... | stringinterpolation.swift:32:20:32:20 | [post] &... | diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift index 60732f704d2..2437e91981f 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift @@ -7,7 +7,19 @@ protocol SortComparator { associatedtype Compared } -struct Data : RangeReplaceableCollection +protocol DataProtocol { +} +extension DataProtocol { + func copyBytes(to: UnsafeMutableRawBufferPointer) {} + func copyBytes(to: UnsafeMutablePointer, count: Int) {} + func copyBytes(to: UnsafeMutablePointer, from: Range) {} +} +extension UnsafeRawBufferPointer : DataProtocol { } +extension Array : DataProtocol where Element == UInt8 { } + +protocol MutableDataProtocol : DataProtocol, RangeReplaceableCollection { } + +struct Data : MutableDataProtocol { struct Base64EncodingOptions : OptionSet { let rawValue: Int } struct Base64DecodingOptions : OptionSet { let rawValue: Int } @@ -82,182 +94,193 @@ func taintThroughData() { let dataTainted2 = Data(dataTainted) sink(arg: dataClean) - sink(arg: dataTainted) // $ tainted=81 - sink(arg: dataTainted2) // $ tainted=81 + sink(arg: dataTainted) // $ tainted=93 + sink(arg: dataTainted2) // $ tainted=93 // ";Data;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint", let dataTainted3 = Data(base64Encoded: source() as! Data, options: []) - sink(arg: dataTainted3) // $ tainted=89 + sink(arg: dataTainted3) // $ tainted=101 // ";Data;true;init(buffer:);;;Argument[0];ReturnValue;taint", let dataTainted4 = Data(buffer: source() as! UnsafeBufferPointer) - sink(arg: dataTainted4) // $ tainted=93 + sink(arg: dataTainted4) // $ tainted=105 let dataTainted5 = Data(buffer: source() as! UnsafeMutablePointer) - sink(arg: dataTainted5) // $ tainted=95 + sink(arg: dataTainted5) // $ tainted=107 // ";Data;true;init(bytes:count:);;;Argument[0];ReturnValue;taint", let dataTainted6 = Data(bytes: source() as! UnsafeRawPointer, count: 0) - sink(arg: dataTainted6) // $ tainted=99 + sink(arg: dataTainted6) // $ tainted=111 // ";Data;true;init(bytesNoCopy:count:deallocator:);;;Argument[0];ReturnValue;taint", let dataTainted7 = Data(bytesNoCopy: source() as! UnsafeRawPointer, count: 0, deallocator: Data.Deallocator.none) - sink(arg: dataTainted7) // $ tainted=103 + sink(arg: dataTainted7) // $ tainted=115 // ";Data;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint", let urlTainted8 = source() as! URL let dataTainted8 = Data(contentsOf: urlTainted8, options: []) - sink(arg: dataTainted8) // $ tainted=107 + sink(arg: dataTainted8) // $ tainted=119 // ";Data;true;init(referencing:);;;Argument[0];ReturnValue;taint", let dataTainted9 = Data(referencing: source() as! NSData) - sink(arg: dataTainted9) // $ tainted=112 + sink(arg: dataTainted9) // $ tainted=124 // ";Data;true;append(_:);;;Argument[0];Argument[-1];taint", let dataTainted10 = Data("") dataTainted10.append(source() as! Data) - sink(arg: dataTainted10) // $ tainted=117 + sink(arg: dataTainted10) // $ tainted=129 let dataTainted11 = Data("") dataTainted11.append(source() as! UInt8) - sink(arg: dataTainted11) // $ tainted=121 + sink(arg: dataTainted11) // $ tainted=133 let dataTainted12 = Data("") dataTainted12.append(source() as! UnsafeBufferPointer) - sink(arg: dataTainted12) // $ tainted=125 + sink(arg: dataTainted12) // $ tainted=137 // ";Data;true;append(_:count:);;;Argument[0];Argument[-1];taint", let dataTainted13 = Data("") dataTainted13.append(source() as! UnsafePointer, count: 0) - sink(arg: dataTainted13) // $ tainted=130 + sink(arg: dataTainted13) // $ tainted=142 // ";Data;true;append(contentsOf:);;;Argument[0];Argument[-1];taint", let dataTainted14 = Data("") dataTainted14.append(contentsOf: source() as! [UInt8]) - sink(arg: dataTainted14) // $ tainted=135 + sink(arg: dataTainted14) // $ tainted=147 // ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint", let dataTainted15 = source() as! Data - sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=139 + sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=151 // ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint", let dataTainted16 = source() as! Data - sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=143 + sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=155 // ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint", let dataTainted17 = source() as! Data let compactMapped: [Int] = dataTainted17.compactMap { str in Int(str) } - sink(arg: compactMapped) // $ tainted=147 + sink(arg: compactMapped) // $ tainted=159 // ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", let dataTainted18 = source() as! Data let pointerTainted18 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) dataTainted18.copyBytes(to: pointerTainted18) - sink(arg: pointerTainted18) // $ tainted=152 + sink(arg: pointerTainted18) // $ tainted=164 // ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", let dataTainted19 = source() as! Data let pointerTainted19 = UnsafeMutablePointer.allocate(capacity: 0) dataTainted19.copyBytes(to: pointerTainted19, count: 0) - sink(arg: pointerTainted19) // $ tainted=158 + sink(arg: pointerTainted19) // $ tainted=170 // ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", let dataTainted20 = source() as! Data let pointerTainted20 = UnsafeMutablePointer.allocate(capacity: 0) dataTainted20.copyBytes(to: pointerTainted20, from: 0..<1) - sink(arg: pointerTainted20) // $ tainted=164 + sink(arg: pointerTainted20) // $ tainted=176 // ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint", let dataTainted21 = source() as! Data let flatMapped = dataTainted21.flatMap { Array(repeating: $0, count: 0) } - sink(arg: flatMapped) // $ tainted=170 + sink(arg: flatMapped) // $ tainted=182 let dataTainted22 = source() as! Data let flatMapped2 = dataTainted22.flatMap { str in Int(str) } - sink(arg: flatMapped2) // $ tainted=174 + sink(arg: flatMapped2) // $ tainted=186 // ";Data;true;insert(_:at:);;;Argument[0];Argument[-1];taint", let dataTainted23 = Data("") dataTainted23.insert(source() as! UInt8, at: 0) - sink(arg: dataTainted23) // $ tainted=180 + sink(arg: dataTainted23) // $ tainted=192 // ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint", let dataTainted24 = Data("") dataTainted24.insert(contentsOf: source() as! [UInt8], at: 0) - sink(arg: dataTainted24) // $ tainted=185 + sink(arg: dataTainted24) // $ tainted=197 // ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint", let dataTainted25 = source() as! Data let mapped = dataTainted25.map { $0 } - sink(arg: mapped) // $ tainted=189 + sink(arg: mapped) // $ tainted=201 // ";Data;true;reduce(into:_:);;;Argument[-1];ReturnValue;taint", let dataTainted26 = source() as! Data let reduced = dataTainted26.reduce(into: [:]) { c, i in c[i, default: 0] += 1 } - sink(arg: reduced) // $ tainted=194 + sink(arg: reduced) // $ tainted=206 // ";Data;true;replace(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted27 = Data("") dataTainted27.replace([0], with: source() as! [UInt8], maxReplacements: .max) - sink(arg: dataTainted27) // $ tainted=200 + sink(arg: dataTainted27) // $ tainted=212 // ";Data;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint", let dataTainted28 = Data("") dataTainted28.replaceSubrange(1..<3, with: source() as! Data) - sink(arg: dataTainted28) // $ tainted=205 + sink(arg: dataTainted28) // $ tainted=217 let dataTainted29 = Data("") dataTainted29.replaceSubrange(1..<3, with: source() as! [UInt8]) - sink(arg: dataTainted29) // $ tainted=209 + sink(arg: dataTainted29) // $ tainted=221 let dataTainted30 = Data("") dataTainted30.replaceSubrange(1..<3, with: source() as! UnsafeBufferPointer) - sink(arg: dataTainted30) // $ tainted=213 + sink(arg: dataTainted30) // $ tainted=225 // ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint", let dataTainted31 = Data("") dataTainted31.replaceSubrange(1..<3, with: source() as! UnsafeRawPointer, count: 0) - sink(arg: dataTainted31) // $ tainted=218 + sink(arg: dataTainted31) // $ tainted=230 // ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted32 = Data("") let _ = dataTainted32.replacing([0], with: source() as! [UInt8], maxReplacements: 0) - sink(arg: dataTainted32) // $ tainted=223 + sink(arg: dataTainted32) // $ tainted=235 // ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted33 = Data("") let _ = dataTainted33.replacing([0], with: source() as! [UInt8], subrange: 1..<3, maxReplacements: 0) - sink(arg: dataTainted33) // $ tainted=228 + sink(arg: dataTainted33) // $ tainted=240 // ";Data;true;reversed();;;Argument[-1];ReturnValue;taint", let dataTainted34 = source() as! Data - sink(arg: dataTainted34.reversed()) // $ tainted=232 + sink(arg: dataTainted34.reversed()) // $ tainted=244 // ";Data;true;sorted();;;Argument[-1];ReturnValue;taint", let dataTainted35 = source() as! Data - sink(arg: dataTainted35.sorted()) // $ tainted=236 + sink(arg: dataTainted35.sorted()) // $ tainted=248 // ";Data;true;sorted(by:);;;Argument[-1];ReturnValue;taint", let dataTainted36 = source() as! Data - sink(arg: dataTainted36.sorted{ _,_ in return false }) // $ tainted=240 + sink(arg: dataTainted36.sorted{ _,_ in return false }) // $ tainted=252 // ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint", let dataTainted37 = source() as! Data - sink(arg: dataTainted37.sorted(using: cmp()!)) // $ tainted=244 + sink(arg: dataTainted37.sorted(using: cmp()!)) // $ tainted=256 // ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint", let dataTainted38 = source() as! Data - sink(arg: dataTainted38.shuffled()) // $ tainted=248 + sink(arg: dataTainted38.shuffled()) // $ tainted=260 // ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint", let dataTainted39 = source() as! Data - var rng = rng()! - sink(arg: dataTainted39.shuffled(using: &rng)) // $ tainted=252 + var myRng = rng()! + sink(arg: dataTainted39.shuffled(using: &myRng)) // $ tainted=264 // ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint", let dataTainted40 = source() as! Data - sink(arg: dataTainted40.trimmingPrefix([0])) // $ tainted=257 + sink(arg: dataTainted40.trimmingPrefix([0])) // $ tainted=269 // ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint" let dataTainted41 = source() as! Data - sink(arg: dataTainted41.trimmingPrefix { _ in false }) // $ tainted=261 + sink(arg: dataTainted41.trimmingPrefix { _ in false }) // $ tainted=273 + + // ";DataProtocol;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", + let dataTainted43 = source() as! UnsafeRawBufferPointer + let pointerTainted43 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) + dataTainted43.copyBytes(to: pointerTainted43) + sink(arg: pointerTainted43) // $ tainted=277 + + let dataTainted44 = source() as! Array + let pointerTainted44 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) + dataTainted44.copyBytes(to: pointerTainted44) + sink(arg: pointerTainted44) // $ tainted=282 } diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..4de95c00602 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,10 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected new file mode 100644 index 00000000000..5e0222c484c --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected @@ -0,0 +1,27 @@ +| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getEnumElement(0) = red, .getEnumElement(1) = green, .getEnumElement(2) = yellow, .getEnumElement(3) = blue, .getType = MyColours | +| enumdecl.swift:3:2:3:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = red | +| enumdecl.swift:3:7:3:7 | red | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:4:2:4:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = green, .getElement(1) = yellow | +| enumdecl.swift:4:7:4:7 | green | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:4:14:4:14 | yellow | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:5:2:5:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = blue | +| enumdecl.swift:5:7:5:7 | blue | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getEnumElement(0) = str, .getEnumElement(1) = pair, .getType = MyContainer | +| enumdecl.swift:9:2:9:17 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = str | +| enumdecl.swift:9:7:9:17 | str | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = _ | +| enumdecl.swift:10:2:10:26 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = pair | +| enumdecl.swift:10:7:10:26 | pair | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = x, .getParam(1) = y | +| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getEnumElement(0) = one, .getEnumElement(1) = two, .getEnumElement(2) = three, .getEnumElement(3) = four, .getType = MyNumbers | +| enumdecl.swift:14:2:14:16 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = one, .getElement(1) = two | +| enumdecl.swift:14:7:14:13 | one | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:14:16:14:16 | two | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:15:2:15:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = three, .getElement(1) = four | +| enumdecl.swift:15:7:15:7 | three | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:15:14:15:14 | four | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getEnumElement(0) = alpha, .getEnumElement(1) = beta, .getEnumElement(2) = gamma, .getEnumElement(3) = delta, .getEnumElement(4) = epsilon, .getType = MyGreek | +| enumdecl.swift:19:2:19:34 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyGreek, .getElement(0) = alpha, .getElement(1) = beta, .getElement(2) = gamma, .getElement(3) = delta, .getElement(4) = epsilon | +| enumdecl.swift:19:7:19:7 | alpha | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:14:19:14 | beta | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:20:19:20 | gamma | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:27:19:27 | delta | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:34:19:34 | epsilon | (EnumElementDecl), .getDeclaringDecl = MyGreek | diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql new file mode 100644 index 00000000000..dba88e6009d --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql @@ -0,0 +1,25 @@ +import swift + +string describe(Decl d) { + d instanceof EnumDecl and result = "(EnumDecl)" + or + d instanceof EnumCaseDecl and result = "(EnumCaseDecl)" + or + d instanceof EnumElementDecl and result = "(EnumElementDecl)" + or + result = ".getType = " + d.(EnumDecl).getType().toString() + or + result = ".getDeclaringDecl = " + d.getDeclaringDecl().toString() + or + exists(int i | + result = ".getElement(" + i.toString() + ") = " + d.(EnumCaseDecl).getElement(i).toString() + or + result = ".getParam(" + i.toString() + ") = " + d.(EnumElementDecl).getParam(i).toString() + or + result = ".getEnumElement(" + i.toString() + ") = " + d.(EnumDecl).getEnumElement(i).toString() + ) +} + +from Decl d +where d.getLocation().getFile().getName() != "" +select d, strictconcat(describe(d), ", ") diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift new file mode 100644 index 00000000000..7a8b06b7d94 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift @@ -0,0 +1,20 @@ + +enum MyColours { + case red + case green, yellow + case blue +} + +enum MyContainer { + case str(String) + case pair(x: Int, y: Int) +} + +enum MyNumbers: Int { + case one = 1, two + case three, four +} + +enum MyGreek { + case alpha, beta, gamma, delta, epsilon +} diff --git a/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..280e2eeab41 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,3 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..25ce837828c --- /dev/null +++ b/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,17 @@ +multipleSuccessors +| methodlookup.swift:37:11:37:30 | call to instanceMethod() | successor | methodlookup.swift:37:5:37:30 | await ... | +| methodlookup.swift:37:11:37:30 | call to instanceMethod() | successor | methodlookup.swift:40:5:40:9 | .staticMethod() | +| methodlookup.swift:47:11:47:30 | call to instanceMethod() | successor | methodlookup.swift:47:5:47:30 | await ... | +| methodlookup.swift:47:11:47:30 | call to instanceMethod() | successor | methodlookup.swift:48:11:48:11 | Baz.Type | +| methodlookup.swift:48:11:48:35 | call to { ... } | successor | methodlookup.swift:48:5:48:35 | await ... | +| methodlookup.swift:48:11:48:35 | call to { ... } | successor | methodlookup.swift:50:11:50:15 | .classMethod() | +| methodlookup.swift:50:11:50:27 | call to classMethod() | successor | methodlookup.swift:50:5:50:27 | await ... | +| methodlookup.swift:50:11:50:27 | call to classMethod() | successor | methodlookup.swift:51:11:51:15 | .staticMethod() | +| methodlookup.swift:51:11:51:28 | call to staticMethod() | successor | methodlookup.swift:43:6:52:1 | exit { ... } (normal) | +| methodlookup.swift:51:11:51:28 | call to staticMethod() | successor | methodlookup.swift:51:5:51:28 | await ... | +deadEnd +| methodlookup.swift:37:5:37:30 | await ... | +| methodlookup.swift:47:5:47:30 | await ... | +| methodlookup.swift:48:5:48:35 | await ... | +| methodlookup.swift:50:5:50:27 | await ... | +| methodlookup.swift:51:5:51:28 | await ... | diff --git a/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift index d04dec0debc..8498d89d68d 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift +++ b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift @@ -6,8 +6,8 @@ struct URL init?