From 019b85beb6a70cec0027e9205caace25ed655431 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Tue, 2 May 2023 15:36:39 +0100 Subject: [PATCH 001/210] Add Unicode Bypass Validation query, test and help file --- .../UnicodeBypassValidationCustomizations.qll | 29 +++++++++ .../UnicodeBypassValidationQuery.qll | 61 ++++++++++++++++++ ...-05-02-post-unicode-normalization-query.md | 4 ++ .../cwe-176/UnicodeBypassValidation.qhelp | 36 +++++++++++ .../cwe-176/UnicodeBypassValidation.ql | 22 +++++++ .../cwe-176/examples/unicode_normalization.rb | 8 +++ .../cwe-176/vulnerability-flow.png | Bin 0 -> 37706 bytes .../cwe-176/UnicodeBypassValidation.expected | 56 ++++++++++++++++ .../cwe-176/UnicodeBypassValidation.qlref | 1 + .../cwe-176/unicode_normalization.rb | 25 +++++++ 10 files changed, 242 insertions(+) create mode 100644 ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll create mode 100644 ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll create mode 100644 ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md create mode 100644 ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp create mode 100644 ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql create mode 100644 ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb create mode 100644 ruby/ql/src/experimental/cwe-176/vulnerability-flow.png create mode 100644 ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected create mode 100644 ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.qlref create mode 100644 ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll new file mode 100644 index 00000000000..30310fdac58 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationCustomizations.qll @@ -0,0 +1,29 @@ +/** + * Provides default sources, sinks and sanitizers for detecting + * "Unicode transformation" + * vulnerabilities, as well as extension points for adding your own. + */ + +private import ruby + +/** + * Provides default sources, sinks and sanitizers for detecting + * "Unicode transformation" + * vulnerabilities, as well as extension points for adding your own. + */ +module UnicodeBypassValidation { + /** + * A data flow source for "Unicode transformation" vulnerabilities. + */ + abstract class Source extends DataFlow::Node { } + + /** + * A data flow sink for "Unicode transformation" vulnerabilities. + */ + abstract class Sink extends DataFlow::Node { } + + /** + * A sanitizer for "Unicode transformation" vulnerabilities. + */ + abstract class Sanitizer extends DataFlow::Node { } +} diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll new file mode 100644 index 00000000000..96dd0492e74 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -0,0 +1,61 @@ +/** + * Provides a taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities. + */ + +private import ruby +private import codeql.ruby.ApiGraphs +private import codeql.ruby.AST +private import codeql.ruby.Concepts +private import codeql.ruby.DataFlow +private import codeql.ruby.dataflow.RemoteFlowSources +private import codeql.ruby.TaintTracking +import UnicodeBypassValidationCustomizations::UnicodeBypassValidation + +/** A state signifying that a logical validation has not been performed. */ +class PreValidation extends DataFlow::FlowState { + PreValidation() { this = "PreValidation" } +} + +/** A state signifying that a logical validation has been performed. */ +class PostValidation extends DataFlow::FlowState { + PostValidation() { this = "PostValidation" } +} + +/** + * A taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities. + * + * This configuration uses two flow states, `PreValidation` and `PostValidation`, + * to track the requirement that a logical validation has been performed before the Unicode Transformation. + */ +class Configuration extends TaintTracking::Configuration { + Configuration() { this = "UnicodeBypassValidation" } + + override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) { + source instanceof RemoteFlowSource and state instanceof PreValidation + } + + override predicate isAdditionalTaintStep( + DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo, + DataFlow::FlowState stateTo + ) { + ( + exists(Escaping escaping | nodeFrom = escaping.getAnInput() and nodeTo = escaping.getOutput()) + or + exists(RegexExecution re | nodeFrom = re.getString() and nodeTo = re) + // or + // stringManipulation(nodeFrom, nodeTo) + ) and + stateFrom instanceof PreValidation and + stateTo instanceof PostValidation + } + + /* A Unicode Tranformation (Unicode tranformation) is considered a sink when the algorithm used is either NFC or NFKC. */ + override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { + exists(DataFlow::CallNode cn | + cn.getMethodName() = "unicode_normalize" and + cn.getArgument(0).toString() = [":nfkc", ":nfc"] and + sink = cn.getReceiver() + ) and + state instanceof PostValidation + } +} diff --git a/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md b/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md new file mode 100644 index 00000000000..b24e408ff4b --- /dev/null +++ b/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `ruby/post-unicode-normalization`, to detect a misuse of a post-unicode normalization. diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp new file mode 100644 index 00000000000..ddcdc3b31b2 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -0,0 +1,36 @@ + + + +

Security checks bypass due to a Unicode transformation

+

+ If ever a unicode tranformation is performed after some security checks or logical + validation, the + latter could be bypassed due to a potential Unicode characters collision. + The validation of concern are any character escaping, any regex validation or any string + verification. +

+ Security checks bypassed + + +

Perform a Unicode normalization before the logical validation.

+ + + +

The following example showcases the bypass of all checks performed by + flask.escape() due to a post-unicode normalization.

+

For instance: the character U+FE64 () is not filtered-out by the flask + escape function. But due to the Unicode normalization, the character is transformed and + would become U+003C ( < ).

+ + + + + +
  • Research study: + Unicode vulnerabilities that could bYte you + and Unicode pentest + cheatsheet.
    • +     +     \ No newline at end of file diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql new file mode 100644 index 00000000000..64ea34779a2 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql @@ -0,0 +1,22 @@ +/** + * @name Bypass Logical Validation Using Unicode Characters + * @description A Unicode transformation is using a remote user-controlled data. The transformation is a Unicode normalization using the algorithms "NFC" or "NFKC". In all cases, the security measures implemented or the logical validation performed to escape any injection characters, to validate using regex patterns or to perform string-based checks, before the Unicode transformation are **bypassable** by special Unicode characters. + * @kind path-problem + * @id rb/unicode-bypass-validation + * @precision high + * @problem.severity error + * @tags security + * experimental + * external/cwe/cwe-176 + */ + +import ruby +import codeql.ruby.experimental.UnicodeBypassValidationQuery +import DataFlow::PathGraph + +from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink +where config.hasFlowPath(source, sink) +select sink.getNode(), source, sink, + "This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters.", + sink.getNode(), "Unicode transformation (Unicode normalization)", source.getNode(), + "remote user-controlled data" diff --git a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb new file mode 100644 index 00000000000..f22cd101486 --- /dev/null +++ b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb @@ -0,0 +1,8 @@ +class UnicodeNormalizationHtMLSafeController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_html_safe = unicode_input.html_safe + normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD + normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD + end +end diff --git a/ruby/ql/src/experimental/cwe-176/vulnerability-flow.png b/ruby/ql/src/experimental/cwe-176/vulnerability-flow.png new file mode 100644 index 0000000000000000000000000000000000000000..e1a354717ef1273043075e966df13a19e4402e1c GIT binary patch literal 37706 zcmeFZcTkkivo9>LE0K*+Ulf4j6_$iTp`s! zspwz1fX`OS;8Tb(@xfNQS&`PIcOGiHsE+*$PeY2M)T?eI3 zWOL4ZypKEvUH7XFeE+P~%lnpp^n9m05gG$S1^t&-9z~Dpc8i1(HW%_AubHqbogr6m z`GxB>5h{_`_<_ToTp&k$0xabQuw|M7b5 zHN*JN&)|7WB?!|>%_Fb!50W7A0HH{1EY1ptGqR&i_+~gs+E1zbR6Uf~-Y!dty8?85 z2~9uw3FDD=RIj~ITJ=tMxZ*8gc>NdmJf2Dl!MGZRo6_wa2Gxs zzO|xYJP;2eO4#x0N~dzei%JD50v@c$2#blVD)5f~4vUI_9()dB$QmL|A|TU(!fYM5tqL^B}h=p5?8_!JcabVc63=mfnK*VEZ5#wi@_sfw$zQ z0goWim7S+B^3cTQ*9Kp9l6K4{AR7pEWjkK+op1(Q0EP*Qrljn_JCJ5@5Lgs~v{pzs z?ASEqQm~Y%L}Vm2kcu;ovlkb|Gw|g$&zEx)JPmO0+}3j-1H9Mbq2Lza9oxo9I~C@F z1{{$ETi5)b&1OaWOlQ>9)FQ16)JMA?1#T-ti3))MM@!Rz3pM?(7ODp2laAgu^7tNX ze6$o}wl;xOL$k_7pNrxp;O~x#A5e!V@U;4?%B;?1=UYp#euahN5hhAx{^akP^L|l@HtTymfP02Y;gA3_w(gidman!Sj%0n@ADZR46{MuA!LN73;I( zze$Wg%KEk_Ijw$HTBjfPWXaS_j(x}CYB&UHtlDh2`fFRUZ6g|4*Ox)l)}C z3NQ{1rwb7m1r8X8{`K}XE{hxBX{6@&u#Oye81dBjGUr{^b|J1fOGU-|@s&cSo^W0AUf zD%DmAD%ldbN_dxBt<_+n(yQ*YEB`JYBFW_QB6%Up9bCqn+1C|R9zYmq@aoP@l z{^+;cFIjo#y}uhUI(5~l2dRS@aT9nNj{oK8Gm@B+Eqrml7@KroRb;uwnbv{f{NQ} zvevoMSXHs+WYg15g6GW@<1(e?S#{Q4@x5yjkDL$gd-g^@&grM%0;~QqKUVtI{^s=H z9^d;Y9>PIASuQMTa}8{MB(N2@(Jk!pNDg2txDq|qH{ZOIAg`J9tD+7@%D64ZpYHUD zRNC}29vQ8{l{l#ka=g`cN{0Q5i#SO>2c~c2lz8=&4g$R=m}!5zT=_EquZ<1 z49(b|PE;op-!+3z%sRfjX6VtiJ>@ywyO3%w{Pb^q(%(AkzSPG)WU8~4cPIS{+c1hO zY_H_Nj#>Xet9}cZQ(*LTGS;JDf^g)vMR0+c=^-OMRn8}*zP zieZvWQO6@q{84784zthhi#$ycGA;0rAoF10oyjlsA~?jJ*~8HUvZ*Lq>Ik_74jae5 z9KW63AtiefyRmmdWg`#S3Swn8f|1AHQU&HZs}H_%>OdB5cj^AhFT>GtQ{I@r^ZBDbJCrcgvdmWvoyC&T zw;ds+-d@_AMDLr9?TS8(${m>T=VENW=cx|7xW%^|0Jf3!PBOpxS3+CEdXGQ1p0+!= zsRMI1lL!Bg(`oGrWGA1_8NM~rn`zmctQ*$QAWB^f@uhcS!;xS6-B^Ev9gT&4uAw8( z53G_$7nkz{RVbdeost$-WZGc4fx6G$GP~>2z{|%uzQS`qcNY3&x*ItvXH{j>hEtr( zakTG>sh2A`&1CUaZcG+N%{++INa7*XPm(T;SIi2xP196o8Kd@*9;TARql+mPD%@w3 z$j|qxXxC=u{>K51at6Dc-x1F8`{USywGoLKD^41kaWyw+ajaK z`H-lzUyj_g=BXd+_9C>N8ny6AFzRY@uUgAGI z0~%i7a$xYJWgCV^K6FtQ-`(pmFxyGt)nVvAr4>X{zN*JFoIlE$9LNdD&gXgBJX zdEV%IAbp?=FMN`f-7)WocA9)wqiXo=368Kw`=9TFwlsPBQcH-MJDw{OcLUCkmP#;K z{v19|g^@Iq*8%O5CtDaz5vffN$;s_sl(HWeB=xDhzk zo?P*(U`G8ZC1y6laYbNk{#O~7QhjaN9Xs?oz<*_=uFBQGb7iQ|8WT!bxtAYjHBzGI z?EgpZV3N~tnRIrF%?o+cagyF(dV86(=&J82RcDC0u3t24C>k)D!H_)69{dD$ijLq= zjqIr|HE8$n-kMQ7I@xSqh+qp$_WT|2%elqDj`rHUKv;0dL*cMqm10 zoL{?USRQ#|7Q(~2b@Hp$*)mVjib~lkH=<2 z3wpNQ`p?8iG4C%l3g)|e4&OT3>)cmSajbIl+V|Ihq1ox^8C0er4|uX|Ood_t3%_Ei zIS>kyr9`XBI-Jhpul#QG9Y1G><0%}MF#E25h~+#V)=}_gRIg-fON)~~UPhwv2^y6n z$O!XPODA_q39^nRU3W%JpIP&>KFZPo^Oe{978o=4Wa(5E5b=qPfeC`6%OdwX!iuVg zEZ8dwKYC$6W-}T1pFJHKN%L8rzkBH)%(jIsgfltDPb_6}Lf&bh1PkO4?o2$#t^D#b z1@bah#&bhR7^Lq+(q7}~&$#(AvG5il2kWKz@MD=$ZOrv{m0BrCvg#hl+L^^?>me3t zO6z4G$Wdq(|FQYNZ8l85=r+Srm3iRV-QWJ3a+gjLGF8O63Sq7(vp0(?7t`MQ zPlMHwcR~l%Pp^SJs9w~a?X#n?)V!T;yTtd3$M8NkZOLNY{a0_|HOkqGN8e2bwuNf-L#zV z-<@RN!0)P8d+!=P;J5BeabFMfJCl0ffQjy%5^k8m=HHPkBMj`(h^XgOi2i=&vvWLbvMvsjy z9%nm;&ktn%nw2;?T3S%LAM(JS^>i=T(;_DSLQG)t1KFpizj!oLg}hp=#AwpH$)d%-u}odiiQYMeg=Ti?5z#9w!D~9H|T3eZxiZfCAO% zbKsHbUrqSMqd9=>?CHWQCb>Htm|9W__T+UR-Pv5F!NSDY!BC0dWx{> ziI0|s5wyK}_F1Fp;@r18{Dho2{>|eoZVFZfJ5rL+Nasi0u?(C?Bdt@pj~1gO?B{m} z6;iR)S-5MKeFaM5eXYL1jT?PF&Jm2=3nst{cCSF?lbe2WNYHw9(^`s6!E&2}_4F;) z+rsak7d2A^SE2#WO-W+iEKBI{oWS#=i&5j`=eEuMlf|mje?KlWMQ<&|GggNai4oj; zn=5MBEzQ%lN$lV@0nWqa@A=k)zZ+vMB3|!Ls8#sd@mzJ9^&Rw(Bt8mFCA8Y=%m6HFi*K;tim+o&|Ky9!J_7u zI65K1eT)ga?N1N8oK2bZ=tc&{FvhZZl{&!