(string: String) {} init?(string: String, relativeTo: URL?) {} } - -struct Data { +protocol DataProtocol { } +struct Data : DataProtocol { init(_ elements: S) { count = 0 } var count: Int diff --git a/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..90f66c1830d --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,11 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected index b0154ec15af..909c6233ba5 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected @@ -18,6 +18,18 @@ edges | StringLengthConflation.swift:137:34:137:36 | .count | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | | StringLengthConflation.swift:138:36:138:38 | .count | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | | StringLengthConflation.swift:144:28:144:30 | .count | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | +| StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | +| StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | +| StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | +| StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | +| StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | +| StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | +| StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | +| StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | +| StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | +| StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | +| StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | +| StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | StringLengthConflation.swift:53:43:53:46 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:60:47:60:50 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:66:33:66:36 | .length | @@ -27,6 +39,10 @@ edges | file://:0:0:0:0 | .length | StringLengthConflation.swift:108:25:108:28 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:114:23:114:26 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:120:22:120:25 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:32 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:33 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:38 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:39 | .length | nodes | StringLengthConflation2.swift:35:36:35:38 | .count | semmle.label | .count | | StringLengthConflation2.swift:35:36:35:46 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | @@ -76,6 +92,30 @@ nodes | StringLengthConflation.swift:151:45:151:53 | .count | semmle.label | .count | | StringLengthConflation.swift:156:45:156:52 | .count | semmle.label | .count | | StringLengthConflation.swift:161:45:161:53 | .count | semmle.label | .count | +| StringLengthConflation.swift:168:29:168:36 | .count | semmle.label | .count | +| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:169:29:169:37 | .count | semmle.label | .count | +| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:170:29:170:46 | .count | semmle.label | .count | +| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:171:29:171:32 | .length | semmle.label | .length | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:172:29:172:33 | .length | semmle.label | .length | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:173:35:173:37 | .count | semmle.label | .count | +| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:174:35:174:42 | .count | semmle.label | .count | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:175:35:175:43 | .count | semmle.label | .count | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:177:35:177:38 | .length | semmle.label | .length | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:178:35:178:39 | .length | semmle.label | .length | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:179:37:179:39 | .count | semmle.label | .count | +| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:181:37:181:39 | .count | semmle.label | .count | +| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | semmle.label | .length | subpaths #select @@ -84,17 +124,17 @@ subpaths | StringLengthConflation.swift:36:93:36:93 | len | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:36:93:36:93 | len | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:53:43:53:46 | .length | StringLengthConflation.swift:53:43:53:46 | .length | StringLengthConflation.swift:53:43:53:46 | .length | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:53:43:53:46 | .length | file://:0:0:0:0 | .length | StringLengthConflation.swift:53:43:53:46 | .length | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | This String.utf16 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | This String.unicodeScalars length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | StringLengthConflation.swift:60:47:60:50 | .length | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | StringLengthConflation.swift:66:33:66:36 | .length | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:72:33:72:35 | .count | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:78:47:78:49 | .count | StringLengthConflation.swift:78:47:78:49 | .count | StringLengthConflation.swift:78:47:78:49 | .count | This String length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | This String.utf8 length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | This String.unicodeScalars length is used in an NSString, but it may not be equivalent. | +| StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | This String.UTF8View length is used in an NSString, but it may not be equivalent. | +| StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | This String.UnicodeScalarView length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | StringLengthConflation.swift:96:28:96:31 | .length | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:100:27:100:39 | ... .-(_:_:) ... | StringLengthConflation.swift:100:27:100:30 | .length | StringLengthConflation.swift:100:27:100:39 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | @@ -114,6 +154,22 @@ subpaths | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | StringLengthConflation.swift:137:34:137:36 | .count | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | StringLengthConflation.swift:138:36:138:38 | .count | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | StringLengthConflation.swift:144:28:144:30 | .count | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | This String.unicodeScalars length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | This String.utf16 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | This String length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.UTF8View length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.UTF16View length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | This String length is used in a String.UTF8View, but it may not be equivalent. | +| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | This String length is used in a String.UTF16View, but it may not be equivalent. | diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift index 67b8feb657f..c707b81fe35 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift @@ -161,6 +161,25 @@ func test(s: String) { let _ = s.index(s.startIndex, offsetBy: s_utf16.count) // BAD let _ = s_utf16.index(s_utf16.startIndex, offsetBy: scalars.count) // GOOD let _ = s_utf16.index(s_utf16.startIndex, offsetBy: s.count) // BAD [NOT DETECTED] + + // --- methods provided by Sequence, Collection etc --- + + let _ = String(s.prefix(s.count - 10)) // GOOD + let _ = String(s.prefix(s.utf8.count - 10)) // BAD + let _ = String(s.prefix(s.utf16.count - 10)) // BAD + let _ = String(s.prefix(s.unicodeScalars.count - 10)) // BAD + let _ = String(s.prefix(ns.length - 10)) // BAD + let _ = String(s.prefix(nms.length - 10)) // BAD + let _ = String(scalars.prefix(s.count - 10)) // BAD + let _ = String(scalars.prefix(s.utf8.count - 10)) // BAD + let _ = String(scalars.prefix(s.utf16.count - 10)) // BAD + let _ = String(scalars.prefix(s.unicodeScalars.count - 10)) // GOOD + let _ = String(scalars.prefix(ns.length - 10)) // BAD + let _ = String(scalars.prefix(nms.length - 10)) // BAD + let _ = String(s.utf8.dropFirst(s.count - 10)) // BAD + let _ = String(s.utf8.dropFirst(s.utf8.count - 10)) // GOOD + let _ = String(s.utf16.dropLast(s.count - 10)) // BAD + let _ = String(s.utf16.dropLast(s.utf16.count - 10)) // GOOD } // `begin :thumbsup: end`, with thumbs up emoji and skin tone modifier diff --git a/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..9d02611e7a7 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,6 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..65cf24d02a7 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,13 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..fc0518030f4 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,9 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..107533d785d --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | StmtCondition | +| file://:0:0:0:0 | StmtCondition | +| file://:0:0:0:0 | hasher | +| file://:0:0:0:0 | hasher | diff --git a/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/schema.py b/swift/schema.py index 8fc0941e171..5289fa68a9e 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -73,6 +73,7 @@ class AstNode(Locatable): pass @group("type") +@ql.hideable class Type(Element): name: string canonical_type: "Type" @@ -80,14 +81,20 @@ class Type(Element): @group("decl") class Decl(AstNode): module: "ModuleDecl" - members: list["Decl"] | child + members: list["Decl"] | child | desc(""" + Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + on the order of members given by `getMember`. In some cases the order of members may not + align with expectations, and could change in future releases. + """) @group("expr") +@ql.hideable class Expr(AstNode): """The base class for all expressions in Swift.""" type: optional[Type] @group("pattern") +@ql.hideable class Pattern(AstNode): pass @@ -516,9 +523,22 @@ class OpaqueValueExpr(Expr): pass class OpenExistentialExpr(Expr): - sub_expr: Expr | child - existential: Expr | child - opaque_expr: OpaqueValueExpr | child + """ An implicit expression created by the compiler when a method is called on a protocol. For example in + ``` + protocol P { + func foo() -> Int + } + func bar(x: P) -> Int { + return x.foo() + } + `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + an `OpaqueValueExpr`. + ``` + """ + sub_expr: Expr | child | desc(""" + This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used.""") + existential: Expr | child | doc("protocol-typed expression opened by this expression") + opaque_expr: OpaqueValueExpr | doc("opaque value expression embedded within `getSubExpr()`") class OptionalEvaluationExpr(Expr): sub_expr: Expr | child @@ -679,8 +699,6 @@ class InjectIntoOptionalExpr(ImplicitConversionExpr): class InterpolatedStringLiteralExpr(LiteralExpr): interpolation_expr: optional[OpaqueValueExpr] - interpolation_count_expr: optional[Expr] | child - literal_capacity_expr: optional[Expr] | child appending_expr: optional[TapExpr] | child class LinearFunctionExpr(ImplicitConversionExpr): diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj new file mode 100644 index 00000000000..bb2ebc13d66 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj @@ -0,0 +1,2062 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 52; + objects = { + +/* Begin PBXAggregateTarget section */ + "Foo::FooPackageTests::ProductTarget" /* FooPackageTests */ = { + isa = PBXAggregateTarget; + buildConfigurationList = OBJ_529 /* Build configuration list for PBXAggregateTarget "FooPackageTests" */; + buildPhases = ( + ); + dependencies = ( + OBJ_532 /* PBXTargetDependency */, + ); + name = FooPackageTests; + productName = FooPackageTests; + }; +/* End PBXAggregateTarget section */ + +/* Begin PBXBuildFile section */ + 8405567023527E280064EC7D /* ActionSheetItemCells.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */; }; + 8422CB60239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */; }; + 8422CB63239DAFBC00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */; }; + 8422CB66239DB70C00251D31 /* ActionSheetPresenterBaseTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */; }; + 8422CB68239DC27500251D31 /* NonDismissableMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */; }; + 8422CB6A239DC2C400251D31 /* BackgroundDismissableMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */; }; + 8422CB71239DC82C00251D31 /* ContextMenu+ConfigurationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */; }; + 8422CB72239DC85300251D31 /* ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */; }; + 8422CB73239DC85900251D31 /* ContextMenu+Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */; }; + 8422CB76239DCBFD00251D31 /* Menu+Deprecations.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */; }; + 8422CB7A239E1FB600251D31 /* DestructiveItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB78239E1E6800251D31 /* DestructiveItem.swift */; }; + 8422CB7D239E20E100251D31 /* DestructiveItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */; }; + 8422CB82239E21FF00251D31 /* DestructiveItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */; }; + 843C3B0F25271DE30055BFE6 /* DemoMultilineItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */; }; + 843C3B1925271FEC0055BFE6 /* DemoMultilineItemMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */; }; + 846703A1234A3C4500355331 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 8467039F234A3C4500355331 /* Main.storyboard */; }; + 846703A6234A3C4600355331 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 846703A4234A3C4600355331 /* LaunchScreen.storyboard */; }; + 846703E6234A3CF100355331 /* FoodOption+ActionSheetItems.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */; }; + 846703E7234A3CF100355331 /* FoodOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AD234A3CF000355331 /* FoodOption.swift */; }; + 846703E8234A3CF100355331 /* MenuOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AE234A3CF000355331 /* MenuOption.swift */; }; + 846703E9234A3CF100355331 /* AppearanceOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AF234A3CF000355331 /* AppearanceOption.swift */; }; + 846703EA234A3CF100355331 /* ActionSheetOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B0234A3CF000355331 /* ActionSheetOption.swift */; }; + 846703EC234A3CF100355331 /* ViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B3234A3CF000355331 /* ViewController.swift */; }; + 846703ED234A3CF100355331 /* ViewController+Appearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B4234A3CF000355331 /* ViewController+Appearance.swift */; }; + 846703EE234A3CF100355331 /* ViewController+Menus.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B5234A3CF000355331 /* ViewController+Menus.swift */; }; + 846703EF234A3CF100355331 /* ViewController+Alert.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B6234A3CF000355331 /* ViewController+Alert.swift */; }; + 846703F0234A3CF100355331 /* ViewController+ActionSheets.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */; }; + 846703F1234A3CF100355331 /* ViewController+TableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B8234A3CF000355331 /* ViewController+TableView.swift */; }; + 846703F2234A3CF100355331 /* ContextMenuViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B9234A3CF000355331 /* ContextMenuViewController.swift */; }; + 846703F3234A3CF100355331 /* AppearanceViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BA234A3CF000355331 /* AppearanceViewController.swift */; }; + 846703F4234A3CF100355331 /* DemoCustomViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */; }; + 846703F5234A3CF100355331 /* DemoCollectionViewCell.xib in Resources */ = {isa = PBXBuildFile; fileRef = 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */; }; + 846703F6234A3CF100355331 /* DemoCustomViewCell.xib in Resources */ = {isa = PBXBuildFile; fileRef = 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */; }; + 846703F7234A3CF100355331 /* DemoCollectionViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */; }; + 846703F8234A3CF100355331 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C0234A3CF000355331 /* AppDelegate.swift */; }; + 846703F9234A3CF100355331 /* SceneDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C1234A3CF000355331 /* SceneDelegate.swift */; }; + 846703FA234A3CF100355331 /* DemoAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C3234A3CF000355331 /* DemoAppearance.swift */; }; + 846703FB234A3CF100355331 /* ColorAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C4234A3CF000355331 /* ColorAppearance.swift */; }; + 846703FC234A3CF100355331 /* DemoFonts.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C5234A3CF000355331 /* DemoFonts.swift */; }; + 846703FD234A3CF100355331 /* FoodActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C7234A3CF000355331 /* FoodActionSheet.swift */; }; + 846703FE234A3CF100355331 /* CollectionActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C8234A3CF000355331 /* CollectionActionSheet.swift */; }; + 846703FF234A3CF100355331 /* title-image.png in Resources */ = {isa = PBXBuildFile; fileRef = 846703CB234A3CF100355331 /* title-image.png */; }; + 84670400234A3CF100355331 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 846703CC234A3CF100355331 /* Assets.xcassets */; }; + 84670401234A3CF100355331 /* Roboto-Medium.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703CF234A3CF100355331 /* Roboto-Medium.ttf */; }; + 84670402234A3CF100355331 /* Roboto-Light.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D0234A3CF100355331 /* Roboto-Light.ttf */; }; + 84670403234A3CF100355331 /* Roboto-Regular.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D1234A3CF100355331 /* Roboto-Regular.ttf */; }; + 84670404234A3CF100355331 /* Roboto-MediumItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */; }; + 84670405234A3CF100355331 /* Roboto-ThinItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */; }; + 84670406234A3CF100355331 /* Roboto-BoldItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */; }; + 84670407234A3CF100355331 /* Roboto-LightItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */; }; + 84670408234A3CF100355331 /* Roboto-Italic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D6234A3CF100355331 /* Roboto-Italic.ttf */; }; + 84670409234A3CF100355331 /* LICENSE.txt in Resources */ = {isa = PBXBuildFile; fileRef = 846703D7234A3CF100355331 /* LICENSE.txt */; }; + 8467040A234A3CF100355331 /* Roboto-BlackItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */; }; + 8467040B234A3CF100355331 /* Roboto-Bold.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D9234A3CF100355331 /* Roboto-Bold.ttf */; }; + 8467040C234A3CF100355331 /* Roboto-Thin.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703DA234A3CF100355331 /* Roboto-Thin.ttf */; }; + 8467040D234A3CF100355331 /* Roboto-Black.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703DB234A3CF100355331 /* Roboto-Black.ttf */; }; + 8467040E234A3CF100355331 /* FoodMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DD234A3CF100355331 /* FoodMenu.swift */; }; + 8467040F234A3CF100355331 /* LinkMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DE234A3CF100355331 /* LinkMenu.swift */; }; + 84670410234A3CF100355331 /* SingleSelectMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DF234A3CF100355331 /* SingleSelectMenu.swift */; }; + 84670411234A3CF100355331 /* DestructiveMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E0234A3CF100355331 /* DestructiveMenu.swift */; }; + 84670412234A3CF100355331 /* MultiSelectMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E1234A3CF100355331 /* MultiSelectMenu.swift */; }; + 84670413234A3CF100355331 /* ItemMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E2234A3CF100355331 /* ItemMenu.swift */; }; + 84670414234A3CF100355331 /* CustomMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E3234A3CF100355331 /* CustomMenu.swift */; }; + 84670415234A3CF100355331 /* SectionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E4234A3CF100355331 /* SectionMenu.swift */; }; + 84670416234A3CF100355331 /* CollectionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E5234A3CF100355331 /* CollectionMenu.swift */; }; + 84670419234A3E9C00355331 /* Foo.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; }; + 8467041A234A3E9C00355331 /* Foo.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + 847E09ED239DA5E70058179D /* ActionSheetPresenterBase.swift in Sources */ = {isa = PBXBuildFile; fileRef = 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */; }; + 84A24ECB236C64F200DB060C /* SecondaryActionItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */; }; + 84A24ECE236C670D00DB060C /* SecondaryActionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */; }; + 84A24ED0236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */; }; + 84A24ED2236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */; }; + 84A24ED5236C6DCD00DB060C /* ActionSheetSecondaryActionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */; }; + 84A24ED9236C724100DB060C /* SecondaryActionItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */; }; + 84A24EDB236C72C900DB060C /* SecondaryActionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */; }; + 84A24EDD236C84D900DB060C /* MenuCreator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24EDC236C84D900DB060C /* MenuCreator.swift */; }; + 84D3AF2E2434B1420007BE9B /* Quick in Frameworks */ = {isa = PBXBuildFile; productRef = 84D3AF2D2434B1420007BE9B /* Quick */; }; + 84D3AF312434B1510007BE9B /* Nimble in Frameworks */ = {isa = PBXBuildFile; productRef = 84D3AF302434B1510007BE9B /* Nimble */; }; + 84F64BA1239D8FEF000290D1 /* ActionSheet+Header.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */; }; + 84F64BA3239D9630000290D1 /* ActionSheet+Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */; }; + 84F64BA5239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */; }; + 84F64BA8239D9CD7000290D1 /* ActionSheet+Deprecations.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */; }; + A9FA9D3A26A17AC40047114E /* MockingKit in Frameworks */ = {isa = PBXBuildFile; productRef = A9FA9D3926A17AC40047114E /* MockingKit */; }; + OBJ_442 /* ActionSheet+Presenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_10 /* ActionSheet+Presenter.swift */; }; + OBJ_443 /* ActionSheet+Scroll.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_11 /* ActionSheet+Scroll.swift */; }; + OBJ_444 /* ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_12 /* ActionSheet.swift */; }; + OBJ_445 /* ActionSheetItemHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_13 /* ActionSheetItemHandler.swift */; }; + OBJ_446 /* ActionSheetMargin.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_14 /* ActionSheetMargin.swift */; }; + OBJ_447 /* ActionSheet+Appearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_16 /* ActionSheet+Appearance.swift */; }; + OBJ_448 /* ActionSheetAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_17 /* ActionSheetAppearance.swift */; }; + OBJ_449 /* ActionSheetColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_18 /* ActionSheetColor.swift */; }; + OBJ_450 /* UIColor+ActionSheetColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_19 /* UIColor+ActionSheetColor.swift */; }; + OBJ_451 /* UIEdgeInsets+Hidden.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_21 /* UIEdgeInsets+Hidden.swift */; }; + OBJ_452 /* UIView+Subviews.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_22 /* UIView+Subviews.swift */; }; + OBJ_453 /* UIViewController+RootViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_23 /* UIViewController+RootViewController.swift */; }; + OBJ_454 /* CancelButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_26 /* CancelButton+ActionSheet.swift */; }; + OBJ_455 /* DestructiveButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_27 /* DestructiveButton+ActionSheet.swift */; }; + OBJ_456 /* MenuButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_28 /* MenuButton+ActionSheet.swift */; }; + OBJ_457 /* OkButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_29 /* OkButton+ActionSheet.swift */; }; + OBJ_458 /* CollectionItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_31 /* CollectionItem+ActionSheet.swift */; }; + OBJ_459 /* CustomItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_32 /* CustomItem+ActionSheet.swift */; }; + OBJ_460 /* LinkItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_33 /* LinkItem+ActionSheet.swift */; }; + OBJ_461 /* MultiSelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_34 /* MultiSelectItem+ActionSheet.swift */; }; + OBJ_462 /* MultiSelectToggleItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */; }; + OBJ_463 /* SelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_36 /* SelectItem+ActionSheet.swift */; }; + OBJ_464 /* SingleSelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_37 /* SingleSelectItem+ActionSheet.swift */; }; + OBJ_465 /* Menu+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_38 /* Menu+ActionSheet.swift */; }; + OBJ_466 /* MenuItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_39 /* MenuItem+ActionSheet.swift */; }; + OBJ_467 /* MenuTitle+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_41 /* MenuTitle+ActionSheet.swift */; }; + OBJ_468 /* SectionMargin+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_42 /* SectionMargin+ActionSheet.swift */; }; + OBJ_469 /* SectionTitle+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_43 /* SectionTitle+ActionSheet.swift */; }; + OBJ_470 /* ActionSheetPopoverPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_45 /* ActionSheetPopoverPresenter.swift */; }; + OBJ_471 /* ActionSheetPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_46 /* ActionSheetPresenter.swift */; }; + OBJ_472 /* ActionSheetStandardPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_47 /* ActionSheetStandardPresenter.swift */; }; + OBJ_473 /* ActionSheetBackgroundView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_49 /* ActionSheetBackgroundView.swift */; }; + OBJ_474 /* ActionSheetButtonTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_50 /* ActionSheetButtonTableView.swift */; }; + OBJ_475 /* ActionSheetHeaderContainerView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_51 /* ActionSheetHeaderContainerView.swift */; }; + OBJ_476 /* ActionSheetItemTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_52 /* ActionSheetItemTableView.swift */; }; + OBJ_477 /* ActionSheetStackView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_53 /* ActionSheetStackView.swift */; }; + OBJ_478 /* ActionSheetTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_54 /* ActionSheetTableView.swift */; }; + OBJ_480 /* ActionSheetItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_57 /* ActionSheetItemCell.swift */; }; + OBJ_484 /* ActionSheetCollectionItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_63 /* ActionSheetCollectionItemCell.swift */; }; + OBJ_485 /* ActionSheetCollectionItemCellHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */; }; + OBJ_486 /* ActionSheetLinkItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_65 /* ActionSheetLinkItemCell.swift */; }; + OBJ_488 /* ActionSheetMultiSelectToggleItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */; }; + OBJ_489 /* ActionSheetSelectItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_68 /* ActionSheetSelectItemCell.swift */; }; + OBJ_494 /* AlertControllerConversionError.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_75 /* AlertControllerConversionError.swift */; }; + OBJ_495 /* Menu+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_76 /* Menu+AlertController.swift */; }; + OBJ_496 /* MenuItem+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_77 /* MenuItem+AlertController.swift */; }; + OBJ_497 /* UIViewController+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_78 /* UIViewController+AlertController.swift */; }; + OBJ_498 /* ContextMenuConversionError.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_80 /* ContextMenuConversionError.swift */; }; + OBJ_499 /* ContextMenuDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_81 /* ContextMenuDelegate.swift */; }; + OBJ_500 /* ContextMenuDelegateRetainer.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_82 /* ContextMenuDelegateRetainer.swift */; }; + OBJ_501 /* MenuCreator+ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_83 /* MenuCreator+ContextMenu.swift */; }; + OBJ_502 /* MenuItem+ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_84 /* MenuItem+ContextMenu.swift */; }; + OBJ_503 /* NSObject+ClassName.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_86 /* NSObject+ClassName.swift */; }; + OBJ_504 /* CancelButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_89 /* CancelButton.swift */; }; + OBJ_505 /* DestructiveButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_90 /* DestructiveButton.swift */; }; + OBJ_506 /* MenuButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_91 /* MenuButton.swift */; }; + OBJ_507 /* OkButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_92 /* OkButton.swift */; }; + OBJ_508 /* CollectionItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_94 /* CollectionItem.swift */; }; + OBJ_509 /* CustomItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_95 /* CustomItem.swift */; }; + OBJ_510 /* LinkItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_96 /* LinkItem.swift */; }; + OBJ_511 /* MultiSelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_97 /* MultiSelectItem.swift */; }; + OBJ_512 /* MultiSelectToggleItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_98 /* MultiSelectToggleItem.swift */; }; + OBJ_513 /* SelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_99 /* SelectItem.swift */; }; + OBJ_514 /* SingleSelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_100 /* SingleSelectItem.swift */; }; + OBJ_515 /* Menu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_101 /* Menu.swift */; }; + OBJ_517 /* MenuItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_103 /* MenuItem.swift */; }; + OBJ_518 /* MenuTitle.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_105 /* MenuTitle.swift */; }; + OBJ_519 /* SectionMagin.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_106 /* SectionMagin.swift */; }; + OBJ_520 /* SectionTitle.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_107 /* SectionTitle.swift */; }; + OBJ_527 /* Package.