%ZSkuY7daJIgL1_+RQZkwK=Z~D$Cw*-xyb<06ZMhdgSY)o^ z6|9nunGW}YhqQ37o-++9R>;2oB+7v`2(0&0mwt({o@(1+W-RngwQiS0qCDd&8!1YX z;p^%uoOET4Jj|c2Mvk+MEf2qX)|Afwlz+(YG`2I!YpV*6LbPocefl+9PR7!a!W|VA z@;ZhG+F*P*L-=~S@_rrY+cvm0M6?1u_XXxJj@Lw%s^kUu*ej6_1d%VSS;%2s3WDN&Bi z^7FJWso!O};|K3wQ9TQx)0TyHN>4yX2*a)gt@*fW>|f8%RgN6+VF@9d z^V6gB>>KJi0i`!dS^B0JC7jje;pn2}dZ#x-`KwRzRjJ4m7Uw(#A9RG|NPIIKyGcf} z{5Fr4lFBpWM%5TQ!^du9ihP) zxhK3k3D=S|DO^#@C6(E#cU$^3;%*^`(s+JfME-qxL>R3oM(59nsL z)eh*uIYyix&SmWh7l^QXvOX;RlP8P` z_34`3lM2eQvWFR-aO>VI8@glR-OLw^VF6@{uaBf%x>-D}r0AM4?2}+SaRX-S@px7; zLi*dv>pU_NJy!}-)xg}x$ZDH{qHF9E;yU^A=!x8SxcFEzo|K+eKuf?DTFudmjCi}e zb%P3J4!Jb;rUTKiHY#+g7ji><$U2fvXtjXs>F)-qIe$dC&1WL40@~bgc9WgB zPLC&E_2A?&qdi`SMdCMG#)=oe?P$N@s=Q2|(edZ`2>gk+BM1Gkh0)SmN!N7WrX;o&V0^&@Q7ll3jY$xROe2n*xaM zUkhujN~%i`=bn|-qx^)e==GU#`B-b`vyD-WwHV>1Lre*#^%)xt`S*Zdhf;*FIIyT& z4g(DMnaG9?oa@jf(i^FhWW2kOD&{oPa@&em;j9`?3e&b)=2vhUn#64bGj)9@s&S2F zu~>)IM|rf5${y0Y7Fb)Y(ocMRwn=04D*U<2h%J1GN<%j7vDPu!>h0_iOG6P5D5^7b zolquz(Z4&h-UJh*+qSS{%^ntQVx-b|o~1dX!Y9)KFz>{}00zepxLCkTxRuVg` z6^(}fz}pQPj?VKMc8bHvd~E+yY7N%2iZmCwVyZK|!8a;dlonQ_x-0ntr-^7umn!UAgG zLPyN)nVsmFe2t#toHb+Y9?eV*Y$N1FsD4Ll(~NQ$Pcj7=B+po2(zL6+(D-{HNm+I) zE0VSNSjAUc72g+olFu}peVY@HkUOt+t>*3^-H2@w%?s#aw$;ik4SS1Vq?7sX#P{73 zTr3vMrW(~Bx+%)N`4qD;nV-%GTOXNwhm+YEHyLnUAkXuWg?z0WNq?qbs1Jb(+{6CE zVW|L`f)MFLzj5yn+_TYlWoLYO3UNR3QE<>d^Oq|nI*^@F;ftmu?f!rJ(Dl_vw(TG^jedQ6cU)!w0o{nd6?gb)^uG?;>kpDX<3CtS#$V-G zwLhlVXlc>7jWChW&muB9Ucvb&V^o78Rvvkr^MD{?E;_30wXb2A%qaE7QcD(3?Qknv z>XZbZ5#CSomnz^G92>=fXHr+G(B$CSdFW&%!ev1UT~BVG^2nXx^0xS$Zg-0*>BxzZ z#!`ByItSBwd^&jJdKyA^iXpq=`M@7+$jtj@aQs$XM#cCyZ!MOc`R?-MC_qv zTRPoq&9Up3yV7^X7T=P@%J9yNaKzxpN_4b}3vsDg!LH7K9Ad;1FL?Dj1#3__l;!U0 zpt#~kqaHz&65^Q-#JZ|wK5nyEL$^HBC(I&3KR_D(M&Q;MP-K2DmU{8=|{f?H@= zW|AP^>+lC(N@JWZh&IB5=>LM_XDt(Vc=WVtFgOuu24O3-yfU1@BfK-}vIXZ32qh|b zuoZMZ(|I?g!V;nQVcqGG2Nep!azZ(mh&A9sPza;YSc;zt4Wf$d0vz&4>=jk;)VSXJ zGagw91&yO*r!}#Axj|UQ?A%X=kPC`Dv?c6@amA-V?$XfPOd3KJ&`d!~$p#PJgCL^^ z`|}PcxG`u>RL$Px4xWcV4B^10EEp9O)|l-%Qldg>f|J75_MUbmEDtoJBhlpXNFRt? z5nq>^T=9aSxtC+`AQ9;Tg@RKRrnRvNq2Q3yydOJZ0XN{GTKpQXDz+YIR#EN1N5LBb zxdo|mQcP4RI?!yDu;i-&uY;)Q%X!8d90~c_1>q}|J-dxu@n#Se3xhRD$To-yW+`(Nwk-sE3H5)`NI>2J&3csESX3wx z@U&vBGY}3-gyd&DfAoL~B@C#T-&y*l0iOkfQ^jVAa0OR`>v(*M%|ZbRE&!TK(1%wD z3$B8vy-ME4%GkY-`~-LWLr3;Er$)lFn+wDMwoOzAn&7>DWCP*HC=G0;n-1}E zzWb=w=eUJRVMP2=YGjd@fHhnSQquOUXWRg14o-&lT4m8}3xr(5SD+?GY_dxjTp!X* zyPqNX>`=!$kgnVsoiV!Xhzn_d5G4Y3Ih!6(8Gbu@vM6YR|5Qnc5P#5A`iwIcV8}r* zDrn#5)frH(H%Z4?*%B5Q==$ z@stkw01E~TQ@s5ul?X-;A_wEiTWsq=H2fz_4T<6j7~%5%3{4Ad+SZS9kF_B<{vqJP z=^+>jyi|a|T0SaXqV(}EAov{iuOxs@oUwo90tE4b-)3LmX1|<*3rmd^+tx!n1Cjs- zFds9kU}o^Ln1}Fgh^-cC;2P+p9a3CUn|OtjJXlbboR~zZwT&-&UJ7=k-fjRsl)4q=@+PLWHhCvEj#JWNFY4RFGgFmK4bk@Lov&9IiBFLqq7t04m-Xht6H<-w22u$4h^j zL0xv_hV(C#0YLx_540WVpDo?L6#Tz#1b5I>>c}1&cS#f!vui5T^QX< zqA0=4REp`F5XV?DU>V14C1Wp_!UYNn$L3mhLmXSkffZQO>bYD=q#x+lk;?1K331{E z30He`-t3Y*c;nxduWKNL9-%zK``eK~XdD2(14Wxwm<0(FWP0!=^Lx{6r<0X0GvSg?lfJaa*p z3_OI^Fg!!#GKWS6j5q#}H#QMk_(Xs#urrJtX+u9kJp_aEJ1~=7=KCZu9?}u4C@{Q{l_1&6OKpURqD(%z6nO;*w1#AP%#~b{@eUSn_Sf)d zlfQ3={Iz>;`EZG7&}%Y387@~j$R7;3Ud5n(8(L;(UT`_YGHwoNT%T^fKsW6!^zptF zxSI&_H9F54*DviZszn%Z;_)*o|I+3&b5>aQ(f$1N)U@cFo&HveAiwpO~3zrY%3l_{{B&-PzAOntuV zvNRwRLB^6eRH%7lHJ)O}kMRGkH(DN`(l_&)WsYcA{dQvje4?|nG$?ZS%^i*9`hT4t@Zb^1c1-NgE~DVTV584|ak}0+<-jLr{pw-9 z4yT93zYG2Qe1to@f`;T(w`Gcv$k>>aoWuWigw zwFY(Rz4DA?;rk|#QeK>%yg&WqT{Sl|Q1jIzYomVf!|6D0c8?L(B_JqW{Icv`r~h5# zm78~*JvZu>Zq>Og6zJwERoagU|J*;>tn@o_@jjUH%(}Q4gPFZ}1+2nGUjj=a@)o3^ z8dXlZToek}A0qJ)w_XLF^fRC~%B~yOBZyr`o47-uTb})9=kU(ej8|0AMFm>&SlpFcor465wdhBbfx9yCiO@9z`|7U9mzGm3YLKY3_x>eN~TkstU^8cRs zbvsGM)3NTorFyC1`|Ph7a;A%4)02jZlsl}ZoBY+IDeavWLC)sNgKZje^mUS933CAK zc|UE%PM5I1S9B0!K3t@=@QF@n{(bX#qIQ-{-*n)G*7it&TG*|pBr1mq;3u7i|Y zh9h_c_=wv<3~k<@!J=B99&Yb!_-<aWkGkx9|Fr|pO<|$UT4lSD5_a5Jd6R&ng{$3qo-(@$E+aal z&ePu->M}ukkbbSx!^a0Fn$hM}i>+Pr`Ei-$G)SV8zWC#K^}btznft;^{Z9_YM~1@@04?Wpec;{s z@aaS}!wsuc>7OijDr$c@ceC)$b;tBoKloh287sdz>XQI6%w+8CiljG*M_zc2$)n$;wmI~O&w zQG4dmn&IcTc$@dwf`dF~*(dwv(~N4nAGZcZJ}l>@uq6{`6W=cmSdSL31^`^Iu}+u- z_D=n~<~W6Oqs4(&sR`2bwsP!$-<+Hs^kqocGk=If<&J%vt~20Oe{%ej3xojnnZ68a zz~z8;6hyE{5mTX2@ZXr+_eIx!jL^^{dKH*G_HuN;>*lEt+D;YqQ?6X+(GMOZvX$-+ zC8V}$EE;a93pCEMLzFsoIX3^f*H+3|50&M zz}c~OC~n}4Qu~WCgZh2SM}!!xmHRRh{kTWl<^e~A$-3R-o9c{|h&1Lir-9$L#aTQ! zY<}M;Nut~gSxB^HXJK_pOBo=gU}d=GS(h0ngYR-YyUS{6@vRFiocXo)&HJaOSoqZL zFbY*C@!dBB(&|e_21`U(Sh-Io{*K+}t$Bk`JRaWBk*7o~kuu$MTa;Frezv%*F6;IU z<2=I9P#k;W{CT(emOTSJ1I{;v!NPv$ktH2VA12pA=#DT_aPs(&ZDW6@bLx#fS5dQ? z)#6}|$nf27Dt1XD0oAjUIM7f4xIq+E=B55@0f!IONy1EZpuDHu}Np(T)K!)9)ugK6ERnhD{e zK!B4e_=XfOvp8fnGhr}w0#Y)LoyN75jjh7e2dgww+Bx!aI14`*8Cqi3x#Sp@0E#nk z=*{oG$NR>p<=qK7finyH!Kox;=0ik8QLA?-wUp zc@FW6Nn9&GPWpWjgPtggg#mG)CTmecU;kkvT)ybda10GOjb(&A>RB5bqHLVsgDvjG z)b8$pjEG%E*w|8ABO3=%d3jMYas<8;jKa?V$eI4*_@WTAV^fI*V!e3X$K+vOQA;M3 zRxfV5z7V?+j&*iI%-r_t&TG|c`rXnEheoPqPgJlUEhxoIAo-q- ziHmr)ztBSbS;qY+=@5(7VTysvmD?gwk6k3uT!{2(|AVYuO9f0TqF1NXLRGwVssW8J z8|TJe@K#RjN&MSUzAKCze1lK){)!0L`5bJpcxcT=@QJHa-h@rG$H`J{*EzA#Z&%#S zfAr^0ZS5~rMs{Qe@gw@Y@%LGx9&Zosc}~47HE*ESBl~I(@}<*9sfVyA7nEp7+FDh% zzbSf*HeKbTA%DQP%|KO=11=h8H|I%Ea80l~A`B&p*^2+B-BZ~u*O6c0;$;lV`ucFy zfqiVM`b1)C861F~9*!SEqQbH7ps}l%96H(`Uo(^@(|+=*@MzZ8t$5hqu#J1QU{1%l z93S~6v7Y^|RlIc6lad$63_K6bS-!yBz^xkRjsAlM`G_Ua-%JvA!OOTFQwj3(jucWn zIV_mmw4&6|GRf;KJ>Abe{4K>aCF}wuR*-v@U;hqI1J<{!oejK369qb-T}0tF()@O|qGe zBYGB1W45gb=2qQpr{p3Z_)Gq3xvdr){i~g2$C5C^60hqQG0Caq@`vy|e@clU0|w0y z<)2FSv@Koz{VKP0>6!TDaO;2dWNns6z)A1O`jnP}oUmF>DVx{_ojBQS1$rTojLyM_ zDsSj^_VvW0mDb;Ga4Vkmlf)c4eE%CJ&Z{6)mT#im8Nw!$KY+#m$iCVG51-2F$L(gL z9HaM7fQL~nI3k_*dt%Tt>}@)7`WEHSGEq~9-)LA0 zmf&|`GV^?I8y8YcGlxCmi$YTH3- znKNKLlu~(()q;B522-G+9fPH9ti-5uub4MoDth!u*v}7=_*kK@*!0J)V)4(uNA0#Ov7Q_D1LVhlodoD-hJQ9`CyE*GsIBeFBY~A zE>{*cX9ypFkidC6aI}$1M6gK9sR6=Rr%t_h{0+3uX}EZ z4B$e4lxHngCQqg$3mL0GR57LAqlS4jDm=#O(d46N1t;hZ%3~l$kkF7|AVJwQ!U*+%bYLyvE}Lk%FEla za>M9VGXH^w)bdqNtk>7C%CtLnj}%znzF}$z}eEyTj@ij%_PmAUaFKIzP&(gweil_a2+b zT@Y3CoaL*nW=VaJllXV|I4lpgqJ{WDKx)}Vc9vz*v#!msnme#w=hJ5J7L(iXd*!;B z4ug++zPJVJ#KtHFqvk_JISTKh^%+#*3ZP(}iEs}aZiS0a6+f8WwSQNq<~YPiuQK%Y z^bC#P@GCA$FO#g5&ZO$$hKb@ToBoyda^7g#ZnkD{erj`dt!)yF$}{SiVlGNSG~wT4 z+qT-^!WVRZx&K|%j|$=#@rbHDY!O5n=MU#r(S+Q7=FJzGu4v+ecg2+CXkm*3CR=HQ zC|;^x>ug9B-qJAQ>7pC`$hDd3A~BOa;>Sdi#M6b^{LF{^$IXUoj@uxEe3RM!MV4je zr;xU_M8?Jz7MQBr602(Qc*0G7vG3XKgtAV1GtqO2pZpm`kz~HkQ-A#piP7K57s;1M zEZbLfC}h1@Iq>SIoCKY(iMp&h^C;|$alXKJJy+mhdcWrUp3kE*3x6>iA6?+|yrrM5 zeyPO1<(<^;i+nY){SubzfoOU(waRt)J|Q;Gz=?626=73iYr@ERe7ao1r=i z?$#Aur#H@Z%p2awsZgmEg0MxWYG?0>HJ=2g$bOM~+s~tRDGFOWW4`SseG1jws^E+} z4H(HoR@AN;$NPlRaEUid+HxL;{f)}Z2$eA+WwR(;bR}kJsOtS`!C{x zhdF~CKt6U4o@~HNm;)SgsIr*!^=3+1TRXx`6PS%%+q7!M**RHt=}97XZcZ_jmyiif zn8?ks;SMhr@SKvwatOo9in`-i%Q3hE*FE+Vp2eMd_~EHv?VO??dubvVL&HpC&sI2S z*|1h^KG|hIRJPTSy0jI5s6!dFZYXq6FwdrERECVI@Am5ah?<%aoMXjXA3rZ_!-|y} zICx*A&BVN*<@16ikN;v==IZUf)o@#to4PvB>y*)OA>0GAw7#vpaw$Y{?Ty?>)-0mO z^x87Q1R?aTMwG#XTERq(4;jC6sW3X(GHnrWQXNfaCp{Lmot?fCnGJcVukI3HJr z(f9|>89)8mnsu-pvC&j;qP@BYPKULT1fM!6E&7!)M!Q;E@wb7$(OWR+3BrQ}T>7#W z>a^Z-s8X*xBH_eOK?v@;SBv?>*d+I>Rrt&rZACiU@z+QEC<(cs5FHz!&#-1(ib}xEPUV4Lsm~~u_Mc{ALQew<4rU4p-$wTJ3O)wc;&~Fo z{ae_j5RUUhunhzkGYPqrWC8w1*dMm<=3Jpaq zqh}5!s4AfHTA>sSLZihIFz)dyE}s|cJqUR>Bw}2-Eck&3p-I~PFe%6yd?$E=K0*^) z6vFf=nVZ$HKS2cuo%+nYgyW#nr`7Sqd5>!b2;yJot006cmd+v^s44)c6Jm`w=cEBw z1Cxk8pBqE9(1E8%;cFd?WAnofc_LJKmD zKv0*06A=&tbASpmq6!h(R285^H)LvmZds!R;8XbT3l5nHjUW>A+nvX`EEvFdeI#A8 ziO6U$$s<_z`-C7N@Z|7;rdtEs1BC1=eg!bg5qbd$&%C6`0hJtSkLv}T z{HYO~c5B7GimG{c-+Hy$w$h^YIU?rPd?{~^+wte(r@w0d_QvJ`-9QhZb>flIU~i)E zuep$M#p43)UGAHMidws37&QQ1RR99(i69hwS!Gk46PN-5M9i~WSNZi-7$qGAp}IEz zlYLcx#lNd+@7HAhJs03dAt+*t4QT*{1SNyNc94i|ClI*S1nF$nP>Cq02x7iU-k%|n z1cF6hinLyd{r<7ibdq@?xBr6IK{1_fuD}aLe8Yw69|g~l6CVHZj8Xi_j0!FsTmEd% z;K+T~MyevPxkXg|VA6FV4U{=}ikn>5%f~CqGA)kXTmG)R;qc=YNP4tB!0zo@ZhwKV zFl8;dqg$fOo-XSDnS@E+EJeh8W9f(AO?=3-Ub*7|3Q!^Afg97to`94En?x z6=C<|O>fZo89%GORj{6H0h%2_Le&G|oKhrdQ%T55X#7ttAUr8DC;kz)R3(mtk!HUY zWT_Kmo7Q`jL+SovmR%(LcPcE39&bMRsSnC_WNke+8^sPkbk9cvkgiX-*{liFz%WR= zm4udgBe^UOHl}vsBa>2&&oU(JdcLc({UJ!J+g(|hZ4hmFHU267k zr9)C)Tdz-#*WN=2L2p|aah7*}x>REkzYP?jo^(F>^St_Ib&SF(9KcI&{VvW9de1*< z_Z}F?78DpG_^8k_K)-7_ts}VNO@NW)_?7=UGRW4T_=|al&q%qcWVc4lsBW{jcTFQFOfkb||na)gM}pyvFPtLeM{GLX7dK&ZoVd zAJ~AuYkc0z``j&G^COzsUzw(kxQNM)(HMZd^WYBamgzZ?oqWwu`#Qet^q=z+7EuFG zvc2?pdFiF0xqF_{+Sq%~RY4`%RHG9RJ1WSwGqvC9d8}S)Nwl zPCbwbPbs>cEoeW&Q|R`4cX2S4?T$FJ=cKa>sOOgYd;O2QpQ5&5RP_MJzByZK{cq8G zu$R_4LB%a`-3CB+>ZP-ye!MU%Boog3_I4=dcyB`p`~kw3Y+5mf(gza_ zDy(11<`m5AshZA@?Y*65kdM3BNC!@y$mJ5^t~zc9@!htL@gn(-jxqf@yVNi4GV|^k z@`IaZmgkdxWkBBP^}%lwFJ%Q9;9ubI&k9>X4wJQ_%CZ*GAj$eA02-~Y*RFIiEvTK{ zuvs7Hu|GG8sE44KGS9DZPs`iWWlzLLP;$m8sU{tUH|`@=bH5?ifoDv~^t@4-gNV|H;W!UaBS)yMm+{Wla#w;eXz{MBo8iOI zWPTMbILTDMiu41oZB=i*3;Ofs)14@{)k&%0s;;iVH*!uxbfz}I;+awYH-P+iOq|)p zjX{L6b~oEpOqYgcPgvmEpPH<;Re(JWt_WV+-U4<0ed|j(gL^|LOm1}cvfHjujg`-6 zCVVe!@lauJtDRv$aFrKN_Hc$WDgB)%*StQyOj!?3lNGbM=jsqJo+1bKpGV!wv(hdm z>>2zm8x9Tj=aaJTaC<6S*?gNlrVvSp@D;zmN~9&?Qv5LeoaAba7t+7uBO~FPGT!^S zH?brbHuf_|;YK6RaSM;bZ4^sE8CVNN3Np=uobercc61*zY@}-*_B* z5Jnr%%g>7a=!y1?EnsA@n_&d-DPZS2Y#y$A<&^TPluL*Ou>{l%XS@XEFwqgxy&IYs z3Q@k&`XeF7dLhm2E5V|QB9BgP6Bppy3n@KedVj!AqnALfCEG$6sD?}7G2&}GK|6ty z@y5V(IKe4Bqb_NdPUwr{?}j=9`m^vNzT75EOEAv!q+(sk8AI9EWUx}*Gkg*!{nSa) z@1eq<>o@7hQJmNZ+?uIh^v|kXm$Z3*lztw)Hj`Xt1k(72HEsP-yG)LV=WMI|YEMjl z5Xlu??fjz#f{=oXnl$9b7s7h79sAEnn^mztK@NBSBW4l8L*Tm3P#g8kb$NH&D*IRO zUlB^c%#K^ez3k1{saot4v3@;D5_+?MWuf<#670@Rt0J#VP@`+%U?!PiCtr%_M4U_>O^`4NrB(RbakphuROr+XEw zo2!mRH(Q>~V|6a`-O723`|H_iLJ6p?2%{uNe0bwptgTLyP#>lvh{=6Lm%{n z=jzg{XFl-wXsqAE20ilgAY0(+?CIALnhu$#g#HS7AITp-VZqbBUlNvkk9?Q@$S#~kC!1}-Is>Wf>3 z;Qev;v&0}R=yFm?*L@3H6u6ye5>j>dwo(=06Yy^lbIe+wLH-kOcXL`1@sDpZEEP=6 z;Gb(4O6m@4U9a>rGeyb}J0&lHKTu%7r;(YIVrTs-T8ffrTd<}OM5nz@tE-Krwv4&A zYrzKr(!#@29$&Yq8+D&H6mitOl1eA=6bw>lXq>*{DLdmeTEACc;*Z=uw2RRWnpP?A zMtcn6z_3EGgeTg$9c!ntWzL!Q<~hv>@b&PV!#_v!l3f*=+X(Mp{W_QTdAGX4_wD(q zA}w333{L8gV7ZOSmhBI<4S#T0L{un;>H$)+7?E6M;xj4K73mY6zo#AJW8#XXw_i!8 zFgVKbL>ycZ&l7UJ&@7D28rXEuHS*gNW--D;aOmP|RM9qCmhuU=#e%ba2Qdef5 z`CVVzS|M+MEDz+Dz5py1$y+UEY*0X{nPb-h2MS1@9ho?Va#rmL>E8cZL}T zS~jkKPaQod>07%Gt9{B?Y7q6?M-#YLi<5HB>8$RNBU!9+J_ywThkwR(FkowP#Y#-8 zU~536(5yQL^4nd3{-me15mw?nUg%C<>wX+|^?{Q%;UmsqD=0j4bmmu2uPi=_TK-!_w&5x{qlZ!&vmZHPt(Qv%{Av-W6e3n z9QS=s6Zi)30uzN*$Q2PRw3)uo2D@()5|5oTuL;03RzE*?H0$D@QlOUA}W6Y)X; zjW+of2@VuYhGRdm{eOP!t^04@8aTWtc`~GaSv7$JRB1Xd_I3!4v%NKP%cbPf)kJ9A zg9V0H0ZZa&>&(FKY|{|LV3~l=s2EorIm6s>?%PtNBo?x^)38M@U_Iyh8?luiu)lPI z=e^j`o+oi;VC1=X`*1cwqSxcn-0|-FyM^4y+<{Gap=}xP1ypx(wdEM-Z?u&M&2$J( z#uV0^>V0`K$xScn90Lws8$jzFoJ{_u>JYP)WH;O1BZZaW2+B+sX%t;^i+1Z~aG-Y}< zjeez)GrY6MhdbYEJdYZF_2=K?w|v%0Ppr?Y?nIj}=*Z}~+XLHyXs`i@*5-kYpMeH% zj*=H6ND@OBVUbvG{U;tp!oA*wBzHd5C8b}Sz;IQsBqx+cSo@c?+wGs+hI7DP|9WtWO=Z9|Ug7+Df5O|i z#d1xu?B-&W!W@DJbzb}N9fWrH#a{gt5U=*_Kj?fHGIYpL$kigY<=>txVO%qGeG&q( za7QnN?{CQURCx7&CK*r8+vYrzRK8Ufhg&4+DH}#3kWnNb=r#F8P5ku0G&V0+4W!OG z7PE9eK5!WSJfsXe1N2@NfLDmFO10F=Nte88TvK(9@g`SarQqqNpVP*~Nw9rfkov%G z7QkhU-Y;I8$mtsXZ2i_Fx74*3c#+^Z)|%}G#N^@Zt*CqlsSDU9QIauaZCw^R?e8x| zvd%oU$Hk_lDFQEpQtl<}5FtFA6uqP!V&u!sZ)q@wcQ5LgabW41Tl@8J8TXkN?B5RXDdxo17(W0A@f#)yiiyz3 z+c0bSV$W26I6c2S5KNfHok9Wrh+p}J*=+PZ@4KzlPYV6#`*T5D=-1-(FBh3!e?+Fvo&e+HS_5UOlWe|Jdbt}pw#!3Csot^bupszl$IXzuZxY-IgxM( z6cmK>>&|<;1#L4r5m(KLo*6s5x~n(jR#@nH7DPZ?uI`xD^s@36sZg|I13Chy*KBkg ztw-kG&#o4^q6>)Vh+zNygza|z&IaDjJ+5)#WPWq?tmbW>bpsil-PHjVMD*cnG<$?< z^S;CUt0RDY+UxX8RT1B+_euPHKG};CbW@&sO(;8V7HS7M)%lTp8(OA}5B#ZMm62Mf zrJ(e~eWODWb9pQ`dRB6OdHlx<^%C20JxztpNRd8Lfhd|Z+FSkiPo)yALkGqyEZ8vB zxtnmY!jlghzADs`@~}EptveOjsXr?#$(#i>F1#(f2$8wFIWpq1!k+J|R2w~*n*uE< z(K|(02#QAHcxobrX-2LS?IeOAUNNYmsa{d$Pj>HoQB`Km&=BSrO28)@R$(EF+dQ5n z#r5m1+;^vLRr_E zZV0V_(o2U!7?;<+VQk73`K(hkX^iI$Ttg zy3u#Le@8lgR?ny`M)a2gT^CcM=rdkv!E^}Tokr~&k6^5PAZeIX;|l}VBo17{gE-uT zSAFt3OZF6ewzAHGvV^1pK7RCT+d}=sDS=ami03tLFBna1+WRK*t%T?34fFj`4Rw?