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_6 /* Package.swift */; }; + OBJ_538 /* ActionSheet+PresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_111 /* ActionSheet+PresenterTests.swift */; }; + OBJ_539 /* ActionSheetItemHandlerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_112 /* ActionSheetItemHandlerTests.swift */; }; + OBJ_540 /* ActionSheetMarginTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_113 /* ActionSheetMarginTests.swift */; }; + OBJ_541 /* ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_114 /* ActionSheetTests.swift */; }; + OBJ_542 /* ActionSheet+AppearanceTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_116 /* ActionSheet+AppearanceTests.swift */; }; + OBJ_543 /* ActionSheetAppearanceTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_117 /* ActionSheetAppearanceTests.swift */; }; + OBJ_544 /* ActionSheetColorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_118 /* ActionSheetColorTests.swift */; }; + OBJ_545 /* UIColor+ActionSheetColorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_119 /* UIColor+ActionSheetColorTests.swift */; }; + OBJ_546 /* UIEdgeInsets+HiddenTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_121 /* UIEdgeInsets+HiddenTests.swift */; }; + OBJ_547 /* UIView+SubviewsTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_122 /* UIView+SubviewsTests.swift */; }; + OBJ_548 /* UIViewController+RootViewControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_123 /* UIViewController+RootViewControllerTests.swift */; }; + OBJ_549 /* CancelButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_126 /* CancelButton+ActionSheetTests.swift */; }; + OBJ_550 /* DestructiveButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_127 /* DestructiveButton+ActionSheetTests.swift */; }; + OBJ_551 /* MenuButtonTests+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */; }; + OBJ_552 /* OkButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_129 /* OkButton+ActionSheetTests.swift */; }; + OBJ_553 /* CollectionItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_131 /* CollectionItem+ActionSheetTests.swift */; }; + OBJ_554 /* CustomItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_132 /* CustomItem+ActionSheetTests.swift */; }; + OBJ_555 /* LinkItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_133 /* LinkItem+ActionSheetTests.swift */; }; + OBJ_556 /* MultiSelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */; }; + OBJ_557 /* MultiSelectToggleItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */; }; + OBJ_558 /* SelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_136 /* SelectItem+ActionSheetTests.swift */; }; + OBJ_559 /* SingleSelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */; }; + OBJ_560 /* MenuItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_138 /* MenuItem+ActionSheetTests.swift */; }; + OBJ_561 /* MenuTitle+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_140 /* MenuTitle+ActionSheetTests.swift */; }; + OBJ_562 /* SectionMargin+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_141 /* SectionMargin+ActionSheetTests.swift */; }; + OBJ_563 /* SectionTitle+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_142 /* SectionTitle+ActionSheetTests.swift */; }; + OBJ_564 /* MockActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_144 /* MockActionSheet.swift */; }; + OBJ_565 /* MockActionSheetAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_145 /* MockActionSheetAppearance.swift */; }; + OBJ_566 /* MockActionSheetPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_146 /* MockActionSheetPresenter.swift */; }; + OBJ_567 /* MockNotificationCenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_147 /* MockNotificationCenter.swift */; }; + OBJ_568 /* MockTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_148 /* MockTableView.swift */; }; + OBJ_569 /* MockViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_149 /* MockViewController.swift */; }; + OBJ_570 /* ActionSheetPopoverPresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_151 /* ActionSheetPopoverPresenterTests.swift */; }; + OBJ_571 /* ActionSheetStandardPresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_152 /* ActionSheetStandardPresenterTests.swift */; }; + OBJ_572 /* ActionSheetBackgroundViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_154 /* ActionSheetBackgroundViewTests.swift */; }; + OBJ_573 /* ActionSheetHeaderContainerViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */; }; + OBJ_574 /* ActionSheetStackViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_156 /* ActionSheetStackViewTests.swift */; }; + OBJ_575 /* ActionSheetTableViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_157 /* ActionSheetTableViewTests.swift */; }; + OBJ_577 /* ActionSheetItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_160 /* ActionSheetItemCellTests.swift */; }; + OBJ_578 /* ActionSheetLinkItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_162 /* ActionSheetLinkItemCellTests.swift */; }; + OBJ_579 /* ActionSheetSelectItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_163 /* ActionSheetSelectItemCellTests.swift */; }; + OBJ_580 /* Menu+AlertControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_165 /* Menu+AlertControllerTests.swift */; }; + OBJ_581 /* MenuItem+AlertControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_166 /* MenuItem+AlertControllerTests.swift */; }; + OBJ_582 /* ContextMenuDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_168 /* ContextMenuDelegateTests.swift */; }; + OBJ_583 /* Menu+ContextMenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_169 /* Menu+ContextMenuTests.swift */; }; + OBJ_584 /* MenuItem+ContextMenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_170 /* MenuItem+ContextMenuTests.swift */; }; + OBJ_586 /* NSObject+ClassNameTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_173 /* NSObject+ClassNameTests.swift */; }; + OBJ_587 /* CancelButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_176 /* CancelButtonTests.swift */; }; + OBJ_588 /* DestructiveButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_177 /* DestructiveButtonTests.swift */; }; + OBJ_589 /* MenuButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_178 /* MenuButtonTests.swift */; }; + OBJ_590 /* OkButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_179 /* OkButtonTests.swift */; }; + OBJ_591 /* CollectionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_181 /* CollectionItemTests.swift */; }; + OBJ_592 /* CustomItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_182 /* CustomItemTests.swift */; }; + OBJ_593 /* LinkItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_183 /* LinkItemTests.swift */; }; + OBJ_594 /* MultiSelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_184 /* MultiSelectItemTests.swift */; }; + OBJ_595 /* MultiSelectToggleItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_185 /* MultiSelectToggleItemTests.swift */; }; + OBJ_596 /* SelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_186 /* SelectItemTests.swift */; }; + OBJ_597 /* SingleSelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_187 /* SingleSelectItemTests.swift */; }; + OBJ_599 /* MenuItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_189 /* MenuItemTests.swift */; }; + OBJ_600 /* MenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_190 /* MenuTests.swift */; }; + OBJ_601 /* MockMenuItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_192 /* MockMenuItem.swift */; }; + OBJ_602 /* MenuTitleTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_194 /* MenuTitleTests.swift */; }; + OBJ_603 /* SectionMarginTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_195 /* SectionMarginTests.swift */; }; + OBJ_604 /* SectionTitleTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_196 /* SectionTitleTests.swift */; }; + OBJ_611 /* Foo.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; }; +/* End PBXBuildFile section */ + +/* Begin PBXContainerItemProxy section */ + 8467041B234A3E9C00355331 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::Foo"; + remoteInfo = Foo; + }; + 84BDF8AF2347D41300D35F93 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::Foo"; + remoteInfo = Foo; + }; + 84BDF8B02347D41500D35F93 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::FooTests"; + remoteInfo = FooTests; + }; +/* End PBXContainerItemProxy section */ + +/* Begin PBXCopyFilesBuildPhase section */ + 8467041D234A3E9C00355331 /* Embed Frameworks */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = ""; + dstSubfolderSpec = 10; + files = ( + 8467041A234A3E9C00355331 /* Foo.framework in Embed Frameworks */, + ); + name = "Embed Frameworks"; + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXCopyFilesBuildPhase section */ + +/* Begin PBXFileReference section */ + 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCells.swift; sourceTree = ""; }; + 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheetPopoverPresenter+PresentationDelegate.swift"; sourceTree = ""; }; + 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheetPopoverPresenter+PresentationDelegateTests.swift"; sourceTree = ""; }; + 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenterBaseTests.swift; sourceTree = ""; }; + 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NonDismissableMenu.swift; sourceTree = ""; }; + 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BackgroundDismissableMenu.swift; sourceTree = ""; }; + 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ContextMenu+Configuration.swift"; sourceTree = ""; }; + 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenu.swift; sourceTree = ""; }; + 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ContextMenu+ConfigurationTests.swift"; sourceTree = ""; }; + 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+Deprecations.swift"; sourceTree = ""; }; + 8422CB78239E1E6800251D31 /* DestructiveItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveItem.swift; sourceTree = ""; }; + 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveItem+ActionSheet.swift"; sourceTree = ""; }; + 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveItem+ActionSheetTests.swift"; sourceTree = ""; }; + 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DemoMultilineItem.swift; sourceTree = ""; }; + 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DemoMultilineItemMenu.swift; sourceTree = ""; }; + 84670397234A3C4500355331 /* FooDemo.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = FooDemo.app; sourceTree = BUILT_PRODUCTS_DIR; }; + 846703A0234A3C4500355331 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = ""; }; + 846703A5234A3C4600355331 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; + 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "FoodOption+ActionSheetItems.swift"; sourceTree = ""; }; + 846703AD234A3CF000355331 /* FoodOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodOption.swift; sourceTree = ""; }; + 846703AE234A3CF000355331 /* MenuOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MenuOption.swift; sourceTree = ""; }; + 846703AF234A3CF000355331 /* AppearanceOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppearanceOption.swift; sourceTree = ""; }; + 846703B0234A3CF000355331 /* ActionSheetOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ActionSheetOption.swift; sourceTree = ""; }; + 846703B1234A3CF000355331 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; + 846703B3234A3CF000355331 /* ViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ViewController.swift; sourceTree = ""; }; + 846703B4234A3CF000355331 /* ViewController+Appearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Appearance.swift"; sourceTree = ""; }; + 846703B5234A3CF000355331 /* ViewController+Menus.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Menus.swift"; sourceTree = ""; }; + 846703B6234A3CF000355331 /* ViewController+Alert.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Alert.swift"; sourceTree = ""; }; + 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+ActionSheets.swift"; sourceTree = ""; }; + 846703B8234A3CF000355331 /* ViewController+TableView.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+TableView.swift"; sourceTree = ""; }; + 846703B9234A3CF000355331 /* ContextMenuViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ContextMenuViewController.swift; sourceTree = ""; }; + 846703BA234A3CF000355331 /* AppearanceViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppearanceViewController.swift; sourceTree = ""; }; + 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoCustomViewCell.swift; sourceTree = ""; }; + 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = DemoCollectionViewCell.xib; sourceTree = ""; }; + 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = DemoCustomViewCell.xib; sourceTree = ""; }; + 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoCollectionViewCell.swift; sourceTree = ""; }; + 846703C0234A3CF000355331 /* AppDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; + 846703C1234A3CF000355331 /* SceneDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SceneDelegate.swift; sourceTree = ""; }; + 846703C3234A3CF000355331 /* DemoAppearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoAppearance.swift; sourceTree = ""; }; + 846703C4234A3CF000355331 /* ColorAppearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ColorAppearance.swift; sourceTree = ""; }; + 846703C5234A3CF000355331 /* DemoFonts.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoFonts.swift; sourceTree = ""; }; + 846703C7234A3CF000355331 /* FoodActionSheet.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodActionSheet.swift; sourceTree = ""; }; + 846703C8234A3CF000355331 /* CollectionActionSheet.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CollectionActionSheet.swift; sourceTree = ""; }; + 846703CB234A3CF100355331 /* title-image.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "title-image.png"; sourceTree = ""; }; + 846703CC234A3CF100355331 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; + 846703CF234A3CF100355331 /* Roboto-Medium.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Medium.ttf"; sourceTree = ""; }; + 846703D0234A3CF100355331 /* Roboto-Light.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Light.ttf"; sourceTree = ""; }; + 846703D1234A3CF100355331 /* Roboto-Regular.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Regular.ttf"; sourceTree = ""; }; + 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-MediumItalic.ttf"; sourceTree = ""; }; + 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-ThinItalic.ttf"; sourceTree = ""; }; + 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-BoldItalic.ttf"; sourceTree = ""; }; + 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-LightItalic.ttf"; sourceTree = ""; }; + 846703D6234A3CF100355331 /* Roboto-Italic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Italic.ttf"; sourceTree = ""; }; + 846703D7234A3CF100355331 /* LICENSE.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = LICENSE.txt; sourceTree = ""; }; + 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-BlackItalic.ttf"; sourceTree = ""; }; + 846703D9234A3CF100355331 /* Roboto-Bold.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Bold.ttf"; sourceTree = ""; }; + 846703DA234A3CF100355331 /* Roboto-Thin.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Thin.ttf"; sourceTree = ""; }; + 846703DB234A3CF100355331 /* Roboto-Black.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Black.ttf"; sourceTree = ""; }; + 846703DD234A3CF100355331 /* FoodMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodMenu.swift; sourceTree = ""; }; + 846703DE234A3CF100355331 /* LinkMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = LinkMenu.swift; sourceTree = ""; }; + 846703DF234A3CF100355331 /* SingleSelectMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SingleSelectMenu.swift; sourceTree = ""; }; + 846703E0234A3CF100355331 /* DestructiveMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DestructiveMenu.swift; sourceTree = ""; }; + 846703E1234A3CF100355331 /* MultiSelectMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MultiSelectMenu.swift; sourceTree = ""; }; + 846703E2234A3CF100355331 /* ItemMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ItemMenu.swift; sourceTree = ""; }; + 846703E3234A3CF100355331 /* CustomMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CustomMenu.swift; sourceTree = ""; }; + 846703E4234A3CF100355331 /* SectionMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SectionMenu.swift; sourceTree = ""; }; + 846703E5234A3CF100355331 /* CollectionMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CollectionMenu.swift; sourceTree = ""; }; + 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenterBase.swift; sourceTree = ""; }; + 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionItem.swift; sourceTree = ""; }; + 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionItemTests.swift; sourceTree = ""; }; + 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SecondaryActionItem+ActionSheet.swift"; sourceTree = ""; }; + 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSecondaryActionItemCell.swift; sourceTree = ""; }; + 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSecondaryActionItemTests.swift; sourceTree = ""; }; + 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SecondaryActionItem+ActionSheetTests.swift"; sourceTree = ""; }; + 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionMenu.swift; sourceTree = ""; }; + 84A24EDC236C84D900DB060C /* MenuCreator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuCreator.swift; sourceTree = ""; }; + 84BDF8B22347D43F00D35F93 /* .swiftlint.yml */ = {isa = PBXFileReference; lastKnownFileType = text.yaml; path = .swiftlint.yml; sourceTree = ""; }; + 84BDF8B32347D43F00D35F93 /* .gitignore */ = {isa = PBXFileReference; lastKnownFileType = text; path = .gitignore; sourceTree = ""; }; + 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Header.swift"; sourceTree = ""; }; + 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Configuration.swift"; sourceTree = ""; }; + 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+ConfigurationTests.swift"; sourceTree = ""; }; + 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Deprecations.swift"; sourceTree = ""; }; + A963E2AF24A9D22900665C6B /* Package.resolved */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = Package.resolved; sourceTree = ""; }; + OBJ_10 /* ActionSheet+Presenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Presenter.swift"; sourceTree = ""; }; + OBJ_100 /* SingleSelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SingleSelectItem.swift; sourceTree = ""; }; + OBJ_101 /* Menu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Menu.swift; sourceTree = ""; }; + OBJ_103 /* MenuItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuItem.swift; sourceTree = ""; }; + OBJ_105 /* MenuTitle.