{ zTE%UbzG;qhBQy*&>A>FtAZrdY{)aBS z#Pk;!lIJ`D@*OMg<RoNi?B=dmD~6IBs!qO_X&s%l*O{6Eaw~Zy{DSL+Bzh>~?PkbXE(^WLDa~q^efhGC z3aj_=l%2-yp5j}qMDJ*=_%+k-$0Z*w_`B8#FlHNw&>3%ABivWfx}54O(s@ znY^VTHlLxp*0amiuQB$4jLN0MANm^OT6e8q zNY3h&$gb!D0j&2_crMFa=YJWe#@|}qAf5aLQ)Wgx={TRZsmBuo@{0y5v@q)imY0-6zBO-HMig7>Lvu&QoI&Z zgXk2fb4A$lzqo0M(j@J{ZDOeT<%EbiN%*Dw2tzHczq8A?$0Q!1TU z@l!(rGoES%^>A8ub>xJ5kLFtGon$GeDcA;ZUY54YzdAfsW+404js)9E-{hy=%(UvY zhCt1+54nbA`6N^|uLp8S!UvkG>BVlV#!=pUiTg6hqSg_SmWqY%PDKB$BkLav@X0G7 zx~&)V))}c&6PP94v~Q!7{S+~6pUT@-9R*sV+@q5UZW+_x6{=mJ%%1=L_IqE&N)pPk#Mp5iO#xov=&d9P7tPRdZmK{Q+cE`9uw zO?Y&(i&o^hdh*e#PQmOZ%oaZk$KXqNCDPw4;*$bD+l=r%d%8Xrnr0EYQ?XKTRI8sT zkZGAWAzgit=#mhfUU!ZKPeNgf9}AP)+d3PAjB4v~pSgX6jL??P{;YPzf}Zhnog4YM z8Ly{ru2Ow|(`4$CL|y$-V@%JB*iO+5Y9KOFFZanS%<7%9%D(>$5Lg< z#;`LC>lFFe3vm97LWQ50WL!(kav`3=dEipNGwwD$@;dI>)ffkl6AO%Vys}@^J zKPdr6ffz`tC3qY{vS$2BOv^Zl`!3t%o8*7QI!m_qJ0q}8BhdQZl#wekb-<4^%6)~! z$Q8-Jc&|LbBlg2`KxjEEAZlNVl6;B8pJXz2 z7ug~kp-~POc`Mof6=UN49e5&x0kl0NB)7CRQIEjVM);{OFFtPsUKNt9YxEfr!)HT8 zri-tUPVQ?Y2x-CY4Lg9#okhZ(^o!q?IlGAP;s zyT)v9d7wrFq~Y>1A*$m83egB?`4w(tEjKP*W&q;BWl)NV0e3W$b34=?5_45Age1v> zA!Q#_W@5(97FmG>m_oa+BX5npV&}0Yy?)Xo0=u`Uq-nyqbWj;R{WE;8oybXmUh;~% zFZ(-0fk@D4KOG&N2x&w%!(VC`xiT=KPi^X>A|=B~+X`HDH-E42Jzegnqox(z(?H_B zM=vNzo^8)XfkXNgNEauxy^Vsf+jbfA_kKjBYa6KM0l%)R5${+`dTT0zD)}B2 zmET@rJzE{Wnryk;3N#ah)AOz01vHwma+&A9zornnT}J);RyFnSd11#n*hlJo0m`g<^fUd-7qus*n2U^yKJan7n9t{!kPkfpy=vu>kU~>Yj3Jm#4~A zo~1o%7zck_h`KOW6Q~HOq12*-hj_mp_vb|Q*B(3wQUZNt{_%zrXrH`c529~~D8wPW zoq!O^sL9to5UW8tyCb^V%Jc>+!}?H6C1@@h(yWN8yymSLrgUHk)k;o5^Mj<&X1p`?Y!n$!0d0EzU-Khfz*QPR!q^ zK?D+a+W9l>rW+8N+2M9xVZz}FM61-3E4}5P44iu897+evdv=q=rEg@jLfPU&nIABmY~5+KKgl zuwocJOLjHc2{)vyhk?u&0;?-Q;vzkrnNWl+E?t*9 z8Hv$IAO(qF&O1Lp;yW8l2m5&kerr=cAdM9f{>i2(lyS=>;rGMky25*(16_U4#Mb(6(WB#h zwEMUnAn9?tdDxNPyrs$OIYINu=uncFyBX|;Z0~4D2uoA#v3S`mHjBTbZ2}^T!3>^a ze$U>@kmv?RsV|B6B3_^zXWQAqEQ#=zKgAruNurP93PSza!17|OI}kge7gd*|wTdn> zsy$j4?W)Z)I(w1%7rN;m?2r~dV9a6=t<1bz#|ZDOa(x{~;e7Z(2EaPJP>*&k*!gT|Ik)gBHK zZQ0Am*OQ~t<-aO$s;biNH&Jv}>5nHW@Um1(zsp5JzeB8 z8bGb@+f5ymi9v9Nq>xy5xzc@fwa$TR{LPLRB`JqwBwbc97!8F#PWH{?SkuH2 z$U^Ag9vU-sF7?)R*;pn%GaB{8=em9u{W$o$9wUOOA7;RPXQ9b`2Vt~&Nu#XtaWSLl zqfiO~UtZ_z?ZdU!JkPqUO!-gJ)(nAplC7gFqo4CW4XXJG(Y*ISGWXAPumx#Y>`9qP z88LP2Bu!Ee4-LaCVj@ZY18@5qJO*+vBj-tajEbb`g@w2*6f-Y==-eLtY(39Bj_;iP zqwGjnsTrM)V^umxq#cCp1f9#rJ8KWU!1uxOo?2Ab{>do1=f~*YemESAyNYA_c6gi= zf3YAuZ{*p{E9%h#4nl6aizd~(3f?vHDq|fP7Waonc|k@m z^xbn;-Uru5M;*LRLkVPut6#qqaq%Nk7uk|Ml*1;`ei`a2X+_4uzW&QUOY=3?z21*X z8E?)XU9Y&jSp2B4M6my)i7E+etmU`Pc0-@hSrKry_=)yap~lG zzG&m@6}58dn1&mLwRv7PvRhL@7m_cbyCbWYwP<((DBZ$>80)gxWI)$E_ zXQ@0qEtgn-ciH9vd;c0oys1f4`1QWm(&U!XW#7@fBTd60Z>yi#8cj@dqwO#XSVAl~ z*;WLEy+)BqH1h9?_*E@!V1cFjbNG=FHhkYq&^1Jih3AknzRLoGQL=l zBz<5wg;mJoWXN>Ft|!xP5_e%Oy)!eSxa~c)IXLf%#*Tuk!=^;zIhOab4(~r{!mN4X zym|6#wpAST&xcrJeoVL*?uc5rp7U5_W;X;5%yEJIr?4Z(m$(uo2VD5Wpr250^uvCR zZR&-jbF<$hWPn7+ByWX9ni|OwrfOXbq1U8zV|k5F{KD`Q-}h!t+8QFanHUK#h@C z%8jsvY}C#s$M#G#U>ZgSGbu<&+6mKAStyW_=sDUINeE*4Rr@iU7cg;&+a0RSo{nng zxNd%Dm`RDI^O+rL=I2MKg=IY`H`>`ALyk&Qlw~q8T5AYw#Hc-omcQoJ;^n3 z6^vgC;HSzBu8$ z#&@2Fb>HK8Ru&AwbgwO^HS?}X2c|+rtHo0cP@W&ROTh6@o72@pH8uXhrL>~y_|zrF z?)bUx$GFJ2OR_*rmKSV?kZ>I-h_v2B@XJ4%OCcZ@~$`aM{v zsJP5@nW=ZZFYe+leL-v+=F2jzqQu)ftPID+5p1A63LU-ANYX;o7eN(#asP<^HnHjx!REwMO-MH(bdUVNx6U~Kw{fEi3-_G<8+fIV>z!#^h}vB zKk65yUcZg{9RhZSh5bs_p5t03O=vxB6BvRwjdhLEz4EcI2oCG&n1|J1{uNJw zYK~W~b`sWfW*M)TGr6>7Ixq>MwXV*nQ;Q%6c3_C&C zKjc$b?dTobug8X?|Kem|IVt#E{w!gpzE9%of7|RqJQ*uI+upGgI8MWi?!2YEIS_4# z8;JRvFxN2`3o3IKa&E6GlJrJL*cn)@fZ(afixD@o70}#YSXGV3$)*oTRg`m}+Kh`K z_8`e-ET?CrBh*iKd-}79I%96CtqTB&!j%(=C1`^uHi%5U67%nmuH|!Lp}JO;0HgNt&CjAxVXe!(P>mw0Ak}6Fs!e zJ$76?3DctbpTFshO~`0iiIl1*p4;-tAtCr?tUZ0fZ79e-QcEZTw(654nhWe&RJR9%!Zhq^a-dNj)P(Z7L#|(DW9Ff7K0Wp1$~`kmOR?Ybj~0j zr_hw_3}nmuEdw0GREF+YJ7JXX+Wo$3{gFpK(>I+URa=4n9^D#E9RCw_s?qlf!7Lab z^&_fLx4XJ)Gw#bM6fw!+P}R(5xN>B-S~pNP2_+J??@9}WmX?WZZ*blc@)mkdNi4ds zA%}8(NV}edOV|3+^q!XK^CL>qdpTJK_Ga9&R0K~t!oG2A2kIWnrpp$tsLgTg*60S@ zMOV8k(^I8H*4Smg%H`h@#Mxr!(9bNEb>S>b+EwVAP{0)$kkso5!tkVH*GJz+S@ff4 zKM-?rHGs*?_!qFpCcUagTj>-+;}S@mPR>%iO^M>&8Aub|3?t-P$m+`)>&HM%vPhL) zgN?z<>u&lfpf@1m{R4sh4~U)gHB8nr{ZxyXsjZ)9ZZ7hd2z_}c;$|mqZ$;)T^U-uw z{0k)+&T5eiZwefp!2B|8JX?^t8Nae{;D(i*lP|`0dX}}Mfl2H6T*ZTP>Xf#Va`aeD zn9kWBt-U@cMSE8f(7^Eow8>g`N!_e(Xy@8hI$~F+V@Tsxu9qpG?JJu--9RgAV%_%f znzER6xVcJa>S5Q?aYZM1Sh8D^bXw7X2aY*#yHC3mXqka-n7PLkygGNM)jMx=gY~?Z z(88eSF}Ia=oUwPcqpyMeHMWUd7Bso4GA@!mvh{S=`wEmkLk%6XZfTUGjBYDC*&=r- z=iQYe>bI&$xjx^x_CE4gsoJf=O=1Ha3;!U-t*N)3Y+F;MjD^3X*oX!1$>_)!)aK0e z${O1Bb9%Wj$<|$%p1FhI*bx~vyB7W$>j6YSe z|5oGrXH7Lh6uRQ`n?JsiT!rWSiADKG?tc(=YlCuAP`X>g>=Z37rR?SEUKk*e2JZ>X5M3)My_$ zqz!x*f|M~v5M>!6*JDonVK}&_9_Olk=)X3_eW;+CKl#nD3+30`GTW_G$AYwhIz;Bu zf8jyFIQYF5lK&SGx(=aG@WdRP!`DUB%^u9!FS41CA#Dh4PJJbL6FOyv$xy3|aTCU- zs9u?l6@M5uR_eWI9dOwGISq~rVQ+ri5^^Fh`deCzi55Cgj2>Zp37r-(E0as%QUCLr z|NnZ;zGp)d)phy;3*K~RPt`NO?f;LFM%^^eIhi0wsN0Ko`hC-#(m&E;i8llplc!ecAAvUNq=U&W9Ng53Qpc|V9 zoEY4Aqznd&HHPEaR20jd|S7b~mw)7@*QafF!)NY4^9z6)!Kr9fVO{OU0vl)rQ zU@TXM4Q(JaOq0hNqk_Ip%EoHQYqQGj+vow z6xf?)^z?^HrZ^VqzZ&5yVEp9m&r=t_)$z)q0EgTj3|}CWC`n2A>f~rjZEtUL^a94$$mxzAbm5jGhc5EAI04Bl43acy+xyvp?{de0*G>9~*k#e31J?;X0rE*Kp*1 z2^ci5-6$<4xPJs*l$p$HPZlWuJvvan2k+F3`rSAylndau1}hi$kb8Qdoc3u!5viX7 z>SrI7je@eII@BqA|7Qwvy&A5&yURR8t`|Vt%Gc3a70}SJxG0!Vx`U+Oq>wT>l>5&q zBV`+C!*DmY6*LWN6}mq>LiJu6$_|$$UE8R|aOI(#4=+=9l7&DP%4z4BP_io>JxE{P z!gINwhUk$&AMv0}#^i_x15~F4R*)W+ZUbc|eR%ygUyF^A>wlX)v`rq`Mm=w4j5DL2pZA}&M#|^lS=TN2WRUh~gI#8%HJc-C zaE0-i8F(Tef`)+?b4AjXBRZG_8Rw7C=B6)u=jhO}NICBLY}Up4!W~SSacI-Nj+k&! zG9?&_6c|Vm{wxf?!DEVyfluYiWpRJ_Pm{KfD9J|~Q9oojlwmmRoRNz0?0)(>!WHP} z74!xfZB-9E_)l;qnhV2&5oesR|8mDuxMTT|2lBj4J*dv8^ld$2HI~ro-kI6&$Vhm@ zNSwKS3r0pl6|VDL`s#&@vBg)3$V2ZTR)hZ95U~hu_@)fj89pPHG6KCc8+u!f zlsnzu<4#*T^VxL!ITCKi?tOo8fv$yo@DsJsd__*cL4a zu^Jn&n&CmRWyDfeVWfxq2sx2*KD0r%2j?YXHThsQx+51}{$VxjU^R(i3dk_oz%UI@ zFfYqMnFTCb_FU&Q(wD!d4d^2Wv_Xr*@f`BD)!=Q%d!}0ecu)iVhLLv`D9+Zj2zAb06oIz*tBq`k7O0R!>x6Rbi@V;uy5K7BRQxE zjSQgOX~VvK2J)V7(8Zdt%5B8CK;lfBj zK#-xHC^GhR>iCb}a)8y^@%`};QxYtW2LV>;1rF}GUWo;B#e(l&6@UfUG5mQCnQpnm z!y-GqY)(iTlhglEKUUe!A9KYB)o{_%Y*h6D;fOiI-q(e2AMrQ=51l;mg4Z4NzNo&! z^);Hd`vN2m*%q8~Xz1DSyD6PYjtl6eScA5s%zYO=ye)mC_UgIk(HLiv6`7rC%JXM2 z>-azSqLS!o6w^g+)8!>OkV)2^hcDr3VwyS@9VK34V~MZ%*9oyodOGw=tW)8VUd_r5 zOJY3a3}cqmuUV!tV2%CyMe7EJEqoedixjtiGfTQ|rbmQgp#Olu{o)e*`|qWETo@{L zyq0c)l>nn6G;;H$d>s*7qV-Hu{(HSLse~GT5o&p1$keeHK_52sH`WR5Es-~2E&m6HI~28;>A!WfVs_vR*rQF9Hja%aji^7xLM+N z8wY8Tq0gp?dr%I^-+ovkOkhGod<61!O7QsT$LSVWWAKo&9`^UU;I&LCFj8Y!%4;?>j?Bb^@cMyX|j@Z~f#bu=Q zDulD&dJByu;M~&y;VD8exXj75ufS5|}*mVe%}N*EefT6m@wcewniU-F2Cyc!9hozc1Ha z7@cVPa33xAf>IyHr4P@#EmadiQIUIX91;XB*gW^=%un2S>Q21%QTr*J4RKoTB;YGmdGO>Ni3#|<)66buvY8)DSY zj@AMuKbQ@wt0v#PrmN92G?vJ51=U|@Y%Cu^a|sgD(bIsH2ULdV^gh4|xGG2zxnHXm zy^!yyO^4NMI^ZZE2vA&Y7LKi~h0*~`LN2ZIYYG;ha~h2S6M+?c zFz{qy&Ip!{HDw~b1ut`*wy-|6@ddlG#wR?z4aIYe;wU^ETmllmCso&71!eiB?^l*r zl1(hR9!v+#1317zV)5M_sK9cT`X&Y$e3C3UKke|ElwcyzDBb(2-++9=l*OF&XV zES-I0$^EibJUc%Twa5)!m--9U&`&qV@L)+gm=o<+MNH+HSfCNVQm?*yiUT{kuNs#J zqTzrwoCx`AmMh3fg%^1xjXZ#rIM<`V@BDK*^=tIQ^|A6^IACnbkQ`BJ9OHG}^xBAP ztHDx$)q@yTA4+g$IAVlxFs{RTBHMS6Diau7(|SL=JUE%};Wsah8}E&(E5@vh7+jjj z6xtG9#xGUW3Ey&IXxL0)T^sxmZ{X1*S6}f`i9}pi$TjH;WydqW36tQF^awdpV$E>FgN~@{4#?WlV4yuo zrfUd3iL(V$-JD~s{!uhkwfGngg6-lwck!FuM}2Xf{0 zD9@$5Fj{;PvP2yJpx_kYa~Rjb)S8a5Ob+nOZo!i62b;dbFBYv5UR9YMUE`s zR^p4|$}u^^SPp+quw)p)MMEQ>R+5#{L1!gRgw}~zhx;S`JU9kvFvH8HwqGX=&V@f@ zg_#cv!>2OmpXkRzDhflks@Lg57Od{GNt!62ApMuauLbL5n&!eqye1v^LthL3Y64tw zXy}w83r6a9zGhyBCksnnaAzDVnCuiCOn-m-uMar?v_a>;W3eWr{>nG}CRk}OQ^=Zk zL_w?mpZ3sHvUN_B9eR~eY{5m4sRukZ~Gih{_IL-JnXg+ zN_Oh@4{FozLMMaJWSaTSWAko2S=LA^S0O<8%oQhz&A$Mp*TMXInHPi~wO_QH$dBEv zS>_ypGi$&39j-m`z6uWAE99(7Ky2JP^}1XGUUKb&txdbtkF770M0u(;u6(yT}Hxo4cgV^F)6~L)ygLU*U7vXwhr;ox>r7w&21?E*(hEYc!y+D%m0b1>0Ku+s=g5QSzXU_zXkW_>tb zF+O{x!d;^qck?k#u-ESq^KC$Qdv6f`_~a5JOHcYRpKM7Z@}{8>=NHk z@Yt-!m8~o0CD*-2D94dyi_fotD}5NJP2HgeHsb`&AX2_*TIQq zqG4KP0+zk96|uQCddXfcLj{K0J@0RCm)4%B-HAQxzm}l=wyclpbc-ZbEV1DRhBm&)d0wD8fw}oQMuQijc?2$ z8p|5uhq4oVRMo!|0r-0xIsFwhLarsup0-MyYE>B9Ns-E5co*_}98ONjGd`BS;fmLa?T4~<#KU!B2L0P2qVQ)2;f{TM| z{qRvd;r7yH&E+g~yY|H%siJtGw~*=*-~6dL#BKPT@St9B;$r^?--UxOkNrq9_Bz0G zL*zdW0rsnmO4j~Z-NltuXx7kshobXMd`<2CguC{9ieE<1(!J=Guz6=k;!B_2_-)or zwm^^<0B?=pVYsiPDs~z%$v2eEf!*O^dIUi;kIV>3pu9o+LEJE5_HtcuU)s+>|T@K ziT$$h+_9-G3iQ;s8{(XNKTOac)*A!|Y3TQME&WXPSk9eFld!M6-<`swW5KIb<)?jI zvTV}OxOW+~$n%@#4LG%02T@TAch}M*#4GHgp1n8iAv7Rj&rJoI(5$#hVw#3^dI_To*YtD_5?^>9s+b&3wy0){Eg1$%JqoQLeKsbxPf0y! zxIpYXL0wjLx3EF<{KN5Q97|`m3bA$0KR%S=>{&A5VJ6|c>0Gc>a|^PxY+$h<5|#DS^M+A6&s><`ZV@r5564MF|Yf-GhJAB@wI=mk_>61-47{%T^i)$6O{~Yd!j{F_T4g__~9V zrJ6&1%*pMIx}|cJ?%-yoOYrWHb2UWZ6L=Wv5I7o4mtgJ(lL{t0;^1v%@a$ z_15f-7v0`Y^g-&kmB&iDMxTtoA|jdpIAEzY?!L?6unJ4tcc)L{@*8?f<9Yut_LD)w z(0P-p^lf~|*i4_`%MFkG!%Jncv6T!)9)VOvFKWqyCY3IucKLVKL}Qn(iacDJJUeyC z9X}`G5>oz2(}V1@mlDrzd)J^8Q+J3|b@xzned)OK53i&CT+y?=zT^vmxYbMr)(fL6 zg=3jw^@>znD|+F*UwBb5PUab|u8I%2+)zX$xM$|?wPvjHhRcf&&q!Zh^_^;2)9I`x#Qk8nP5?fy*lo39*JV#nGmT6)pkkIotyPf4+& zsX8b#!ybtRO1zbaaWo!V75VK`+Lmyz-rt zkbuI9-^+X(s6`f2LpIupXWbz`ljE}~U+*`&=&5o}Gr#_5CW`V88KB616Hq2%xH43G z`n0^kZ{lltAD8o_m0Q}a_b(;zRj4wor}~VHWzEqjRd?A}r%}cahsdlU`HZeTcSr#3(h0`oFlyT=q1<&Spi#uzu+*th zrfeZKLr_1tyCAV&_+V;E36&k2&9gM>TPuFzw0W_sX^nTs;&yd>ipDo2I<2pI=E?43 z6lwG*=^&;oVDB>byP8g}o8n(lStS`J+L_9)>!gP?=qyw&p%#A!nYF%J+w5*NC|jur zoCz5p&`jpdbg|d2-bv9gr~rhg>`|J_OLD57puma(sqBaVF_jXr0o1QAh4-9{{(KdF zYTof$gcx}K@G?5Fk*yBN_tR2@J?t|exWMW9AgU&r+1{%x4= zIpB^^y<0AMYZ@VTQ+M@!h*6^&WBmKtFYJLqvmLBTLGK{SlApP}Q{6PR%kF6JiO^_M zXl?P5PK-z2D7z{?a1wu`XV)zy z24%NXg!k{#?5w}E>#Lb`*y*TGOliX24C^qx)f(ISy^~)IgYQ@vplS zqVj0}BnnA|iX@*k_!*Tg&0g8-dHq`)-Sb!$7 z0g{SjyXE$u3n$nB#6M?rn#E(?w~tyB@!u3a`Ym+FlPj+?YRKiHMYm8(6`nfdVXoue z6aLRZRHu4{fy|y<76(Q?Zx#}9-S%aF?pRxtH~EL#5e{K^KzzOZ{#mK->2^WHxsw6= z)~|VmHJtmgqO`c9+W7ELot9S}n<+fqeU(@u^C}yQt9(WkcQU`=TNl2Qn{f-0og_?6 zRb|Z9yW`qjmsPJexpKYH-*3jHXg8{eu%q&Z6Jf{R{PT(pnT|@SUG;v-9dc1a@AP^( zV~f)EF|A%B39Hk}g4XWO)HIxX?w6_s*(kpF{wXcQx;LEz;z&1TQ&7`VK?PLn z=COieD>13Rftmeqry>9G!dB+hjw9M#OW|g!tJ&^9ndb(nLY8Qg_BsP6Zg=mCqfEIU z?Jdc^h&ReuiO<=4Yw0=iLw={YNbX4$^QV{9`1fklT_`&RdEQu?B+Y&5L&e=rPT(Iv zWj*yNkM3!&>M2ubpm2U!dtYy(VzF?BupRq-jebhLplUV^LrD#M6)-SQEeiLVtwcH$ z8)s%NsSse!@b0*dWIgh&!V&W1ce*#t?4e_2c_!GaFulxTHNJbj;P*_asp?dYRaVdk zfoXd<8>N1f%FsI1JBxW;ox;}X`bqiEBwDVS!N)IhwI*vdM`^SAK3_t)Zc{NgO4jki zrjR+&Lm|9jHqD7mlfH{N*ywk$Ty^sP*e@P~^h?>e#CwH0E4Xi9Emf!sc3hJLVy2l) zAVjY3ZPC1dAr9fL2TWjg5H?LIXXj9$m%>2X?nf+>73o1F_0*lC^Y6##LcCj4ay=#h z&d&44WvpnsXaFI0S?`r)*}BK@j2|cIZdm#7Slw}kmpiIZ<2@N_VvIMicgywo+(YIm zKX_~qHy_SjXh?z6OA#_VeYnZ_EQbL-4<37`G-w6|akJ~7W}u%>COkuhR^}ew0W8~_ zsUe~De{Y5VPuKo0erx{I)0JV#A(WH{ylgEl^Vpv63hItT9Z;twT_mvDjEK)l# z&MBuO4hHl}?3(e93U9o(636AV>0zlXvDKA1%~O`^l5e(yOyUJF%xj6DUiD}C2+0F+ p!9JAk1k*PpN%_~+|ATHj@b-(xig(X!mO_JnN^ Date: Wed, 3 May 2023 17:43:54 +0100 Subject: [PATCH 002/210] removed redundant imports --- .../ruby/experimental/UnicodeBypassValidationQuery.qll | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index 96dd0492e74..3b353d5b339 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -3,11 +3,8 @@ */ private import ruby -private import codeql.ruby.ApiGraphs -private import codeql.ruby.AST -private import codeql.ruby.Concepts -private import codeql.ruby.DataFlow private import codeql.ruby.dataflow.RemoteFlowSources +private import codeql.ruby.Concepts private import codeql.ruby.TaintTracking import UnicodeBypassValidationCustomizations::UnicodeBypassValidation From 1247403d43a91d949b2ddb83cd525983e796cd60 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Thu, 4 May 2023 08:56:45 +0100 Subject: [PATCH 003/210] Updated expected results file --- .../cwe-176/UnicodeBypassValidation.expected | 92 +++++++++---------- 1 file changed, 46 insertions(+), 46 deletions(-) diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected index 37f65079501..0392033c948 100644 --- a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected +++ b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected @@ -1,56 +1,56 @@ edges -| unicode_normalization.rb:3:5:3:17 | unicode_input : | unicode_normalization.rb:4:23:4:35 | unicode_input | -| unicode_normalization.rb:3:5:3:17 | unicode_input : | unicode_normalization.rb:5:22:5:34 | unicode_input | -| unicode_normalization.rb:3:21:3:26 | call to params : | unicode_normalization.rb:3:21:3:42 | ...[...] : | -| unicode_normalization.rb:3:21:3:42 | ...[...] : | unicode_normalization.rb:3:5:3:17 | unicode_input : | -| unicode_normalization.rb:11:5:11:17 | unicode_input : | unicode_normalization.rb:12:27:12:39 | unicode_input : | -| unicode_normalization.rb:11:5:11:17 | unicode_input : | unicode_normalization.rb:12:27:12:39 | unicode_input : | -| unicode_normalization.rb:11:21:11:26 | call to params : | unicode_normalization.rb:11:21:11:42 | ...[...] : | -| unicode_normalization.rb:11:21:11:26 | call to params : | unicode_normalization.rb:11:21:11:42 | ...[...] : | -| unicode_normalization.rb:11:21:11:42 | ...[...] : | unicode_normalization.rb:11:5:11:17 | unicode_input : | -| unicode_normalization.rb:11:21:11:42 | ...[...] : | unicode_normalization.rb:11:5:11:17 | unicode_input : | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip : | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip : | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | -| unicode_normalization.rb:12:27:12:39 | unicode_input : | unicode_normalization.rb:12:27:12:59 | call to sub : | -| unicode_normalization.rb:12:27:12:39 | unicode_input : | unicode_normalization.rb:12:27:12:59 | call to sub : | -| unicode_normalization.rb:12:27:12:59 | call to sub : | unicode_normalization.rb:12:5:12:23 | unicode_input_manip : | -| unicode_normalization.rb:20:5:20:17 | unicode_input : | unicode_normalization.rb:21:25:21:37 | unicode_input : | -| unicode_normalization.rb:20:21:20:26 | call to params : | unicode_normalization.rb:20:21:20:42 | ...[...] : | -| unicode_normalization.rb:20:21:20:42 | ...[...] : | unicode_normalization.rb:20:5:20:17 | unicode_input : | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe : | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe : | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | -| unicode_normalization.rb:21:25:21:37 | unicode_input : | unicode_normalization.rb:21:25:21:47 | call to html_safe : | -| unicode_normalization.rb:21:25:21:47 | call to html_safe : | unicode_normalization.rb:21:5:21:21 | unicode_html_safe : | +| unicode_normalization.rb:3:5:3:17 | unicode_input | unicode_normalization.rb:4:23:4:35 | unicode_input | +| unicode_normalization.rb:3:5:3:17 | unicode_input | unicode_normalization.rb:5:22:5:34 | unicode_input | +| unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:3:21:3:42 | ...[...] | +| unicode_normalization.rb:3:21:3:42 | ...[...] | unicode_normalization.rb:3:5:3:17 | unicode_input | +| unicode_normalization.rb:11:5:11:17 | unicode_input | unicode_normalization.rb:12:27:12:39 | unicode_input | +| unicode_normalization.rb:11:5:11:17 | unicode_input | unicode_normalization.rb:12:27:12:39 | unicode_input | +| unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:11:21:11:42 | ...[...] | +| unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:11:21:11:42 | ...[...] | +| unicode_normalization.rb:11:21:11:42 | ...[...] | unicode_normalization.rb:11:5:11:17 | unicode_input | +| unicode_normalization.rb:11:21:11:42 | ...[...] | unicode_normalization.rb:11:5:11:17 | unicode_input | +| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | +| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | +| unicode_normalization.rb:12:27:12:39 | unicode_input | unicode_normalization.rb:12:27:12:59 | call to sub | +| unicode_normalization.rb:12:27:12:39 | unicode_input | unicode_normalization.rb:12:27:12:59 | call to sub | +| unicode_normalization.rb:12:27:12:59 | call to sub | unicode_normalization.rb:12:5:12:23 | unicode_input_manip | +| unicode_normalization.rb:20:5:20:17 | unicode_input | unicode_normalization.rb:21:25:21:37 | unicode_input | +| unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:20:21:20:42 | ...[...] | +| unicode_normalization.rb:20:21:20:42 | ...[...] | unicode_normalization.rb:20:5:20:17 | unicode_input | +| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | +| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | +| unicode_normalization.rb:21:25:21:37 | unicode_input | unicode_normalization.rb:21:25:21:47 | call to html_safe | +| unicode_normalization.rb:21:25:21:47 | call to html_safe | unicode_normalization.rb:21:5:21:21 | unicode_html_safe | nodes -| unicode_normalization.rb:3:5:3:17 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:3:21:3:26 | call to params : | semmle.label | call to params : | -| unicode_normalization.rb:3:21:3:42 | ...[...] : | semmle.label | ...[...] : | +| unicode_normalization.rb:3:5:3:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:3:21:3:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:3:21:3:42 | ...[...] | semmle.label | ...[...] | | unicode_normalization.rb:4:23:4:35 | unicode_input | semmle.label | unicode_input | | unicode_normalization.rb:5:22:5:34 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:11:5:11:17 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:11:5:11:17 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:11:21:11:26 | call to params : | semmle.label | call to params : | -| unicode_normalization.rb:11:21:11:42 | ...[...] : | semmle.label | ...[...] : | -| unicode_normalization.rb:11:21:11:42 | ...[...] : | semmle.label | ...[...] : | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip : | semmle.label | unicode_input_manip : | -| unicode_normalization.rb:12:27:12:39 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:12:27:12:39 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:12:27:12:59 | call to sub : | semmle.label | call to sub : | +| unicode_normalization.rb:11:5:11:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:11:5:11:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:11:21:11:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:11:21:11:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:11:21:11:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:12:27:12:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:12:27:12:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:12:27:12:59 | call to sub | semmle.label | call to sub | | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | semmle.label | unicode_input_manip | | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | semmle.label | unicode_input_manip | -| unicode_normalization.rb:20:5:20:17 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:20:21:20:26 | call to params : | semmle.label | call to params : | -| unicode_normalization.rb:20:21:20:42 | ...[...] : | semmle.label | ...[...] : | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe : | semmle.label | unicode_html_safe : | -| unicode_normalization.rb:21:25:21:37 | unicode_input : | semmle.label | unicode_input : | -| unicode_normalization.rb:21:25:21:47 | call to html_safe : | semmle.label | call to html_safe : | +| unicode_normalization.rb:20:5:20:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:20:21:20:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:20:21:20:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:21:25:21:37 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:21:25:21:47 | call to html_safe | semmle.label | call to html_safe | | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | semmle.label | unicode_html_safe | | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | semmle.label | unicode_html_safe | subpaths #select -| unicode_normalization.rb:4:23:4:35 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params : | unicode_normalization.rb:4:23:4:35 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:4:23:4:35 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:5:22:5:34 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params : | unicode_normalization.rb:5:22:5:34 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:5:22:5:34 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:13:23:13:41 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params : | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:14:22:14:40 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params : | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:22:23:22:39 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params : | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:23:22:23:38 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params : | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:4:23:4:35 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:4:23:4:35 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:4:23:4:35 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:5:22:5:34 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:5:22:5:34 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:5:22:5:34 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:13:23:13:41 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:14:22:14:40 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:22:23:22:39 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:23:22:23:38 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | From 3abf5d1bd25c44593b2fd1119faf6c2918d81a55 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 4 May 2023 16:28:05 -0400 Subject: [PATCH 004/210] C++: stitch paths in array off-by-one query --- .../CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 41 ++++++--- .../ConstantSizeArrayOffByOne.expected | 87 ++++++++++++++++--- 2 files changed, 104 insertions(+), 24 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index bc68a7f14d5..af41bb7222a 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -14,7 +14,7 @@ import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysi import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.dataflow.DataFlow -import PointerArithmeticToDerefFlow::PathGraph +import StitchedPathGraph pragma[nomagic] Instruction getABoundIn(SemBound b, IRFunction func) { @@ -93,11 +93,11 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } -predicate isConstantSizeOverflowSource(Field f, PointerAddInstruction pai, int delta) { - exists(int size, int bound, DataFlow::Node source, DataFlow::InstructionNode sink | - FieldAddressToPointerArithmeticFlow::flow(source, sink) and - isFieldAddressSource(f, source) and - pai.getLeft() = sink.asInstruction() and +predicate isConstantSizeOverflowSource(Field f, FieldAddressToPointerArithmeticFlow::PathNode fieldSource, PointerAddInstruction pai, int delta) { + exists(int size, int bound, FieldAddressToPointerArithmeticFlow::PathNode sink | + FieldAddressToPointerArithmeticFlow::flowPath(fieldSource, sink) and + isFieldAddressSource(f, fieldSource.getNode()) and + pai.getLeft() = sink.getNode().(DataFlow::InstructionNode).asInstruction() and f.getUnspecifiedType().(ArrayType).getArraySize() = size and semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and delta = bound - size and @@ -109,22 +109,39 @@ predicate isConstantSizeOverflowSource(Field f, PointerAddInstruction pai, int d module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - isConstantSizeOverflowSource(_, source.asInstruction(), _) + isConstantSizeOverflowSource(_, _, source.asInstruction(), _) } pragma[inline] predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } +module MergedPathGraph = DataFlow::MergePathGraph; +class PathNode = MergedPathGraph::PathNode; +module StitchedPathGraph implements DataFlow::PathGraphSig{ + query predicate edges(PathNode a, PathNode b) { + MergedPathGraph::PathGraph::edges(a, b) + or + a.asPathNode2().getNode().