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTitle.swift; sourceTree = ""; }; + OBJ_106 /* SectionMagin.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionMagin.swift; sourceTree = ""; }; + OBJ_107 /* SectionTitle.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionTitle.swift; sourceTree = ""; }; + OBJ_11 /* ActionSheet+Scroll.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Scroll.swift"; sourceTree = ""; }; + OBJ_111 /* ActionSheet+PresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+PresenterTests.swift"; sourceTree = ""; }; + OBJ_112 /* ActionSheetItemHandlerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemHandlerTests.swift; sourceTree = ""; }; + OBJ_113 /* ActionSheetMarginTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMarginTests.swift; sourceTree = ""; }; + OBJ_114 /* ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTests.swift; sourceTree = ""; }; + OBJ_116 /* ActionSheet+AppearanceTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+AppearanceTests.swift"; sourceTree = ""; }; + OBJ_117 /* ActionSheetAppearanceTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetAppearanceTests.swift; sourceTree = ""; }; + OBJ_118 /* ActionSheetColorTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetColorTests.swift; sourceTree = ""; }; + OBJ_119 /* UIColor+ActionSheetColorTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIColor+ActionSheetColorTests.swift"; sourceTree = ""; }; + OBJ_12 /* ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheet.swift; sourceTree = ""; }; + OBJ_121 /* UIEdgeInsets+HiddenTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIEdgeInsets+HiddenTests.swift"; sourceTree = ""; }; + OBJ_122 /* UIView+SubviewsTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIView+SubviewsTests.swift"; sourceTree = ""; }; + OBJ_123 /* UIViewController+RootViewControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+RootViewControllerTests.swift"; sourceTree = ""; }; + OBJ_126 /* CancelButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CancelButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_127 /* DestructiveButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuButtonTests+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_129 /* OkButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "OkButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_13 /* ActionSheetItemHandler.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemHandler.swift; sourceTree = ""; }; + OBJ_131 /* CollectionItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CollectionItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_132 /* CustomItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CustomItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_133 /* LinkItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "LinkItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectToggleItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_136 /* SelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SingleSelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_138 /* MenuItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_14 /* ActionSheetMargin.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMargin.swift; sourceTree = ""; }; + OBJ_140 /* MenuTitle+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuTitle+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_141 /* SectionMargin+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionMargin+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_142 /* SectionTitle+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionTitle+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_144 /* MockActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheet.swift; sourceTree = ""; }; + OBJ_145 /* MockActionSheetAppearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheetAppearance.swift; sourceTree = ""; }; + OBJ_146 /* MockActionSheetPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheetPresenter.swift; sourceTree = ""; }; + OBJ_147 /* MockNotificationCenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockNotificationCenter.swift; sourceTree = ""; }; + OBJ_148 /* MockTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockTableView.swift; sourceTree = ""; }; + OBJ_149 /* MockViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockViewController.swift; sourceTree = ""; }; + OBJ_151 /* ActionSheetPopoverPresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPopoverPresenterTests.swift; sourceTree = ""; }; + OBJ_152 /* ActionSheetStandardPresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStandardPresenterTests.swift; sourceTree = ""; }; + OBJ_154 /* ActionSheetBackgroundViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetBackgroundViewTests.swift; sourceTree = ""; }; + OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetHeaderContainerViewTests.swift; sourceTree = ""; }; + OBJ_156 /* ActionSheetStackViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStackViewTests.swift; sourceTree = ""; }; + OBJ_157 /* ActionSheetTableViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTableViewTests.swift; sourceTree = ""; }; + OBJ_16 /* ActionSheet+Appearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Appearance.swift"; sourceTree = ""; }; + OBJ_160 /* ActionSheetItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCellTests.swift; sourceTree = ""; }; + OBJ_162 /* ActionSheetLinkItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetLinkItemCellTests.swift; sourceTree = ""; }; + OBJ_163 /* ActionSheetSelectItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSelectItemCellTests.swift; sourceTree = ""; }; + OBJ_165 /* Menu+AlertControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+AlertControllerTests.swift"; sourceTree = ""; }; + OBJ_166 /* MenuItem+AlertControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+AlertControllerTests.swift"; sourceTree = ""; }; + OBJ_168 /* ContextMenuDelegateTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegateTests.swift; sourceTree = ""; }; + OBJ_169 /* Menu+ContextMenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+ContextMenuTests.swift"; sourceTree = ""; }; + OBJ_17 /* ActionSheetAppearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetAppearance.swift; sourceTree = ""; }; + OBJ_170 /* MenuItem+ContextMenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ContextMenuTests.swift"; sourceTree = ""; }; + OBJ_173 /* NSObject+ClassNameTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSObject+ClassNameTests.swift"; sourceTree = ""; }; + OBJ_176 /* CancelButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CancelButtonTests.swift; sourceTree = ""; }; + OBJ_177 /* DestructiveButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveButtonTests.swift; sourceTree = ""; }; + OBJ_178 /* MenuButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuButtonTests.swift; sourceTree = ""; }; + OBJ_179 /* OkButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OkButtonTests.swift; sourceTree = ""; }; + OBJ_18 /* ActionSheetColor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetColor.swift; sourceTree = ""; }; + OBJ_181 /* CollectionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CollectionItemTests.swift; sourceTree = ""; }; + OBJ_182 /* CustomItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomItemTests.swift; sourceTree = ""; }; + OBJ_183 /* LinkItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LinkItemTests.swift; sourceTree = ""; }; + OBJ_184 /* MultiSelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectItemTests.swift; sourceTree = ""; }; + OBJ_185 /* MultiSelectToggleItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectToggleItemTests.swift; sourceTree = ""; }; + OBJ_186 /* SelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SelectItemTests.swift; sourceTree = ""; }; + OBJ_187 /* SingleSelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SingleSelectItemTests.swift; sourceTree = ""; }; + OBJ_189 /* MenuItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuItemTests.swift; sourceTree = ""; }; + OBJ_19 /* UIColor+ActionSheetColor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIColor+ActionSheetColor.swift"; sourceTree = ""; }; + OBJ_190 /* MenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTests.swift; sourceTree = ""; }; + OBJ_192 /* MockMenuItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockMenuItem.swift; sourceTree = ""; }; + OBJ_194 /* MenuTitleTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTitleTests.swift; sourceTree = ""; }; + OBJ_195 /* SectionMarginTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionMarginTests.swift; sourceTree = ""; }; + OBJ_196 /* SectionTitleTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionTitleTests.swift; sourceTree = ""; }; + OBJ_21 /* UIEdgeInsets+Hidden.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIEdgeInsets+Hidden.swift"; sourceTree = ""; }; + OBJ_22 /* UIView+Subviews.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIView+Subviews.swift"; sourceTree = ""; }; + OBJ_23 /* UIViewController+RootViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+RootViewController.swift"; sourceTree = ""; }; + OBJ_26 /* CancelButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CancelButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_27 /* DestructiveButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_28 /* MenuButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_29 /* OkButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "OkButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_304 /* Resources */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Resources; sourceTree = SOURCE_ROOT; }; + OBJ_306 /* Fastlane */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Fastlane; sourceTree = SOURCE_ROOT; }; + OBJ_307 /* Readmes */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Readmes; sourceTree = SOURCE_ROOT; }; + OBJ_308 /* LICENSE */ = {isa = PBXFileReference; lastKnownFileType = text; path = LICENSE; sourceTree = ""; }; + OBJ_309 /* Foo.podspec */ = {isa = PBXFileReference; lastKnownFileType = text; path = Foo.podspec; sourceTree = ""; }; + OBJ_31 /* CollectionItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CollectionItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_310 /* README.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = ""; }; + OBJ_311 /* RELEASE_NOTES.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = RELEASE_NOTES.md; sourceTree = ""; }; + OBJ_32 /* CustomItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CustomItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_33 /* LinkItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "LinkItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_34 /* MultiSelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectToggleItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_36 /* SelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_37 /* SingleSelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SingleSelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_38 /* Menu+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+ActionSheet.swift"; sourceTree = ""; }; + OBJ_39 /* MenuItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_41 /* MenuTitle+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuTitle+ActionSheet.swift"; sourceTree = ""; }; + OBJ_42 /* SectionMargin+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionMargin+ActionSheet.swift"; sourceTree = ""; }; + OBJ_43 /* SectionTitle+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionTitle+ActionSheet.swift"; sourceTree = ""; }; + OBJ_45 /* ActionSheetPopoverPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPopoverPresenter.swift; sourceTree = ""; }; + OBJ_46 /* ActionSheetPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenter.swift; sourceTree = ""; }; + OBJ_47 /* ActionSheetStandardPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStandardPresenter.swift; sourceTree = ""; }; + OBJ_49 /* ActionSheetBackgroundView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetBackgroundView.swift; sourceTree = ""; }; + OBJ_50 /* ActionSheetButtonTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetButtonTableView.swift; sourceTree = ""; }; + OBJ_51 /* ActionSheetHeaderContainerView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetHeaderContainerView.swift; sourceTree = ""; }; + OBJ_52 /* ActionSheetItemTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemTableView.swift; sourceTree = ""; }; + OBJ_53 /* ActionSheetStackView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStackView.swift; sourceTree = ""; }; + OBJ_54 /* ActionSheetTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTableView.swift; sourceTree = ""; }; + OBJ_57 /* ActionSheetItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCell.swift; sourceTree = ""; }; + OBJ_6 /* Package.swift */ = {isa = PBXFileReference; explicitFileType = sourcecode.swift; path = Package.swift; sourceTree = ""; }; + OBJ_63 /* ActionSheetCollectionItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetCollectionItemCell.swift; sourceTree = ""; }; + OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetCollectionItemCellHandler.swift; sourceTree = ""; }; + OBJ_65 /* ActionSheetLinkItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetLinkItemCell.swift; sourceTree = ""; }; + OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMultiSelectToggleItemCell.swift; sourceTree = ""; }; + OBJ_68 /* ActionSheetSelectItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSelectItemCell.swift; sourceTree = ""; }; + OBJ_75 /* AlertControllerConversionError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AlertControllerConversionError.swift; sourceTree = ""; }; + OBJ_76 /* Menu+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+AlertController.swift"; sourceTree = ""; }; + OBJ_77 /* MenuItem+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+AlertController.swift"; sourceTree = ""; }; + OBJ_78 /* UIViewController+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+AlertController.swift"; sourceTree = ""; }; + OBJ_80 /* ContextMenuConversionError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuConversionError.swift; sourceTree = ""; }; + OBJ_81 /* ContextMenuDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegate.swift; sourceTree = ""; }; + OBJ_82 /* ContextMenuDelegateRetainer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegateRetainer.swift; sourceTree = ""; }; + OBJ_83 /* MenuCreator+ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuCreator+ContextMenu.swift"; sourceTree = ""; }; + OBJ_84 /* MenuItem+ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ContextMenu.swift"; sourceTree = ""; }; + OBJ_86 /* NSObject+ClassName.