(DataFlow::InstructionNode).asInstruction() = b.asPathNode1().getNode().(DataFlow::InstructionNode).asInstruction().(PointerAddInstruction).getLeft() + } + + query predicate nodes(PathNode n, string key, string val) { + MergedPathGraph::PathGraph::nodes(n, key, val) + } + + query predicate subpaths(PathNode arg, PathNode par, PathNode ret, PathNode out) { + MergedPathGraph::PathGraph::subpaths(arg, par, ret, out) + } +} module PointerArithmeticToDerefFlow = DataFlow::Global; from - Field f, PointerArithmeticToDerefFlow::PathNode source, - PointerArithmeticToDerefFlow::PathNode sink, Instruction deref, string operation, int delta + Field f, PathNode fieldSource, PathNode paiNode, + PathNode sink, Instruction deref, string operation, int delta where - PointerArithmeticToDerefFlow::flowPath(source, sink) and + PointerArithmeticToDerefFlow::flowPath(paiNode.asPathNode1(), sink.asPathNode1()) and isInvalidPointerDerefSink2(sink.getNode(), deref, operation) and - isConstantSizeOverflowSource(f, source.getNode().asInstruction(), delta) -select source, source, sink, + isConstantSizeOverflowSource(f, fieldSource.asPathNode2(), paiNode.getNode().asInstruction(), delta) +select paiNode, fieldSource, sink, "This pointer arithmetic may have an off-by-" + (delta + 1) + " error allowing it to overrun $@ at this $@.", f, f.getName(), deref, operation diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index e201ef15af9..777fa1d5564 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -1,37 +1,100 @@ edges +| test.cpp:26:10:26:12 | buf | test.cpp:26:5:26:12 | buf | +| test.cpp:30:10:30:12 | buf | test.cpp:30:5:30:12 | buf | +| test.cpp:34:10:34:12 | buf | test.cpp:34:5:34:12 | buf | +| test.cpp:35:5:35:12 | buf | test.cpp:35:5:35:22 | access to array | +| test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:12 | buf | +| test.cpp:36:5:36:12 | buf | test.cpp:36:5:36:24 | access to array | +| test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:12 | buf | +| test.cpp:39:14:39:16 | buf | test.cpp:39:9:39:16 | buf | +| test.cpp:43:9:43:16 | buf | test.cpp:43:9:43:19 | access to array | +| test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:16 | buf | +| test.cpp:48:10:48:12 | buf | test.cpp:48:5:48:12 | buf | +| test.cpp:49:5:49:12 | buf | test.cpp:49:5:49:22 | access to array | +| test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:12 | buf | +| test.cpp:50:5:50:12 | buf | test.cpp:50:5:50:24 | access to array | +| test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:12 | buf | +| test.cpp:53:14:53:16 | buf | test.cpp:53:9:53:16 | buf | +| test.cpp:57:9:57:16 | buf | test.cpp:57:9:57:19 | access to array | +| test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:16 | buf | +| test.cpp:61:9:61:16 | buf | test.cpp:61:9:61:19 | access to array | +| test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:16 | buf | | test.cpp:66:32:66:32 | p | test.cpp:66:32:66:32 | p | | test.cpp:66:32:66:32 | p | test.cpp:67:5:67:6 | * ... | | test.cpp:66:32:66:32 | p | test.cpp:67:6:67:6 | p | +| test.cpp:70:33:70:33 | p | test.cpp:71:5:71:5 | p | +| test.cpp:70:33:70:33 | p | test.cpp:72:5:72:5 | p | +| test.cpp:72:5:72:5 | p | test.cpp:72:5:72:15 | access to array | +| test.cpp:76:32:76:34 | buf | test.cpp:76:27:76:34 | buf | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | +| test.cpp:77:27:77:34 | buf | test.cpp:77:27:77:44 | access to array | | test.cpp:77:27:77:44 | access to array | test.cpp:77:26:77:44 | & ... | +| test.cpp:77:32:77:34 | buf | test.cpp:77:27:77:34 | buf | +| test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | +| test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | nodes +| test.cpp:26:5:26:12 | buf | semmle.label | buf | +| test.cpp:26:10:26:12 | buf | semmle.label | buf | +| test.cpp:30:5:30:12 | buf | semmle.label | buf | +| test.cpp:30:10:30:12 | buf | semmle.label | buf | +| test.cpp:34:5:34:12 | buf | semmle.label | buf | +| test.cpp:34:10:34:12 | buf | semmle.label | buf | +| test.cpp:35:5:35:12 | buf | semmle.label | buf | | test.cpp:35:5:35:22 | access to array | semmle.label | access to array | +| test.cpp:35:10:35:12 | buf | semmle.label | buf | +| test.cpp:36:5:36:12 | buf | semmle.label | buf | | test.cpp:36:5:36:24 | access to array | semmle.label | access to array | +| test.cpp:36:10:36:12 | buf | semmle.label | buf | +| test.cpp:39:9:39:16 | buf | semmle.label | buf | +| test.cpp:39:14:39:16 | buf | semmle.label | buf | +| test.cpp:43:9:43:16 | buf | semmle.label | buf | | test.cpp:43:9:43:19 | access to array | semmle.label | access to array | +| test.cpp:43:14:43:16 | buf | semmle.label | buf | +| test.cpp:48:5:48:12 | buf | semmle.label | buf | +| test.cpp:48:10:48:12 | buf | semmle.label | buf | +| test.cpp:49:5:49:12 | buf | semmle.label | buf | | test.cpp:49:5:49:22 | access to array | semmle.label | access to array | +| test.cpp:49:10:49:12 | buf | semmle.label | buf | +| test.cpp:50:5:50:12 | buf | semmle.label | buf | | test.cpp:50:5:50:24 | access to array | semmle.label | access to array | +| test.cpp:50:10:50:12 | buf | semmle.label | buf | +| test.cpp:53:9:53:16 | buf | semmle.label | buf | +| test.cpp:53:14:53:16 | buf | semmle.label | buf | +| test.cpp:57:9:57:16 | buf | semmle.label | buf | | test.cpp:57:9:57:19 | access to array | semmle.label | access to array | +| test.cpp:57:14:57:16 | buf | semmle.label | buf | +| test.cpp:61:9:61:16 | buf | semmle.label | buf | | test.cpp:61:9:61:19 | access to array | semmle.label | access to array | +| test.cpp:61:14:61:16 | buf | semmle.label | buf | | test.cpp:66:32:66:32 | p | semmle.label | p | | test.cpp:66:32:66:32 | p | semmle.label | p | | test.cpp:66:32:66:32 | p | semmle.label | p | | test.cpp:67:5:67:6 | * ... | semmle.label | * ... | | test.cpp:67:6:67:6 | p | semmle.label | p | +| test.cpp:70:33:70:33 | p | semmle.label | p | +| test.cpp:71:5:71:5 | p | semmle.label | p | +| test.cpp:72:5:72:5 | p | semmle.label | p | | test.cpp:72:5:72:15 | access to array | semmle.label | access to array | +| test.cpp:76:27:76:34 | buf | semmle.label | buf | +| test.cpp:76:32:76:34 | buf | semmle.label | buf | | test.cpp:77:26:77:44 | & ... | semmle.label | & ... | +| test.cpp:77:27:77:34 | buf | semmle.label | buf | | test.cpp:77:27:77:44 | access to array | semmle.label | access to array | +| test.cpp:77:32:77:34 | buf | semmle.label | buf | +| test.cpp:79:27:79:34 | buf | semmle.label | buf | +| test.cpp:79:32:79:34 | buf | semmle.label | buf | subpaths #select -| test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | -| test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | -| test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | -| test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | -| test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | -| test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | -| test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | -| test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:35:5:35:22 | access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | +| test.cpp:36:5:36:24 | access to array | test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | +| test.cpp:43:9:43:19 | access to array | test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | +| test.cpp:49:5:49:22 | access to array | test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | +| test.cpp:50:5:50:24 | access to array | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | +| test.cpp:57:9:57:19 | access to array | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | +| test.cpp:61:9:61:19 | access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | +| test.cpp:72:5:72:15 | access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | From d9665e16784b8d147b60646b2bec1bc4de5a6b72 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 4 May 2023 16:34:29 -0400 Subject: [PATCH 005/210] C++: add case test for constant off-by-one query --- .../constant-size/ConstantSizeArrayOffByOne.expected | 11 +++++++++++ .../Security/CWE/CWE-193/constant-size/test.cpp | 9 +++++++++ 2 files changed, 20 insertions(+) diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index 777fa1d5564..294ddb0e46d 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -33,6 +33,10 @@ edges | test.cpp:77:32:77:34 | buf | test.cpp:77:27:77:34 | buf | | test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | | test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | +| test.cpp:85:34:85:36 | buf | test.cpp:87:5:87:11 | charBuf | +| test.cpp:85:34:85:36 | buf | test.cpp:88:5:88:11 | charBuf | +| test.cpp:87:5:87:11 | charBuf | test.cpp:87:5:87:31 | access to array | +| test.cpp:88:5:88:11 | charBuf | test.cpp:88:5:88:27 | access to array | nodes | test.cpp:26:5:26:12 | buf | semmle.label | buf | | test.cpp:26:10:26:12 | buf | semmle.label | buf | @@ -84,6 +88,11 @@ nodes | test.cpp:77:32:77:34 | buf | semmle.label | buf | | test.cpp:79:27:79:34 | buf | semmle.label | buf | | test.cpp:79:32:79:34 | buf | semmle.label | buf | +| test.cpp:85:34:85:36 | buf | semmle.label | buf | +| test.cpp:87:5:87:11 | charBuf | semmle.label | charBuf | +| test.cpp:87:5:87:31 | access to array | semmle.label | access to array | +| test.cpp:88:5:88:11 | charBuf | semmle.label | charBuf | +| test.cpp:88:5:88:27 | access to array | semmle.label | access to array | subpaths #select | test.cpp:35:5:35:22 | access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | @@ -98,3 +107,5 @@ subpaths | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:87:5:87:31 | access to array | test.cpp:85:34:85:36 | buf | test.cpp:87:5:87:31 | access to array | This pointer arithmetic may have an off-by-3072 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:87:5:87:35 | Store: ... = ... | write | +| test.cpp:88:5:88:27 | access to array | test.cpp:85:34:85:36 | buf | test.cpp:88:5:88:27 | access to array | This pointer arithmetic may have an off-by-3073 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:88:5:88:31 | Store: ... = ... | write | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp index df4cd7b4491..c2ca2401127 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp @@ -78,3 +78,12 @@ void testInterproc(BigArray *arr) { addToPointerAndAssign(arr->buf); } + +#define MAX_SIZE_BYTES 4096 + +void testCharIndex(BigArray *arr) { + char *charBuf = (char*) arr->buf; + + charBuf[MAX_SIZE_BYTES - 1] = 0; // GOOD [FALSE POSITIVE] + charBuf[MAX_SIZE_BYTES] = 0; // BAD +} \ No newline at end of file From b7653ec92ddd617bf8745643cb7e6d32cd27a1aa Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 4 May 2023 16:39:02 -0400 Subject: [PATCH 006/210] C++: ignore cast arrays in constant off-by-one query --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 1 + .../constant-size/ConstantSizeArrayOffByOne.expected | 6 ------ .../query-tests/Security/CWE/CWE-193/constant-size/test.cpp | 4 ++-- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index af41bb7222a..ce604510d70 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -98,6 +98,7 @@ predicate isConstantSizeOverflowSource(Field f, FieldAddressToPointerArithmeticF FieldAddressToPointerArithmeticFlow::flowPath(fieldSource, sink) and isFieldAddressSource(f, fieldSource.getNode()) and pai.getLeft() = sink.getNode().(DataFlow::InstructionNode).asInstruction() and + pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and f.getUnspecifiedType().