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSObject+ClassName.swift"; sourceTree = ""; }; + OBJ_89 /* CancelButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CancelButton.swift; sourceTree = ""; }; + OBJ_90 /* DestructiveButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveButton.swift; sourceTree = ""; }; + OBJ_91 /* MenuButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuButton.swift; sourceTree = ""; }; + OBJ_92 /* OkButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OkButton.swift; sourceTree = ""; }; + OBJ_94 /* CollectionItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CollectionItem.swift; sourceTree = ""; }; + OBJ_95 /* CustomItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomItem.swift; sourceTree = ""; }; + OBJ_96 /* LinkItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LinkItem.swift; sourceTree = ""; }; + OBJ_97 /* MultiSelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectItem.swift; sourceTree = ""; }; + OBJ_98 /* MultiSelectToggleItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectToggleItem.swift; sourceTree = ""; }; + OBJ_99 /* SelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SelectItem.swift; sourceTree = ""; }; + "Foo::Foo::Product" /* Foo.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; path = Foo.framework; sourceTree = BUILT_PRODUCTS_DIR; }; + "Foo::FooTests::Product" /* FooTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; path = FooTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + 84670394234A3C4500355331 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 84670419234A3E9C00355331 /* Foo.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_521 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 0; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_606 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 0; + files = ( + 84D3AF312434B1510007BE9B /* Nimble in Frameworks */, + A9FA9D3A26A17AC40047114E /* MockingKit in Frameworks */, + 84D3AF2E2434B1420007BE9B /* Quick in Frameworks */, + OBJ_611 /* Foo.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 8422CB77239DCC6900251D31 /* Deprecations */ = { + isa = PBXGroup; + children = ( + 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */, + 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */, + ); + path = Deprecations; + sourceTree = ""; + }; + 84670398234A3C4500355331 /* FooDemo */ = { + isa = PBXGroup; + children = ( + 846703C6234A3CF000355331 /* ActionSheets */, + 84670417234A3D0800355331 /* App */, + 846703C2234A3CF000355331 /* Appearance */, + 846703C9234A3CF100355331 /* Assets */, + 846703BB234A3CF000355331 /* Items */, + 846703DC234A3CF100355331 /* Menus */, + 846703AB234A3CF000355331 /* Options */, + 846703B2234A3CF000355331 /* ViewControllers */, + ); + path = FooDemo; + sourceTree = ""; + }; + 846703AB234A3CF000355331 /* Options */ = { + isa = PBXGroup; + children = ( + 846703B0234A3CF000355331 /* ActionSheetOption.swift */, + 846703AF234A3CF000355331 /* AppearanceOption.swift */, + 846703AD234A3CF000355331 /* FoodOption.swift */, + 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */, + 846703AE234A3CF000355331 /* MenuOption.swift */, + ); + path = Options; + sourceTree = ""; + }; + 846703B2234A3CF000355331 /* ViewControllers */ = { + isa = PBXGroup; + children = ( + 846703BA234A3CF000355331 /* AppearanceViewController.swift */, + 846703B9234A3CF000355331 /* ContextMenuViewController.swift */, + 846703B3234A3CF000355331 /* ViewController.swift */, + 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */, + 846703B6234A3CF000355331 /* ViewController+Alert.swift */, + 846703B4234A3CF000355331 /* ViewController+Appearance.swift */, + 846703B5234A3CF000355331 /* ViewController+Menus.swift */, + 846703B8234A3CF000355331 /* ViewController+TableView.swift */, + ); + path = ViewControllers; + sourceTree = ""; + }; + 846703BB234A3CF000355331 /* Items */ = { + isa = PBXGroup; + children = ( + 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */, + 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */, + 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */, + 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */, + 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */, + ); + path = Items; + sourceTree = ""; + }; + 846703C2234A3CF000355331 /* Appearance */ = { + isa = PBXGroup; + children = ( + 846703C4234A3CF000355331 /* ColorAppearance.swift */, + 846703C3234A3CF000355331 /* DemoAppearance.swift */, + 846703C5234A3CF000355331 /* DemoFonts.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + 846703C6234A3CF000355331 /* ActionSheets */ = { + isa = PBXGroup; + children = ( + 846703C7234A3CF000355331 /* FoodActionSheet.swift */, + 846703C8234A3CF000355331 /* CollectionActionSheet.swift */, + ); + path = ActionSheets; + sourceTree = ""; + }; + 846703C9234A3CF100355331 /* Assets */ = { + isa = PBXGroup; + children = ( + 846703CA234A3CF100355331 /* Images */, + 846703CC234A3CF100355331 /* Assets.xcassets */, + 846703CD234A3CF100355331 /* Fonts */, + ); + path = Assets; + sourceTree = ""; + }; + 846703CA234A3CF100355331 /* Images */ = { + isa = PBXGroup; + children = ( + 846703CB234A3CF100355331 /* title-image.png */, + ); + path = Images; + sourceTree = ""; + }; + 846703CD234A3CF100355331 /* Fonts */ = { + isa = PBXGroup; + children = ( + 846703CE234A3CF100355331 /* Roboto */, + ); + path = Fonts; + sourceTree = ""; + }; + 846703CE234A3CF100355331 /* Roboto */ = { + isa = PBXGroup; + children = ( + 846703CF234A3CF100355331 /* Roboto-Medium.ttf */, + 846703D0234A3CF100355331 /* Roboto-Light.ttf */, + 846703D1234A3CF100355331 /* Roboto-Regular.ttf */, + 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */, + 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */, + 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */, + 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */, + 846703D6234A3CF100355331 /* Roboto-Italic.ttf */, + 846703D7234A3CF100355331 /* LICENSE.txt */, + 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */, + 846703D9234A3CF100355331 /* Roboto-Bold.ttf */, + 846703DA234A3CF100355331 /* Roboto-Thin.ttf */, + 846703DB234A3CF100355331 /* Roboto-Black.ttf */, + ); + path = Roboto; + sourceTree = ""; + }; + 846703DC234A3CF100355331 /* Menus */ = { + isa = PBXGroup; + children = ( + 846703DD234A3CF100355331 /* FoodMenu.swift */, + 846703E2234A3CF100355331 /* ItemMenu.swift */, + 846703E5234A3CF100355331 /* CollectionMenu.swift */, + 846703E3234A3CF100355331 /* CustomMenu.swift */, + 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */, + 846703E0234A3CF100355331 /* DestructiveMenu.swift */, + 846703DE234A3CF100355331 /* LinkMenu.swift */, + 846703E1234A3CF100355331 /* MultiSelectMenu.swift */, + 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */, + 846703E4234A3CF100355331 /* SectionMenu.swift */, + 846703DF234A3CF100355331 /* SingleSelectMenu.swift */, + 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */, + 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */, + ); + path = Menus; + sourceTree = ""; + }; + 84670417234A3D0800355331 /* App */ = { + isa = PBXGroup; + children = ( + 846703C0234A3CF000355331 /* AppDelegate.swift */, + 846703B1234A3CF000355331 /* Info.plist */, + 846703C1234A3CF000355331 /* SceneDelegate.swift */, + 8467039F234A3C4500355331 /* Main.storyboard */, + 846703A4234A3C4600355331 /* LaunchScreen.storyboard */, + ); + name = App; + sourceTree = ""; + }; + 84670418234A3E9C00355331 /* Frameworks */ = { + isa = PBXGroup; + children = ( + ); + name = Frameworks; + sourceTree = ""; + }; + 84BDF8B12347D42700D35F93 /* Project Files */ = { + isa = PBXGroup; + children = ( + A963E2AF24A9D22900665C6B /* Package.resolved */, + 84BDF8B32347D43F00D35F93 /* .gitignore */, + 84BDF8B22347D43F00D35F93 /* .swiftlint.yml */, + OBJ_308 /* LICENSE */, + OBJ_309 /* Foo.podspec */, + OBJ_310 /* README.md */, + OBJ_311 /* RELEASE_NOTES.md */, + ); + name = "Project Files"; + sourceTree = ""; + }; + OBJ_104 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_105 /* MenuTitle.swift */, + OBJ_106 /* SectionMagin.swift */, + OBJ_107 /* SectionTitle.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_108 /* Tests */ = { + isa = PBXGroup; + children = ( + OBJ_109 /* FooTests */, + ); + name = Tests; + sourceTree = SOURCE_ROOT; + }; + OBJ_109 /* FooTests */ = { + isa = PBXGroup; + children = ( + OBJ_110 /* ActionSheet */, + OBJ_164 /* AlertController */, + OBJ_167 /* ContextMenu */, + OBJ_172 /* Extensions */, + OBJ_174 /* Menu */, + ); + name = FooTests; + path = Tests/FooTests; + sourceTree = SOURCE_ROOT; + }; + OBJ_110 /* ActionSheet */ = { + isa = PBXGroup; + children = ( + OBJ_115 /* Appearance */, + OBJ_158 /* Cells */, + OBJ_120 /* Extensions */, + OBJ_124 /* Menu */, + OBJ_143 /* Mocks */, + OBJ_150 /* Presenters */, + OBJ_153 /* Views */, + 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */, + OBJ_111 /* ActionSheet+PresenterTests.swift */, + OBJ_112 /* ActionSheetItemHandlerTests.swift */, + OBJ_113 /* ActionSheetMarginTests.swift */, + OBJ_114 /* ActionSheetTests.swift */, + ); + path = ActionSheet; + sourceTree = ""; + }; + OBJ_115 /* Appearance */ = { + isa = PBXGroup; + children = ( + OBJ_116 /* ActionSheet+AppearanceTests.swift */, + OBJ_117 /* ActionSheetAppearanceTests.swift */, + OBJ_118 /* ActionSheetColorTests.swift */, + OBJ_119 /* UIColor+ActionSheetColorTests.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + OBJ_120 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_121 /* UIEdgeInsets+HiddenTests.swift */, + OBJ_122 /* UIView+SubviewsTests.swift */, + OBJ_123 /* UIViewController+RootViewControllerTests.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_124 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_138 /* MenuItem+ActionSheetTests.swift */, + OBJ_125 /* Buttons */, + OBJ_130 /* Items */, + OBJ_139 /* Titles */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_125 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_126 /* CancelButton+ActionSheetTests.swift */, + OBJ_127 /* DestructiveButton+ActionSheetTests.swift */, + OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */, + OBJ_129 /* OkButton+ActionSheetTests.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_130 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_131 /* CollectionItem+ActionSheetTests.swift */, + OBJ_132 /* CustomItem+ActionSheetTests.swift */, + 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */, + OBJ_133 /* LinkItem+ActionSheetTests.swift */, + OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */, + OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */, + 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */, + OBJ_136 /* SelectItem+ActionSheetTests.swift */, + OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_139 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_140 /* MenuTitle+ActionSheetTests.swift */, + OBJ_141 /* SectionMargin+ActionSheetTests.swift */, + OBJ_142 /* SectionTitle+ActionSheetTests.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_143 /* Mocks */ = { + isa = PBXGroup; + children = ( + OBJ_144 /* MockActionSheet.swift */, + OBJ_145 /* MockActionSheetAppearance.swift */, + OBJ_146 /* MockActionSheetPresenter.swift */, + OBJ_147 /* MockNotificationCenter.swift */, + OBJ_148 /* MockTableView.swift */, + OBJ_149 /* MockViewController.swift */, + ); + path = Mocks; + sourceTree = ""; + }; + OBJ_15 /* Appearance */ = { + isa = PBXGroup; + children = ( + OBJ_16 /* ActionSheet+Appearance.swift */, + OBJ_17 /* ActionSheetAppearance.swift */, + OBJ_18 /* ActionSheetColor.swift */, + OBJ_19 /* UIColor+ActionSheetColor.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + OBJ_150 /* Presenters */ = { + isa = PBXGroup; + children = ( + OBJ_151 /* ActionSheetPopoverPresenterTests.swift */, + 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */, + OBJ_152 /* ActionSheetStandardPresenterTests.swift */, + 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */, + ); + path = Presenters; + sourceTree = ""; + }; + OBJ_153 /* Views */ = { + isa = PBXGroup; + children = ( + OBJ_154 /* ActionSheetBackgroundViewTests.swift */, + OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */, + OBJ_156 /* ActionSheetStackViewTests.swift */, + OBJ_157 /* ActionSheetTableViewTests.swift */, + ); + path = Views; + sourceTree = ""; + }; + OBJ_158 /* Cells */ = { + isa = PBXGroup; + children = ( + OBJ_160 /* ActionSheetItemCellTests.swift */, + OBJ_162 /* ActionSheetLinkItemCellTests.swift */, + OBJ_163 /* ActionSheetSelectItemCellTests.swift */, + 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */, + ); + path = Cells; + sourceTree = ""; + }; + OBJ_164 /* AlertController */ = { + isa = PBXGroup; + children = ( + OBJ_165 /* Menu+AlertControllerTests.swift */, + OBJ_166 /* MenuItem+AlertControllerTests.swift */, + ); + path = AlertController; + sourceTree = ""; + }; + OBJ_167 /* ContextMenu */ = { + isa = PBXGroup; + children = ( + 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */, + OBJ_168 /* ContextMenuDelegateTests.swift */, + OBJ_169 /* Menu+ContextMenuTests.swift */, + OBJ_170 /* MenuItem+ContextMenuTests.swift */, + ); + path = ContextMenu; + sourceTree = ""; + }; + OBJ_172 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_173 /* NSObject+ClassNameTests.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_174 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_175 /* Buttons */, + OBJ_180 /* Items */, + OBJ_191 /* Mocks */, + OBJ_193 /* Titles */, + OBJ_189 /* MenuItemTests.swift */, + OBJ_190 /* MenuTests.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_175 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_176 /* CancelButtonTests.swift */, + OBJ_177 /* DestructiveButtonTests.swift */, + OBJ_178 /* MenuButtonTests.swift */, + OBJ_179 /* OkButtonTests.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_180 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_181 /* CollectionItemTests.swift */, + OBJ_182 /* CustomItemTests.swift */, + OBJ_183 /* LinkItemTests.swift */, + OBJ_184 /* MultiSelectItemTests.swift */, + OBJ_185 /* MultiSelectToggleItemTests.swift */, + OBJ_186 /* SelectItemTests.swift */, + OBJ_187 /* SingleSelectItemTests.swift */, + 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_191 /* Mocks */ = { + isa = PBXGroup; + children = ( + OBJ_192 /* MockMenuItem.swift */, + ); + path = Mocks; + sourceTree = ""; + }; + OBJ_193 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_194 /* MenuTitleTests.swift */, + OBJ_195 /* SectionMarginTests.swift */, + OBJ_196 /* SectionTitleTests.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_20 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_21 /* UIEdgeInsets+Hidden.swift */, + OBJ_22 /* UIView+Subviews.swift */, + OBJ_23 /* UIViewController+RootViewController.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_24 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_25 /* Buttons */, + OBJ_30 /* Items */, + OBJ_40 /* Titles */, + OBJ_38 /* Menu+ActionSheet.swift */, + OBJ_39 /* MenuItem+ActionSheet.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_25 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_26 /* CancelButton+ActionSheet.swift */, + OBJ_27 /* DestructiveButton+ActionSheet.swift */, + OBJ_28 /* MenuButton+ActionSheet.swift */, + OBJ_29 /* OkButton+ActionSheet.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_297 /* Products */ = { + isa = PBXGroup; + children = ( + "Foo::Foo::Product" /* Foo.framework */, + "Foo::FooTests::Product" /* FooTests.xctest */, + 84670397234A3C4500355331 /* FooDemo.app */, + ); + name = Products; + sourceTree = BUILT_PRODUCTS_DIR; + }; + OBJ_30 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_31 /* CollectionItem+ActionSheet.swift */, + OBJ_32 /* CustomItem+ActionSheet.swift */, + 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */, + OBJ_33 /* LinkItem+ActionSheet.swift */, + OBJ_34 /* MultiSelectItem+ActionSheet.swift */, + OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */, + 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */, + OBJ_36 /* SelectItem+ActionSheet.swift */, + OBJ_37 /* SingleSelectItem+ActionSheet.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_40 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_41 /* MenuTitle+ActionSheet.swift */, + OBJ_42 /* SectionMargin+ActionSheet.swift */, + OBJ_43 /* SectionTitle+ActionSheet.