(ArrayType).getArraySize() = size and semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and delta = bound - size and diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index 294ddb0e46d..0b688810262 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -35,8 +35,6 @@ edges | test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | | test.cpp:85:34:85:36 | buf | test.cpp:87:5:87:11 | charBuf | | test.cpp:85:34:85:36 | buf | test.cpp:88:5:88:11 | charBuf | -| test.cpp:87:5:87:11 | charBuf | test.cpp:87:5:87:31 | access to array | -| test.cpp:88:5:88:11 | charBuf | test.cpp:88:5:88:27 | access to array | nodes | test.cpp:26:5:26:12 | buf | semmle.label | buf | | test.cpp:26:10:26:12 | buf | semmle.label | buf | @@ -90,9 +88,7 @@ nodes | test.cpp:79:32:79:34 | buf | semmle.label | buf | | test.cpp:85:34:85:36 | buf | semmle.label | buf | | test.cpp:87:5:87:11 | charBuf | semmle.label | charBuf | -| test.cpp:87:5:87:31 | access to array | semmle.label | access to array | | test.cpp:88:5:88:11 | charBuf | semmle.label | charBuf | -| test.cpp:88:5:88:27 | access to array | semmle.label | access to array | subpaths #select | test.cpp:35:5:35:22 | access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | @@ -107,5 +103,3 @@ subpaths | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | | test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:87:5:87:31 | access to array | test.cpp:85:34:85:36 | buf | test.cpp:87:5:87:31 | access to array | This pointer arithmetic may have an off-by-3072 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:87:5:87:35 | Store: ... = ... | write | -| test.cpp:88:5:88:27 | access to array | test.cpp:85:34:85:36 | buf | test.cpp:88:5:88:27 | access to array | This pointer arithmetic may have an off-by-3073 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:88:5:88:31 | Store: ... = ... | write | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp index c2ca2401127..5749331b7d5 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp @@ -84,6 +84,6 @@ void testInterproc(BigArray *arr) { void testCharIndex(BigArray *arr) { char *charBuf = (char*) arr->buf; - charBuf[MAX_SIZE_BYTES - 1] = 0; // GOOD [FALSE POSITIVE] - charBuf[MAX_SIZE_BYTES] = 0; // BAD + charBuf[MAX_SIZE_BYTES - 1] = 0; // GOOD + charBuf[MAX_SIZE_BYTES] = 0; // BAD [FALSE NEGATIVE] } \ No newline at end of file From 3960853af0962bf8512d0465bcdae0bdfa3ee4f4 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Sun, 7 May 2023 23:56:56 +0200 Subject: [PATCH 007/210] CWE-089 Add Sequel SQL Injection Sink --- ruby/ql/lib/change-notes/2023-05-07-sequel.md | 4 ++ ruby/ql/lib/codeql/ruby/Frameworks.qll | 1 + ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll | 71 +++++++++++++++++++ .../frameworks/sequel/Sequel.expected | 23 ++++++ .../library-tests/frameworks/sequel/Sequel.ql | 7 ++ .../library-tests/frameworks/sequel/sequel.rb | 67 +++++++++++++++++ 6 files changed, 173 insertions(+) create mode 100644 ruby/ql/lib/change-notes/2023-05-07-sequel.md create mode 100644 ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll create mode 100644 ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected create mode 100644 ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql create mode 100644 ruby/ql/test/library-tests/frameworks/sequel/sequel.rb diff --git a/ruby/ql/lib/change-notes/2023-05-07-sequel.md b/ruby/ql/lib/change-notes/2023-05-07-sequel.md new file mode 100644 index 00000000000..3688f28db56 --- /dev/null +++ b/ruby/ql/lib/change-notes/2023-05-07-sequel.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Support for the `sequel` gem has been added. Method calls that execute queries against a database that may be vulnerable to injection attacks will now be recognized. diff --git a/ruby/ql/lib/codeql/ruby/Frameworks.qll b/ruby/ql/lib/codeql/ruby/Frameworks.qll index e61ac723e7e..d7b76c090b2 100644 --- a/ruby/ql/lib/codeql/ruby/Frameworks.qll +++ b/ruby/ql/lib/codeql/ruby/Frameworks.qll @@ -32,3 +32,4 @@ private import codeql.ruby.frameworks.Slim private import codeql.ruby.frameworks.Sinatra private import codeql.ruby.frameworks.Twirp private import codeql.ruby.frameworks.Sqlite3 +private import codeql.ruby.frameworks.Sequel diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll b/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll new file mode 100644 index 00000000000..b9488a92016 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/frameworks/Sequel.qll @@ -0,0 +1,71 @@ +/** + * Provides modeling for `Sequel`, the database toolkit for Ruby. + * https://github.com/jeremyevans/sequel + */ + +private import ruby +private import codeql.ruby.ApiGraphs +private import codeql.ruby.dataflow.FlowSummary +private import codeql.ruby.Concepts + +/** + * Provides modeling for `Sequel`, the database toolkit for Ruby. + * https://github.com/jeremyevans/sequel + */ +module Sequel { + /** Flow Summary for `Sequel`. */ + private class SqlSummary extends SummarizedCallable { + SqlSummary() { this = "Sequel.connect" } + + override MethodCall getACall() { result = any(SequelConnection c).asExpr().getExpr() } + + override predicate propagatesFlowExt(string input, string output, boolean preservesValue) { + input = "Argument[0]" and output = "ReturnValue" and preservesValue = false + } + } + + /** A call to establish a connection to a database */ + private class SequelConnection extends DataFlow::CallNode { + SequelConnection() { + this = + API::getTopLevelMember("Sequel").getAMethodCall(["connect", "sqlite", "mysql2", "jdbc"]) + } + } + + /** A call that constructs SQL statements */ + private class SequelConstruction extends SqlConstruction::Range, DataFlow::CallNode { + DataFlow::Node query; + + SequelConstruction() { + this = API::getTopLevelMember("Sequel").getAMethodCall("cast") and query = this.getArgument(1) + or + this = API::getTopLevelMember("Sequel").getAMethodCall("function") and + query = this.getArgument(0) + } + + override DataFlow::Node getSql() { result = query } + } + + /** A call that executes SQL statements against a database */ + private class SequelExecution extends SqlExecution::Range, DataFlow::CallNode { + SequelExecution() { + exists(SequelConnection sequelConnection | + this = + sequelConnection + .getAMethodCall([ + "execute", "execute_ddl", "execute_dui", "execute_insert", "run", "<<", "fetch", + "fetch_rows", "[]", "log_connection_yield" + ]) or + this = + sequelConnection + .getAMethodCall("dataset") + .getAMethodCall([ + "with_sql", "with_sql_all", "with_sql_delete", "with_sql_each", "with_sql_first", + "with_sql_insert", "with_sql_single_value", "with_sql_update" + ]) + ) + } + + override DataFlow::Node getSql() { result = this.getArgument(0) } + } +} diff --git a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected new file mode 100644 index 00000000000..b44d06e6c19 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected @@ -0,0 +1,23 @@ +sequelSqlConstruction +| sequel.rb:63:29:63:49 | call to cast | sequel.rb:63:45:63:48 | name | +| sequel.rb:66:29:66:49 | call to function | sequel.rb:66:45:66:48 | name | +sequelSqlExecution +| sequel.rb:10:9:10:60 | ...[...] | sequel.rb:10:14:10:59 | "SELECT * FROM users WHERE use..." | +| sequel.rb:13:9:13:64 | call to run | sequel.rb:13:18:13:63 | "SELECT * FROM users WHERE use..." | +| sequel.rb:16:9:18:11 | call to fetch | sequel.rb:16:20:16:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:21:9:21:65 | ...[...] | sequel.rb:21:14:21:64 | "SELECT * FROM users WHERE use..." | +| sequel.rb:24:9:24:65 | call to execute | sequel.rb:24:22:24:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:27:9:27:71 | call to execute_ddl | sequel.rb:27:26:27:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:30:9:30:71 | call to execute_dui | sequel.rb:30:26:30:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:33:9:33:74 | call to execute_insert | sequel.rb:33:29:33:74 | "SELECT * FROM users WHERE use..." | +| sequel.rb:36:9:36:62 | ... << ... | sequel.rb:36:17:36:62 | "SELECT * FROM users WHERE use..." | +| sequel.rb:39:9:39:79 | call to fetch_rows | sequel.rb:39:25:39:70 | "SELECT * FROM users WHERE use..." | +| sequel.rb:42:9:42:81 | call to with_sql_all | sequel.rb:42:35:42:80 | "SELECT * FROM users WHERE use..." | +| sequel.rb:45:9:45:84 | call to with_sql_delete | sequel.rb:45:38:45:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:48:9:48:90 | call to with_sql_each | sequel.rb:48:36:48:81 | "SELECT * FROM users WHERE use..." | +| sequel.rb:51:9:51:83 | call to with_sql_first | sequel.rb:51:37:51:82 | "SELECT * FROM users WHERE use..." | +| sequel.rb:54:9:54:84 | call to with_sql_insert | sequel.rb:54:38:54:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:57:9:57:90 | call to with_sql_single_value | sequel.rb:57:44:57:89 | "SELECT * FROM users WHERE use..." | +| sequel.rb:60:9:60:84 | call to with_sql_update | sequel.rb:60:38:60:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:63:9:63:20 | ...[...] | sequel.rb:63:14:63:19 | :table | +| sequel.rb:66:9:66:20 | ...[...] | sequel.rb:66:14:66:19 | :table | diff --git a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql new file mode 100644 index 00000000000..9645c5d4f17 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.ql @@ -0,0 +1,7 @@ +private import codeql.ruby.DataFlow +private import codeql.ruby.Concepts +private import codeql.ruby.frameworks.Sequel + +query predicate sequelSqlConstruction(SqlConstruction c, DataFlow::Node sql) { sql = c.getSql() } + +query predicate sequelSqlExecution(SqlExecution e, DataFlow::Node sql) { sql = e.getSql() } diff --git a/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb b/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb new file mode 100644 index 00000000000..d760f6c3d07 --- /dev/null +++ b/ruby/ql/test/library-tests/frameworks/sequel/sequel.rb @@ -0,0 +1,67 @@ +require 'sequel' + +class UsersController < ActionController::Base + def sequel_handler(event:, context:) + name = params[:name] + conn = Sequel.sqlite("sqlite://example.db") + + # BAD: SQL statement constructed from user input + conn["SELECT * FROM users WHERE username='#{name}'"] + + # BAD: SQL statement constructed from user input + conn.run("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.fetch("SELECT * FROM users WHERE username='#{name}'") do |row| + puts row[:name] + end + + # GOOD: SQL statement is not constructed from user input + conn["SELECT * FROM users WHERE username='im_not_input'"] + + # BAD: SQL statement constructed from user input + conn.execute "SELECT * FROM users WHERE username=#{name}" + + # BAD: SQL statement constructed from user input + conn.execute_ddl "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.execute_dui "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.execute_insert "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn << "SELECT * FROM users WHERE username='#{name}'" + + # BAD: SQL statement constructed from user input + conn.fetch_rows("SELECT * FROM users WHERE username='#{name}'"){|row| } + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_all("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_delete("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_each("SELECT * FROM users WHERE username='#{name}'"){|row| } + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_first("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_insert("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_single_value("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn.dataset.with_sql_update("SELECT * FROM users WHERE username='#{name}'") + + # BAD: SQL statement constructed from user input + conn[:table].select(Sequel.cast(:a, name)) + + # BAD: SQL statement constructed from user input + conn[:table].select(Sequel.function(name)) + end +end \ No newline at end of file From f77c77fdf9baaf83b50f97ad2c30cbe11371632f Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Wed, 10 May 2023 14:58:11 -0400 Subject: [PATCH 008/210] C++: refactor off-by-one query to use flowstate --- .../CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 98 +++++++++---------- 1 file changed, 44 insertions(+), 54 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index ce604510d70..8ad251a9fc2 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -14,7 +14,7 @@ import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysi import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.dataflow.DataFlow -import StitchedPathGraph +import FieldAddressToDerefFlow::PathGraph pragma[nomagic] Instruction getABoundIn(SemBound b, IRFunction func) { @@ -42,21 +42,6 @@ bindingset[b] pragma[inline_late] predicate bounded2(Instruction i, Instruction b, int delta) { boundedImpl(i, b, delta) } -module FieldAddressToPointerArithmeticConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { isFieldAddressSource(_, source) } - - predicate isSink(DataFlow::Node sink) { - exists(PointerAddInstruction pai | pai.getLeft() = sink.asInstruction()) - } -} - -module FieldAddressToPointerArithmeticFlow = - DataFlow::Global; - -predicate isFieldAddressSource(Field f, DataFlow::Node source) { - source.asInstruction().(FieldAddressInstruction).getField() = f -} - bindingset[delta] predicate isInvalidPointerDerefSinkImpl( int delta, Instruction i, AddressOperand addr, string operation @@ -93,56 +78,61 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } -predicate isConstantSizeOverflowSource(Field f, FieldAddressToPointerArithmeticFlow::PathNode fieldSource, PointerAddInstruction pai, int delta) { - exists(int size, int bound, FieldAddressToPointerArithmeticFlow::PathNode sink | - FieldAddressToPointerArithmeticFlow::flowPath(fieldSource, sink) and - isFieldAddressSource(f, fieldSource.getNode()) and - pai.getLeft() = sink.getNode().(DataFlow::InstructionNode).asInstruction() and - pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and - f.getUnspecifiedType().(ArrayType).getArraySize() = size and - semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and - delta = bound - size and - delta >= 0 and - size != 0 and - size != 1 - ) +predicate pointerArithOverflow( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and + f.getUnspecifiedType().(ArrayType).getArraySize() = size and + semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and + delta = bound - size } -module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { - isConstantSizeOverflowSource(_, _, source.asInstruction(), _) +module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { + newtype FlowState = + additional TArray(Field f) or + additional TOverflowArithmetic(PointerArithmeticInstruction pai) + + predicate isSource(DataFlow::Node source, FlowState state) { + exists(Field f | + source.asInstruction().(FieldAddressInstruction).getField() = f and + state = TArray(f) + ) } - pragma[inline] - predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } -} - -module MergedPathGraph = DataFlow::MergePathGraph; -class PathNode = MergedPathGraph::PathNode; -module StitchedPathGraph implements DataFlow::PathGraphSig{ - query predicate edges(PathNode a, PathNode b) { - MergedPathGraph::PathGraph::edges(a, b) - or - a.asPathNode2().getNode().(DataFlow::InstructionNode).asInstruction() = b.asPathNode1().getNode().(DataFlow::InstructionNode).asInstruction().(PointerAddInstruction).getLeft() + predicate isSink(DataFlow::Node sink, FlowState state) { + isInvalidPointerDerefSink1(sink, _, _) and + state instanceof TOverflowArithmetic } - query predicate nodes(PathNode n, string key, string val) { - MergedPathGraph::PathGraph::nodes(n, key, val) - } + predicate isBarrier(DataFlow::Node node, FlowState state) { none() } - query predicate subpaths(PathNode arg, PathNode par, PathNode ret, PathNode out) { - MergedPathGraph::PathGraph::subpaths(arg, par, ret, out) + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 + ) { + exists(PointerArithmeticInstruction pai, Field f, int size, int delta | + state1 = TArray(f) and + state2 = TOverflowArithmetic(pai) and + pai.getLeft() = node1.asInstruction() and + node2.asInstruction() = pai and + pointerArithOverflow(pai, f, size, _, delta) and + delta >= 0 and + size != 0 and + size != 1 + ) } } -module PointerArithmeticToDerefFlow = DataFlow::Global; + +module FieldAddressToDerefFlow = DataFlow::GlobalWithState; from - Field f, PathNode fieldSource, PathNode paiNode, - PathNode sink, Instruction deref, string operation, int delta + Field f, FieldAddressToDerefFlow::PathNode source, PointerArithmeticInstruction pai, + FieldAddressToDerefFlow::PathNode sink, Instruction deref, string operation, int delta where - PointerArithmeticToDerefFlow::flowPath(paiNode.asPathNode1(), sink.asPathNode1()) and + FieldAddressToDerefFlow::flowPath(source, sink) and isInvalidPointerDerefSink2(sink.getNode(), deref, operation) and - isConstantSizeOverflowSource(f, fieldSource.asPathNode2(), paiNode.getNode().asInstruction(), delta) -select paiNode, fieldSource, sink, + source.getState() = FieldAddressToDerefConfig::TArray(f) and + sink.getState() = FieldAddressToDerefConfig::TOverflowArithmetic(pai) and + pointerArithOverflow(pai, f, _, _, delta) +select pai, source, sink, "This pointer arithmetic may have an off-by-" + (delta + 1) + " error allowing it to overrun $@ at this $@.", f, f.getName(), deref, operation From 584adf843a5ab7aa0aa5ad997100876d161928f9 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Fri, 12 May 2023 12:43:10 -0400 Subject: [PATCH 009/210] C++: restrict flowstates in constant off-by-one query --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 8ad251a9fc2..943faf6d75c 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -89,8 +89,10 @@ predicate pointerArithOverflow( module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { newtype FlowState = - additional TArray(Field f) or - additional TOverflowArithmetic(PointerArithmeticInstruction pai) + additional TArray(Field f) { pointerArithOverflow(_, f, _, _, _) } or + additional TOverflowArithmetic(PointerArithmeticInstruction pai) { + pointerArithOverflow(pai, _, _, _, _) + } predicate isSource(DataFlow::Node source, FlowState state) { exists(Field f | From 3193b3b171c01bb7c49dc52452389ee3fe9f2ca7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 15 May 2023 10:51:21 +0100 Subject: [PATCH 010/210] Swift: Make the CleartextLogging.ql query ID consistent with the other swift/cleartext-* queries. --- swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index 2d76f1d3e7e..d4314ab1631 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -6,7 +6,7 @@ * @problem.severity error * @security-severity 7.5 * @precision high - * @id swift/clear-text-logging + * @id swift/cleartext-logging * @tags security * external/cwe/cwe-312 * external/cwe/cwe-359 From 2a4d7cb642f5bd6c7121d9b3205f6d8e84812bc0 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 15 May 2023 11:53:58 +0100 Subject: [PATCH 011/210] Swift: Make the result message consistent as well. --- .../src/queries/Security/CWE-312/CleartextLogging.ql | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index d4314ab1631..764a4af3d94 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -18,7 +18,9 @@ import codeql.swift.dataflow.DataFlow import codeql.swift.security.CleartextLoggingQuery import CleartextLoggingFlow::PathGraph -from CleartextLoggingFlow::PathNode src, CleartextLoggingFlow::PathNode sink -where CleartextLoggingFlow::flowPath(src, sink) -select sink.getNode(), src, sink, "This $@ is written to a log file.", src.getNode(), - "potentially sensitive information" +from CleartextLoggingFlow::PathNode source, CleartextLoggingFlow::PathNode sink +where CleartextLoggingFlow::flowPath(source, sink) +select sink, source, sink, + "This operation writes '" + sink.toString() + + "' to a log file. It may contain unencrypted sensitive data from $@.", source, + source.getNode().toString() From d17199a9e10f36817bdb9426b128c12b91aea299 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Tue, 16 May 2023 15:00:26 +0200 Subject: [PATCH 012/210] add gson models --- java/ql/lib/ext/com.google.gson.model.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 java/ql/lib/ext/com.google.gson.model.yml diff --git a/java/ql/lib/ext/com.google.gson.model.yml b/java/ql/lib/ext/com.google.gson.model.yml new file mode 100644 index 00000000000..a35ff0f117e --- /dev/null +++ b/java/ql/lib/ext/com.google.gson.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["com.google.gson", "Gson", False, "toJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "fromJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonWriter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextName", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] From 94b4ebe38b0628e957599e7daea8cfea919c0df2 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 16 May 2023 14:16:30 +0100 Subject: [PATCH 013/210] Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql Co-authored-by: Mathias Vorreiter Pedersen --- swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index 764a4af3d94..69601b3d931 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -20,7 +20,7 @@ import CleartextLoggingFlow::PathGraph from CleartextLoggingFlow::PathNode source, CleartextLoggingFlow::PathNode sink where CleartextLoggingFlow::flowPath(source, sink) -select sink, source, sink, +select sink.getNode(), source, sink, "This operation writes '" + sink.toString() + "' to a log file. It may contain unencrypted sensitive data from $@.", source, source.getNode().toString() From 613077c7a9fede81cbd090b20c02da4cf9aab8cf Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 15:28:29 -0400 Subject: [PATCH 014/210] C#: update 'code' sink kind to 'code-injection' --- .../ql/lib/ext/ServiceStack.Redis.model.yml | 54 +++++++++---------- .../code/csharp/dataflow/ExternalFlow.qll | 2 +- .../security/dataflow/CodeInjectionQuery.qll | 2 +- .../dataflow/external-models/sinks.ext.yml | 2 +- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml index 46415828318..9016c393077 100644 --- a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml @@ -3,30 +3,30 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 1f57626840b..3241a8b690c 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,7 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code", "sql", "xss", "remote", "html"] and + not kind = ["code-injection", "sql", "xss", "remote", "html"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll index 76a9a495637..cd035de9414 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll @@ -97,5 +97,5 @@ class RoslynCSharpScriptSink extends Sink { /** Code injection sinks defined through CSV models. */ private class ExternalCodeInjectionExprSink extends Sink { - ExternalCodeInjectionExprSink() { sinkNode(this, "code") } + ExternalCodeInjectionExprSink() { sinkNode(this, "code-injection") } } diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 3198057f42c..85590cecc39 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -4,7 +4,7 @@ extensions: extensible: sinkModel data: # "namespace", "type", "overrides", "name", "signature", "ext", "spec", "kind", "provenance" - - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code", "manual"] + - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] From b6d011b1873b82c0831b6369cba9292144e7fffc Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 15:41:47 -0400 Subject: [PATCH 015/210] C#: update 'sql' sink kind to 'sql-injection' --- csharp/ql/lib/ext/Dapper.model.yml | 110 +++++------ ...Microsoft.ApplicationBlocks.Data.model.yml | 56 +++--- .../Microsoft.EntityFrameworkCore.model.yml | 12 +- .../lib/ext/MySql.Data.MySqlClient.model.yml | 96 ++++----- .../ql/lib/ext/ServiceStack.OrmLite.model.yml | 184 +++++++++--------- .../ql/lib/ext/System.Data.Entity.model.yml | 18 +- .../ext/System.Data.EntityClient.model.yml | 6 +- csharp/ql/lib/ext/System.Data.Odbc.model.yml | 6 +- csharp/ql/lib/ext/System.Data.OleDb.model.yml | 6 +- .../ql/lib/ext/System.Data.SQLite.model.yml | 14 +- .../lib/ext/System.Data.SqlClient.model.yml | 12 +- .../ext/generated/dotnet_runtime.model.yml | 9 +- .../code/csharp/dataflow/ExternalFlow.qll | 2 +- .../security/dataflow/SqlInjectionQuery.qll | 2 +- .../dataflow/external-models/sinks.ext.yml | 2 +- .../EntityFramework/FlowSummaries.expected | 12 +- .../test/library-tests/frameworks/sql/Sql1.ql | 2 +- 17 files changed, 273 insertions(+), 276 deletions(-) diff --git a/csharp/ql/lib/ext/Dapper.model.yml b/csharp/ql/lib/ext/Dapper.model.yml index e72f3b076a6..78e92bbf191 100644 --- a/csharp/ql/lib/ext/Dapper.model.yml +++ b/csharp/ql/lib/ext/Dapper.