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_44 /* Presenters */ = { + isa = PBXGroup; + children = ( + OBJ_45 /* ActionSheetPopoverPresenter.swift */, + 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */, + OBJ_46 /* ActionSheetPresenter.swift */, + 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */, + OBJ_47 /* ActionSheetStandardPresenter.swift */, + ); + path = Presenters; + sourceTree = ""; + }; + OBJ_48 /* Views */ = { + isa = PBXGroup; + children = ( + OBJ_49 /* ActionSheetBackgroundView.swift */, + OBJ_50 /* ActionSheetButtonTableView.swift */, + OBJ_51 /* ActionSheetHeaderContainerView.swift */, + OBJ_52 /* ActionSheetItemTableView.swift */, + OBJ_53 /* ActionSheetStackView.swift */, + OBJ_54 /* ActionSheetTableView.swift */, + ); + path = Views; + sourceTree = ""; + }; + OBJ_5 = { + isa = PBXGroup; + children = ( + OBJ_6 /* Package.swift */, + OBJ_7 /* Sources */, + OBJ_108 /* Tests */, + 84670398234A3C4500355331 /* FooDemo */, + OBJ_297 /* Products */, + OBJ_304 /* Resources */, + OBJ_306 /* Fastlane */, + OBJ_307 /* Readmes */, + 84BDF8B12347D42700D35F93 /* Project Files */, + 84670418234A3E9C00355331 /* Frameworks */, + ); + sourceTree = ""; + }; + OBJ_55 /* Cells */ = { + isa = PBXGroup; + children = ( + OBJ_63 /* ActionSheetCollectionItemCell.swift */, + OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */, + OBJ_57 /* ActionSheetItemCell.swift */, + 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */, + OBJ_65 /* ActionSheetLinkItemCell.swift */, + OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */, + 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */, + OBJ_68 /* ActionSheetSelectItemCell.swift */, + ); + path = Cells; + sourceTree = ""; + }; + OBJ_7 /* Sources */ = { + isa = PBXGroup; + children = ( + OBJ_8 /* Foo */, + ); + name = Sources; + sourceTree = SOURCE_ROOT; + }; + OBJ_74 /* AlertController */ = { + isa = PBXGroup; + children = ( + OBJ_75 /* AlertControllerConversionError.swift */, + OBJ_76 /* Menu+AlertController.swift */, + OBJ_77 /* MenuItem+AlertController.swift */, + OBJ_78 /* UIViewController+AlertController.swift */, + ); + path = AlertController; + sourceTree = ""; + }; + OBJ_79 /* ContextMenu */ = { + isa = PBXGroup; + children = ( + 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */, + 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */, + OBJ_80 /* ContextMenuConversionError.swift */, + OBJ_81 /* ContextMenuDelegate.swift */, + OBJ_82 /* ContextMenuDelegateRetainer.swift */, + OBJ_83 /* MenuCreator+ContextMenu.swift */, + OBJ_84 /* MenuItem+ContextMenu.swift */, + ); + path = ContextMenu; + sourceTree = ""; + }; + OBJ_8 /* Foo */ = { + isa = PBXGroup; + children = ( + OBJ_9 /* ActionSheet */, + OBJ_74 /* AlertController */, + OBJ_79 /* ContextMenu */, + 8422CB77239DCC6900251D31 /* Deprecations */, + OBJ_85 /* Extensions */, + OBJ_87 /* Menu */, + ); + name = Foo; + path = Sources/Foo; + sourceTree = SOURCE_ROOT; + }; + OBJ_85 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_86 /* NSObject+ClassName.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_87 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_88 /* Buttons */, + OBJ_93 /* Items */, + OBJ_104 /* Titles */, + OBJ_101 /* Menu.swift */, + 84A24EDC236C84D900DB060C /* MenuCreator.swift */, + OBJ_103 /* MenuItem.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_88 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_89 /* CancelButton.swift */, + OBJ_90 /* DestructiveButton.swift */, + OBJ_91 /* MenuButton.swift */, + OBJ_92 /* OkButton.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_9 /* ActionSheet */ = { + isa = PBXGroup; + children = ( + OBJ_15 /* Appearance */, + OBJ_55 /* Cells */, + OBJ_20 /* Extensions */, + OBJ_24 /* Menu */, + OBJ_44 /* Presenters */, + OBJ_48 /* Views */, + OBJ_12 /* ActionSheet.swift */, + 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */, + OBJ_10 /* ActionSheet+Presenter.swift */, + OBJ_11 /* ActionSheet+Scroll.swift */, + 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */, + OBJ_13 /* ActionSheetItemHandler.swift */, + OBJ_14 /* ActionSheetMargin.swift */, + ); + path = ActionSheet; + sourceTree = ""; + }; + OBJ_93 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_94 /* CollectionItem.swift */, + OBJ_95 /* CustomItem.swift */, + 8422CB78239E1E6800251D31 /* DestructiveItem.swift */, + OBJ_96 /* LinkItem.swift */, + OBJ_97 /* MultiSelectItem.swift */, + OBJ_98 /* MultiSelectToggleItem.swift */, + 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */, + OBJ_99 /* SelectItem.swift */, + OBJ_100 /* SingleSelectItem.swift */, + ); + path = Items; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + 84670396234A3C4500355331 /* FooDemo */ = { + isa = PBXNativeTarget; + buildConfigurationList = 846703AA234A3C4600355331 /* Build configuration list for PBXNativeTarget "FooDemo" */; + buildPhases = ( + 84670393234A3C4500355331 /* Sources */, + 84670394234A3C4500355331 /* Frameworks */, + 84670395234A3C4500355331 /* Resources */, + 8467041D234A3E9C00355331 /* Embed Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + 8467041C234A3E9C00355331 /* PBXTargetDependency */, + ); + name = FooDemo; + productName = FooDemo; + productReference = 84670397234A3C4500355331 /* FooDemo.app */; + productType = "com.apple.product-type.application"; + }; + "Foo::Foo" /* Foo */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_438 /* Build configuration list for PBXNativeTarget "Foo" */; + buildPhases = ( + OBJ_441 /* Sources */, + OBJ_521 /* Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = Foo; + productName = Foo; + productReference = "Foo::Foo::Product" /* Foo.framework */; + productType = "com.apple.product-type.framework"; + }; + "Foo::FooTests" /* FooTests */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_534 /* Build configuration list for PBXNativeTarget "FooTests" */; + buildPhases = ( + OBJ_537 /* Sources */, + OBJ_606 /* Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + OBJ_616 /* PBXTargetDependency */, + ); + name = FooTests; + packageProductDependencies = ( + 84D3AF2D2434B1420007BE9B /* Quick */, + 84D3AF302434B1510007BE9B /* Nimble */, + A9FA9D3926A17AC40047114E /* MockingKit */, + ); + productName = FooTests; + productReference = "Foo::FooTests::Product" /* FooTests.xctest */; + productType = "com.apple.product-type.bundle.unit-test"; + }; + "Foo::SwiftPMPackageDescription" /* FooPackageDescription */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_523 /* Build configuration list for PBXNativeTarget "FooPackageDescription" */; + buildPhases = ( + OBJ_526 /* Sources */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = FooPackageDescription; + productName = FooPackageDescription; + productType = "com.apple.product-type.framework"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + OBJ_1 /* Project object */ = { + isa = PBXProject; + attributes = { + LastSwiftMigration = 9999; + LastSwiftUpdateCheck = 1100; + LastUpgradeCheck = 9999; + ORGANIZATIONNAME = "Daniel Saidi"; + TargetAttributes = { + 84670396234A3C4500355331 = { + CreatedOnToolsVersion = 11.0; + DevelopmentTeam = PMEDFW438U; + LastSwiftMigration = 1100; + ProvisioningStyle = Automatic; + }; + }; + }; + buildConfigurationList = OBJ_2 /* Build configuration list for PBXProject "Foo" */; + compatibilityVersion = "Xcode 3.2"; + developmentRegion = en; + hasScannedForEncodings = 0; + knownRegions = ( + en, + Base, + ); + mainGroup = OBJ_5; + packageReferences = ( + 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */, + 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */, + A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */, + ); + productRefGroup = OBJ_297 /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + "Foo::Foo" /* Foo */, + "Foo::SwiftPMPackageDescription" /* FooPackageDescription */, + "Foo::FooPackageTests::ProductTarget" /* FooPackageTests */, + "Foo::FooTests" /* FooTests */, + 84670396234A3C4500355331 /* FooDemo */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXResourcesBuildPhase section */ + 84670395234A3C4500355331 /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 84670405234A3CF100355331 /* Roboto-ThinItalic.ttf in Resources */, + 84670401234A3CF100355331 /* Roboto-Medium.ttf in Resources */, + 8467040A234A3CF100355331 /* Roboto-BlackItalic.ttf in Resources */, + 84670407234A3CF100355331 /* Roboto-LightItalic.ttf in Resources */, + 846703FF234A3CF100355331 /* title-image.png in Resources */, + 84670403234A3CF100355331 /* Roboto-Regular.ttf in Resources */, + 84670406234A3CF100355331 /* Roboto-BoldItalic.ttf in Resources */, + 8467040D234A3CF100355331 /* Roboto-Black.ttf in Resources */, + 846703A6234A3C4600355331 /* LaunchScreen.storyboard in Resources */, + 84670408234A3CF100355331 /* Roboto-Italic.ttf in Resources */, + 846703A1234A3C4500355331 /* Main.storyboard in Resources */, + 84670400234A3CF100355331 /* Assets.xcassets in Resources */, + 846703F6234A3CF100355331 /* DemoCustomViewCell.xib in Resources */, + 84670409234A3CF100355331 /* LICENSE.txt in Resources */, + 8467040C234A3CF100355331 /* Roboto-Thin.ttf in Resources */, + 8467040B234A3CF100355331 /* Roboto-Bold.ttf in Resources */, + 846703F5234A3CF100355331 /* DemoCollectionViewCell.xib in Resources */, + 84670404234A3CF100355331 /* Roboto-MediumItalic.ttf in Resources */, + 84670402234A3CF100355331 /* Roboto-Light.ttf in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXResourcesBuildPhase section */ + +/* Begin PBXSourcesBuildPhase section */ + 84670393234A3C4500355331 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 846703EF234A3CF100355331 /* ViewController+Alert.swift in Sources */, + 846703F7234A3CF100355331 /* DemoCollectionViewCell.swift in Sources */, + 846703ED234A3CF100355331 /* ViewController+Appearance.swift in Sources */, + 846703EC234A3CF100355331 /* ViewController.swift in Sources */, + 8467040F234A3CF100355331 /* LinkMenu.swift in Sources */, + 84670412234A3CF100355331 /* MultiSelectMenu.swift in Sources */, + 843C3B1925271FEC0055BFE6 /* DemoMultilineItemMenu.swift in Sources */, + 846703F2234A3CF100355331 /* ContextMenuViewController.swift in Sources */, + 846703EA234A3CF100355331 /* ActionSheetOption.swift in Sources */, + 84670410234A3CF100355331 /* SingleSelectMenu.swift in Sources */, + 846703E7234A3CF100355331 /* FoodOption.swift in Sources */, + 846703F9234A3CF100355331 /* SceneDelegate.swift in Sources */, + 846703FB234A3CF100355331 /* ColorAppearance.swift in Sources */, + 84670416234A3CF100355331 /* CollectionMenu.swift in Sources */, + 8422CB6A239DC2C400251D31 /* BackgroundDismissableMenu.swift in Sources */, + 84670415234A3CF100355331 /* SectionMenu.swift in Sources */, + 84670411234A3CF100355331 /* DestructiveMenu.swift in Sources */, + 84A24EDB236C72C900DB060C /* SecondaryActionMenu.swift in Sources */, + 846703E8234A3CF100355331 /* MenuOption.swift in Sources */, + 846703F8234A3CF100355331 /* AppDelegate.swift in Sources */, + 843C3B0F25271DE30055BFE6 /* DemoMultilineItem.swift in Sources */, + 8422CB68239DC27500251D31 /* NonDismissableMenu.swift in Sources */, + 846703FE234A3CF100355331 /* CollectionActionSheet.swift in Sources */, + 846703F3234A3CF100355331 /* AppearanceViewController.swift in Sources */, + 84670413234A3CF100355331 /* ItemMenu.swift in Sources */, + 846703F4234A3CF100355331 /* DemoCustomViewCell.swift in Sources */, + 846703FA234A3CF100355331 /* DemoAppearance.swift in Sources */, + 846703E6234A3CF100355331 /* FoodOption+ActionSheetItems.swift in Sources */, + 8467040E234A3CF100355331 /* FoodMenu.swift in Sources */, + 846703E9234A3CF100355331 /* AppearanceOption.swift in Sources */, + 84670414234A3CF100355331 /* CustomMenu.swift in Sources */, + 846703F0234A3CF100355331 /* ViewController+ActionSheets.swift in Sources */, + 846703FD234A3CF100355331 /* FoodActionSheet.swift in Sources */, + 846703FC234A3CF100355331 /* DemoFonts.swift in Sources */, + 846703F1234A3CF100355331 /* ViewController+TableView.swift in Sources */, + 846703EE234A3CF100355331 /* ViewController+Menus.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_441 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_442 /* ActionSheet+Presenter.swift in Sources */, + OBJ_443 /* ActionSheet+Scroll.swift in Sources */, + OBJ_444 /* ActionSheet.swift in Sources */, + OBJ_445 /* ActionSheetItemHandler.swift in Sources */, + OBJ_446 /* ActionSheetMargin.swift in Sources */, + OBJ_447 /* ActionSheet+Appearance.swift in Sources */, + OBJ_448 /* ActionSheetAppearance.swift in Sources */, + OBJ_449 /* ActionSheetColor.swift in Sources */, + OBJ_450 /* UIColor+ActionSheetColor.swift in Sources */, + OBJ_451 /* UIEdgeInsets+Hidden.swift in Sources */, + OBJ_452 /* UIView+Subviews.swift in Sources */, + OBJ_453 /* UIViewController+RootViewController.swift in Sources */, + OBJ_454 /* CancelButton+ActionSheet.swift in Sources */, + OBJ_455 /* DestructiveButton+ActionSheet.swift in Sources */, + OBJ_456 /* MenuButton+ActionSheet.swift in Sources */, + OBJ_457 /* OkButton+ActionSheet.swift in Sources */, + 84F64BA3239D9630000290D1 /* ActionSheet+Configuration.swift in Sources */, + OBJ_458 /* CollectionItem+ActionSheet.swift in Sources */, + OBJ_459 /* CustomItem+ActionSheet.swift in Sources */, + OBJ_460 /* LinkItem+ActionSheet.swift in Sources */, + OBJ_461 /* MultiSelectItem+ActionSheet.swift in Sources */, + OBJ_462 /* MultiSelectToggleItem+ActionSheet.swift in Sources */, + OBJ_463 /* SelectItem+ActionSheet.swift in Sources */, + OBJ_464 /* SingleSelectItem+ActionSheet.swift in Sources */, + OBJ_465 /* Menu+ActionSheet.swift in Sources */, + OBJ_466 /* MenuItem+ActionSheet.swift in Sources */, + OBJ_467 /* MenuTitle+ActionSheet.swift in Sources */, + 8422CB72239DC85300251D31 /* ContextMenu.swift in Sources */, + OBJ_468 /* SectionMargin+ActionSheet.swift in Sources */, + 84A24EDD236C84D900DB060C /* MenuCreator.swift in Sources */, + OBJ_469 /* SectionTitle+ActionSheet.swift in Sources */, + OBJ_470 /* ActionSheetPopoverPresenter.swift in Sources */, + OBJ_471 /* ActionSheetPresenter.swift in Sources */, + 8405567023527E280064EC7D /* ActionSheetItemCells.swift in Sources */, + OBJ_472 /* ActionSheetStandardPresenter.swift in Sources */, + 84A24ECB236C64F200DB060C /* SecondaryActionItem.swift in Sources */, + 8422CB7A239E1FB600251D31 /* DestructiveItem.swift in Sources */, + 84A24ED0236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift in Sources */, + OBJ_473 /* ActionSheetBackgroundView.swift in Sources */, + OBJ_474 /* ActionSheetButtonTableView.swift in Sources */, + OBJ_475 /* ActionSheetHeaderContainerView.swift in Sources */, + 84F64BA1239D8FEF000290D1 /* ActionSheet+Header.swift in Sources */, + OBJ_476 /* ActionSheetItemTableView.swift in Sources */, + 8422CB7D239E20E100251D31 /* DestructiveItem+ActionSheet.swift in Sources */, + OBJ_477 /* ActionSheetStackView.swift in Sources */, + OBJ_478 /* ActionSheetTableView.swift in Sources */, + OBJ_480 /* ActionSheetItemCell.swift in Sources */, + OBJ_484 /* ActionSheetCollectionItemCell.swift in Sources */, + OBJ_485 /* ActionSheetCollectionItemCellHandler.swift in Sources */, + 8422CB73239DC85900251D31 /* ContextMenu+Configuration.swift in Sources */, + OBJ_486 /* ActionSheetLinkItemCell.swift in Sources */, + OBJ_488 /* ActionSheetMultiSelectToggleItemCell.swift in Sources */, + OBJ_489 /* ActionSheetSelectItemCell.swift in Sources */, + OBJ_494 /* AlertControllerConversionError.swift in Sources */, + OBJ_495 /* Menu+AlertController.swift in Sources */, + 8422CB60239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift in Sources */, + OBJ_496 /* MenuItem+AlertController.swift in Sources */, + OBJ_497 /* UIViewController+AlertController.swift in Sources */, + OBJ_498 /* ContextMenuConversionError.swift in Sources */, + OBJ_499 /* ContextMenuDelegate.swift in Sources */, + OBJ_500 /* ContextMenuDelegateRetainer.swift in Sources */, + OBJ_501 /* MenuCreator+ContextMenu.swift in Sources */, + OBJ_502 /* MenuItem+ContextMenu.swift in Sources */, + OBJ_503 /* NSObject+ClassName.swift in Sources */, + OBJ_504 /* CancelButton.swift in Sources */, + OBJ_505 /* DestructiveButton.swift in Sources */, + OBJ_506 /* MenuButton.swift in Sources */, + OBJ_507 /* OkButton.swift in Sources */, + OBJ_508 /* CollectionItem.swift in Sources */, + 8422CB76239DCBFD00251D31 /* Menu+Deprecations.swift in Sources */, + OBJ_509 /* CustomItem.swift in Sources */, + OBJ_510 /* LinkItem.swift in Sources */, + OBJ_511 /* MultiSelectItem.swift in Sources */, + OBJ_512 /* MultiSelectToggleItem.swift in Sources */, + 847E09ED239DA5E70058179D /* ActionSheetPresenterBase.swift in Sources */, + OBJ_513 /* SelectItem.swift in Sources */, + OBJ_514 /* SingleSelectItem.swift in Sources */, + OBJ_515 /* Menu.swift in Sources */, + 84F64BA8239D9CD7000290D1 /* ActionSheet+Deprecations.swift in Sources */, + OBJ_517 /* MenuItem.swift in Sources */, + OBJ_518 /* MenuTitle.swift in Sources */, + 84A24ED2236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift in Sources */, + OBJ_519 /* SectionMagin.swift in Sources */, + OBJ_520 /* SectionTitle.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_526 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_527 /* Package.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_537 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_538 /* ActionSheet+PresenterTests.swift in Sources */, + OBJ_539 /* ActionSheetItemHandlerTests.swift in Sources */, + OBJ_540 /* ActionSheetMarginTests.swift in Sources */, + OBJ_541 /* ActionSheetTests.swift in Sources */, + OBJ_542 /* ActionSheet+AppearanceTests.swift in Sources */, + OBJ_543 /* ActionSheetAppearanceTests.swift in Sources */, + OBJ_544 /* ActionSheetColorTests.swift in Sources */, + OBJ_545 /* UIColor+ActionSheetColorTests.swift in Sources */, + OBJ_546 /* UIEdgeInsets+HiddenTests.swift in Sources */, + OBJ_547 /* UIView+SubviewsTests.swift in Sources */, + 84F64BA5239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift in Sources */, + OBJ_548 /* UIViewController+RootViewControllerTests.swift in Sources */, + OBJ_549 /* CancelButton+ActionSheetTests.swift in Sources */, + OBJ_550 /* DestructiveButton+ActionSheetTests.swift in Sources */, + OBJ_551 /* MenuButtonTests+ActionSheetTests.swift in Sources */, + OBJ_552 /* OkButton+ActionSheetTests.swift in Sources */, + OBJ_553 /* CollectionItem+ActionSheetTests.swift in Sources */, + OBJ_554 /* CustomItem+ActionSheetTests.swift in Sources */, + OBJ_555 /* LinkItem+ActionSheetTests.swift in Sources */, + OBJ_556 /* MultiSelectItem+ActionSheetTests.swift in Sources */, + 84A24ED9236C724100DB060C /* SecondaryActionItem+ActionSheetTests.swift in Sources */, + OBJ_557 /* MultiSelectToggleItem+ActionSheetTests.swift in Sources */, + OBJ_558 /* SelectItem+ActionSheetTests.swift in Sources */, + OBJ_559 /* SingleSelectItem+ActionSheetTests.swift in Sources */, + OBJ_560 /* MenuItem+ActionSheetTests.swift in Sources */, + OBJ_561 /* MenuTitle+ActionSheetTests.swift in Sources */, + OBJ_562 /* SectionMargin+ActionSheetTests.swift in Sources */, + 8422CB66239DB70C00251D31 /* ActionSheetPresenterBaseTests.swift in Sources */, + OBJ_563 /* SectionTitle+ActionSheetTests.swift in Sources */, + 8422CB63239DAFBC00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift in Sources */, + OBJ_564 /* MockActionSheet.swift in Sources */, + OBJ_565 /* MockActionSheetAppearance.swift in Sources */, + OBJ_566 /* MockActionSheetPresenter.swift in Sources */, + OBJ_567 /* MockNotificationCenter.swift in Sources */, + OBJ_568 /* MockTableView.swift in Sources */, + OBJ_569 /* MockViewController.swift in Sources */, + OBJ_570 /* ActionSheetPopoverPresenterTests.swift in Sources */, + OBJ_571 /* ActionSheetStandardPresenterTests.swift in Sources */, + OBJ_572 /* ActionSheetBackgroundViewTests.swift in Sources */, + OBJ_573 /* ActionSheetHeaderContainerViewTests.swift in Sources */, + 8422CB82239E21FF00251D31 /* DestructiveItem+ActionSheetTests.swift in Sources */, + OBJ_574 /* ActionSheetStackViewTests.swift in Sources */, + OBJ_575 /* ActionSheetTableViewTests.swift in Sources */, + OBJ_577 /* ActionSheetItemCellTests.swift in Sources */, + OBJ_578 /* ActionSheetLinkItemCellTests.swift in Sources */, + 8422CB71239DC82C00251D31 /* ContextMenu+ConfigurationTests.swift in Sources */, + OBJ_579 /* ActionSheetSelectItemCellTests.swift in Sources */, + OBJ_580 /* Menu+AlertControllerTests.swift in Sources */, + OBJ_581 /* MenuItem+AlertControllerTests.swift in Sources */, + OBJ_582 /* ContextMenuDelegateTests.swift in Sources */, + OBJ_583 /* Menu+ContextMenuTests.swift in Sources */, + OBJ_584 /* MenuItem+ContextMenuTests.swift in Sources */, + OBJ_586 /* NSObject+ClassNameTests.swift in Sources */, + 84A24ED5236C6DCD00DB060C /* ActionSheetSecondaryActionItemTests.swift in Sources */, + OBJ_587 /* CancelButtonTests.swift in Sources */, + OBJ_588 /* DestructiveButtonTests.swift in Sources */, + OBJ_589 /* MenuButtonTests.swift in Sources */, + 84A24ECE236C670D00DB060C /* SecondaryActionItemTests.swift in Sources */, + OBJ_590 /* OkButtonTests.swift in Sources */, + OBJ_591 /* CollectionItemTests.swift in Sources */, + OBJ_592 /* CustomItemTests.swift in Sources */, + OBJ_593 /* LinkItemTests.swift in Sources */, + OBJ_594 /* MultiSelectItemTests.swift in Sources */, + OBJ_595 /* MultiSelectToggleItemTests.swift in Sources */, + OBJ_596 /* SelectItemTests.swift in Sources */, + OBJ_597 /* SingleSelectItemTests.swift in Sources */, + OBJ_599 /* MenuItemTests.swift in Sources */, + OBJ_600 /* MenuTests.swift in Sources */, + OBJ_601 /* MockMenuItem.swift in Sources */, + OBJ_602 /* MenuTitleTests.swift in Sources */, + OBJ_603 /* SectionMarginTests.swift in Sources */, + OBJ_604 /* SectionTitleTests.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin PBXTargetDependency section */ + 8467041C234A3E9C00355331 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::Foo" /* Foo */; + targetProxy = 8467041B234A3E9C00355331 /* PBXContainerItemProxy */; + }; + OBJ_532 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::FooTests" /* FooTests */; + targetProxy = 84BDF8B02347D41500D35F93 /* PBXContainerItemProxy */; + }; + OBJ_616 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::Foo" /* Foo */; + targetProxy = 84BDF8AF2347D41300D35F93 /* PBXContainerItemProxy */; + }; +/* End PBXTargetDependency section */ + +/* Begin PBXVariantGroup section */ + 8467039F234A3C4500355331 /* Main.storyboard */ = { + isa = PBXVariantGroup; + children = ( + 846703A0234A3C4500355331 /* Base */, + ); + name = Main.storyboard; + sourceTree = ""; + }; + 846703A4234A3C4600355331 /* LaunchScreen.storyboard */ = { + isa = PBXVariantGroup; + children = ( + 846703A5234A3C4600355331 /* Base */, + ); + name = LaunchScreen.storyboard; + sourceTree = ""; + }; +/* End PBXVariantGroup section */ + +/* Begin XCBuildConfiguration section */ + 846703A8234A3C4600355331 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_STYLE = Automatic; + DEVELOPMENT_TEAM = PMEDFW438U; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + INFOPLIST_FILE = FooDemo/Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = com.danielsaidi.FooDemo; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + SWIFT_VERSION = 5.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Debug; + }; + 846703A9234A3C4600355331 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_STYLE = Automatic; + COPY_PHASE_STRIP = NO; + DEVELOPMENT_TEAM = PMEDFW438U; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + INFOPLIST_FILE = FooDemo/Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + MTL_ENABLE_DEBUG_INFO = NO; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = com.danielsaidi.FooDemo; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 5.0; + TARGETED_DEVICE_FAMILY = "1,2"; + VALIDATE_PRODUCT = YES; + }; + name = Release; + }; + OBJ_3 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_OBJC_ARC = YES; + COMBINE_HIDPI_IMAGES = YES; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + DYLIB_INSTALL_NAME_BASE = "@rpath"; + ENABLE_NS_ASSERTIONS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "$(inherited)", + "SWIFT_PACKAGE=1", + "DEBUG=1", + ); + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + ONLY_ACTIVE_ARCH = YES; + OTHER_SWIFT_FLAGS = "$(inherited) -DXcode"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SDKROOT = iphoneos; + SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited) SWIFT_PACKAGE DEBUG"; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + USE_HEADERMAP = NO; + }; + name = Debug; + }; + OBJ_4 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_OBJC_ARC = YES; + COMBINE_HIDPI_IMAGES = YES; + COPY_PHASE_STRIP = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + DYLIB_INSTALL_NAME_BASE = "@rpath"; + GCC_OPTIMIZATION_LEVEL = s; + GCC_PREPROCESSOR_DEFINITIONS = ( + "$(inherited)", + "SWIFT_PACKAGE=1", + ); + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + OTHER_SWIFT_FLAGS = "$(inherited) -DXcode"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SDKROOT = iphoneos; + SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited) SWIFT_PACKAGE"; + SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_OPTIMIZATION_LEVEL = "-O"; + USE_HEADERMAP = NO; + }; + name = Release; + }; + OBJ_439 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CURRENT_PROJECT_VERSION = 1; + ENABLE_TESTABILITY = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = "$(inherited)"; + INFOPLIST_FILE = Foo.xcodeproj/Foo_Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + PRODUCT_BUNDLE_IDENTIFIER = Foo; + PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)"; + PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; + SKIP_INSTALL = YES; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = Foo; + }; + name = Debug; + }; + OBJ_440 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CURRENT_PROJECT_VERSION = 1; + ENABLE_TESTABILITY = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = "$(inherited)"; + INFOPLIST_FILE = Foo.xcodeproj/Foo_Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + PRODUCT_BUNDLE_IDENTIFIER = Foo; + PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)"; + PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; + SKIP_INSTALL = YES; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = Foo; + }; + name = Release; + }; + OBJ_524 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + LD = /usr/bin/true; + OTHER_SWIFT_FLAGS = "-swift-version 5 -I $(TOOLCHAIN_DIR)/usr/lib/swift/pm/4_2 -target x86_64-apple-macosx10.10 -sdk /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.15.sdk -package-description-version 5.1"; + SWIFT_VERSION = 5.0; + }; + name = Debug; + }; + OBJ_525 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + LD = /usr/bin/true; + OTHER_SWIFT_FLAGS = "-swift-version 5 -I $(TOOLCHAIN_DIR)/usr/lib/swift/pm/4_2 -target x86_64-apple-macosx10.10 -sdk /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.15.sdk -package-description-version 5.1"; + SWIFT_VERSION = 5.0; + }; + name = Release; + }; + OBJ_530 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + }; + name = Debug; + }; + OBJ_531 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + }; + name = Release; + }; + OBJ_535 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + DEVELOPMENT_TEAM = PMEDFW438U; + EMBEDDED_CONTENT_CONTAINS_SWIFT = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = ( + "$(inherited)", + "$(SRCROOT)/.build/checkouts/Quick/Sources/QuickSpecBase/include", + ); + INFOPLIST_FILE = Foo.xcodeproj/FooTests_Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 11.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@loader_path/../Frameworks", + "@loader_path/Frameworks", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = FooTests; + }; + name = Debug; + }; + OBJ_536 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + DEVELOPMENT_TEAM = PMEDFW438U; + EMBEDDED_CONTENT_CONTAINS_SWIFT = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = ( + "$(inherited)", + "$(SRCROOT)/.build/checkouts/Quick/Sources/QuickSpecBase/include", + ); + INFOPLIST_FILE = Foo.xcodeproj/FooTests_Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 11.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@loader_path/../Frameworks", + "@loader_path/Frameworks", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = FooTests; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + 846703AA234A3C4600355331 /* Build configuration list for PBXNativeTarget "FooDemo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 846703A8234A3C4600355331 /* Debug */, + 846703A9234A3C4600355331 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_2 /* Build configuration list for PBXProject "Foo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_3 /* Debug */, + OBJ_4 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_438 /* Build configuration list for PBXNativeTarget "Foo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_439 /* Debug */, + OBJ_440 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_523 /* Build configuration list for PBXNativeTarget "FooPackageDescription" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_524 /* Debug */, + OBJ_525 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_529 /* Build configuration list for PBXAggregateTarget "FooPackageTests" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_530 /* Debug */, + OBJ_531 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_534 /* Build configuration list for PBXNativeTarget "FooTests" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_535 /* Debug */, + OBJ_536 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + +/* Begin XCRemoteSwiftPackageReference section */ + 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/Quick/Quick.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 3.0.0; + }; + }; + 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/Quick/Nimble.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 8.1.1; + }; + }; + A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/danielsaidi/MockingKit.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 0.9.4; + }; + }; +/* End XCRemoteSwiftPackageReference section */ + +/* Begin XCSwiftPackageProductDependency section */ + 84D3AF2D2434B1420007BE9B /* Quick */ = { + isa = XCSwiftPackageProductDependency; + package = 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */; + productName = Quick; + }; + 84D3AF302434B1510007BE9B /* Nimble */ = { + isa = XCSwiftPackageProductDependency; + package = 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */; + productName = Nimble; + }; + A9FA9D3926A17AC40047114E /* MockingKit */ = { + isa = XCSwiftPackageProductDependency; + package = A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */; + productName = MockingKit; + }; +/* End XCSwiftPackageProductDependency section */ + }; + rootObject = OBJ_1 /* Project object */; +} diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata new file mode 100644 index 00000000000..919434a6254 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata @@ -0,0 +1,7 @@ + + + + + diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected new file mode 100644 index 00000000000..4506ff8aa56 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected @@ -0,0 +1 @@ +/usr/bin/xcodebuild build -project ./Foo.xcodeproj -target FooDemo CODE_SIGNING_REQUIRED=NO CODE_SIGNING_ALLOWED=NO diff --git a/swift/xcode-autobuilder/xcode-autobuilder.cpp b/swift/xcode-autobuilder/xcode-autobuilder.cpp index 9dfdb074e75..4cc234de66b 100644 --- a/swift/xcode-autobuilder/xcode-autobuilder.cpp +++ b/swift/xcode-autobuilder/xcode-autobuilder.cpp @@ -7,8 +7,9 @@ #include "swift/logging/SwiftLogging.h" #include "swift/xcode-autobuilder/CustomizingBuildLink.h" -static const char* uiTest = "com.apple.product-type.bundle.ui-testing"; -static const char* unitTest = "com.apple.product-type.bundle.unit-test"; +static constexpr std::string_view uiTest = "com.apple.product-type.bundle.ui-testing"; +static constexpr std::string_view unitTest = "com.apple.product-type.bundle.unit-test"; +static constexpr std::string_view unknownType = ""; const std::string_view codeql::programName = "autobuilder"; @@ -38,6 +39,16 @@ struct CLIArgs { bool dryRun; }; +static bool endsWith(std::string_view s, std::string_view suffix) { + return s.size() >= suffix.size() && s.substr(s.size() - suffix.size()) == suffix; +} + +static bool isNonSwiftOrTestTarget(const Target& t) { + return t.fileCount == 0 || t.type == uiTest || t.type == unitTest || + // unknown target types can be legitimate, let's do a name-based heuristic then + (t.type == unknownType && (endsWith(t.name, "Tests") || endsWith(t.name, "Test"))); +} + static void autobuild(const CLIArgs& args) { auto collected = collectTargets(args.workingDir); auto& targets = collected.targets; @@ -45,10 +56,7 @@ static void autobuild(const CLIArgs& args) { LOG_INFO("{}", t); } // Filter out targets that are tests or have no swift source files - targets.erase(std::remove_if(std::begin(targets), std::end(targets), - [&](Target& t) -> bool { - return t.fileCount == 0 || t.type == uiTest || t.type == unitTest; - }), + targets.erase(std::remove_if(std::begin(targets), std::end(targets), isNonSwiftOrTestTarget), std::end(targets)); // Sort targets by the amount of files in each