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] + - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml index 5b5e2657bfd..0bb437b5b44 100644 --- a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml +++ b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml @@ -3,31 +3,31 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml index 3928adf0624..61c1b20790c 100644 --- a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml +++ b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml index 70d849e122a..2e1c75b0873 100644 --- a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml +++ b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml @@ -3,51 +3,51 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml index ea7634bc244..3d6148c330f 100644 --- a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml @@ -3,95 +3,95 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.Entity.model.yml b/csharp/ql/lib/ext/System.Data.Entity.model.yml index 36eccd9b38d..3ce725b5e1f 100644 --- a/csharp/ql/lib/ext/System.Data.Entity.model.yml +++ b/csharp/ql/lib/ext/System.Data.Entity.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml index 16a24580647..39f3e35094c 100644 --- a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.Odbc.model.yml b/csharp/ql/lib/ext/System.Data.Odbc.model.yml index d1f6a24d5fc..0648bb0bbd0 100644 --- a/csharp/ql/lib/ext/System.Data.Odbc.model.yml +++ b/csharp/ql/lib/ext/System.Data.Odbc.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.OleDb.model.yml b/csharp/ql/lib/ext/System.Data.OleDb.model.yml index ebe3cc8b157..41e686537b8 100644 --- a/csharp/ql/lib/ext/System.Data.OleDb.model.yml +++ b/csharp/ql/lib/ext/System.Data.OleDb.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.SQLite.model.yml b/csharp/ql/lib/ext/System.Data.SQLite.model.yml index d6d1d70e608..e1cdb6a1a84 100644 --- a/csharp/ql/lib/ext/System.Data.SQLite.model.yml +++ b/csharp/ql/lib/ext/System.Data.SQLite.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml index 2040e0f9798..211fe1faa84 100644 --- a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml index 6ec7a3cb93a..380c0df3391 100644 --- a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml +++ b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml @@ -7,8 +7,8 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "df-generated"] - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "df-generated"] - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "xss", "df-generated"] - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "xss", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateDecryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-decryptor", "df-generated"] @@ -34,7 +34,7 @@ extensions: - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] - + - addsTo: @@ -51946,6 +51946,3 @@ extensions: - ["System", "WeakReference<>", "TryGetTarget", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T,System.Boolean)", "summary", "df-generated"] - - - \ No newline at end of file diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 3241a8b690c..1583ba09c69 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,7 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code-injection", "sql", "xss", "remote", "html"] and + not kind = ["code-injection", "sql-injection", "xss", "remote", "html"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll index 3cac542cb36..61b2491753a 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll @@ -78,7 +78,7 @@ class SqlInjectionExprSink extends Sink { /** SQL sinks defined through CSV models. */ private class ExternalSqlInjectionExprSink extends Sink { - ExternalSqlInjectionExprSink() { sinkNode(this, "sql") } + ExternalSqlInjectionExprSink() { sinkNode(this, "sql-injection") } } private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { } diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 85590cecc39..d151edd25b9 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -8,4 +8,4 @@ extensions: - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] diff --git a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected index 2d5a35839fb..dca27b3075a 100644 --- a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected @@ -134,9 +134,9 @@ summary neutral sourceNode sinkNode -| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql | -| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql | -| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql | -| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql | -| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql | -| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql | +| EntityFrameworkCore.cs:72:36:72:40 | "sql-injection" | sql | +| EntityFrameworkCore.cs:73:40:73:44 | "sql-injection" | sql | +| EntityFrameworkCore.cs:74:40:74:44 | "sql-injection" | sql | +| EntityFrameworkCore.cs:75:51:75:55 | "sql-injection" | sql | +| EntityFrameworkCore.cs:76:51:76:55 | "sql-injection" | sql | +| EntityFrameworkCore.cs:77:51:77:55 | "sql-injection" | sql | diff --git a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql index 9f25014662f..944d4180992 100644 --- a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql +++ b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql @@ -7,7 +7,7 @@ query predicate sqlExpressions(SqlExpr se, Expr e) { se.getSql() = e } query predicate sqlCsvSinks(Element p, Expr e) { p = e.getParent() and exists(Node n | - sinkNode(n, "sql") and + sinkNode(n, "sql-injection") and n.asExpr() = e ) } From f76563d6e9fdc448cb0ed7cff2ab3409069a670d Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 13:17:54 -0400 Subject: [PATCH 016/210] C#: update some test cases --- .../dataflow/external-models/sinks.expected | 4 ++-- .../EntityFramework/FlowSummaries.expected | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index c9b9406a10a..870989a8711 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -1,8 +1,8 @@ invalidModelRow #select -| Sinks.cs:8:19:8:22 | access to local variable arg1 | code | +| Sinks.cs:8:19:8:22 | access to local variable arg1 | code-injection | | Sinks.cs:11:13:11:41 | this access | remote | | Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | -| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql | +| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | | Sinks.cs:20:20:20:22 | access to local variable res | xss | | Sinks.cs:27:20:27:25 | access to local variable resTag | html | diff --git a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected index dca27b3075a..0e5784afa19 100644 --- a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected @@ -134,9 +134,9 @@ summary neutral sourceNode sinkNode -| EntityFrameworkCore.cs:72:36:72:40 | "sql-injection" | sql | -| EntityFrameworkCore.cs:73:40:73:44 | "sql-injection" | sql | -| EntityFrameworkCore.cs:74:40:74:44 | "sql-injection" | sql | -| EntityFrameworkCore.cs:75:51:75:55 | "sql-injection" | sql | -| EntityFrameworkCore.cs:76:51:76:55 | "sql-injection" | sql | -| EntityFrameworkCore.cs:77:51:77:55 | "sql-injection" | sql | +| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql-injection | +| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql-injection | From a0b502fa441fea7490c308d281470fbe87796451 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 13:22:49 -0400 Subject: [PATCH 017/210] C#: update 'html' sink kind to 'html-injection' --- csharp/ql/lib/ext/System.Web.model.yml | 8 ++++---- .../ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll | 2 +- .../code/csharp/security/dataflow/flowsinks/Html.qll | 2 +- .../library-tests/dataflow/external-models/sinks.expected | 2 +- .../library-tests/dataflow/external-models/sinks.ext.yml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/csharp/ql/lib/ext/System.Web.model.yml b/csharp/ql/lib/ext/System.Web.model.yml index 5cf065ec6dd..a2a7470ef8e 100644 --- a/csharp/ql/lib/ext/System.Web.model.yml +++ b/csharp/ql/lib/ext/System.Web.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html", "manual"] + - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 1583ba09c69..f7a8743a195 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,7 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code-injection", "sql-injection", "xss", "remote", "html"] and + not kind = ["code-injection", "sql-injection", "xss", "remote", "html-injection"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll index 8e83122e2bf..318e298ae1f 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll @@ -23,7 +23,7 @@ private import semmle.code.asp.AspNet abstract class HtmlSink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalHtmlSink extends HtmlSink { - ExternalHtmlSink() { sinkNode(this, "html") } + ExternalHtmlSink() { sinkNode(this, "html-injection") } } /** diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index 870989a8711..693ef5c4b03 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -5,4 +5,4 @@ invalidModelRow | Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | | Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | | Sinks.cs:20:20:20:22 | access to local variable res | xss | -| Sinks.cs:27:20:27:25 | access to local variable resTag | html | +| Sinks.cs:27:20:27:25 | access to local variable resTag | html-injection | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index d151edd25b9..eff3d52670a 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -6,6 +6,6 @@ extensions: # "namespace", "type", "overrides", "name", "signature", "ext", "spec", "kind", "provenance" - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html-injection", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] From 74cd2407fbcdd510111ea89f80b0dbfc7fd02670 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 13:32:29 -0400 Subject: [PATCH 018/210] C#: update 'xss' sink kind to 'js-injection' --- csharp/ql/lib/ext/System.Net.Http.model.yml | 2 +- csharp/ql/lib/ext/generated/dotnet_runtime.model.yml | 4 ++-- csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll | 2 +- .../ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll | 2 +- .../library-tests/dataflow/external-models/sinks.expected | 2 +- .../test/library-tests/dataflow/external-models/sinks.ext.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/csharp/ql/lib/ext/System.Net.Http.model.yml b/csharp/ql/lib/ext/System.Net.Http.model.yml index 0eafc30988a..4b5f4d193e7 100644 --- a/csharp/ql/lib/ext/System.Net.Http.model.yml +++ b/csharp/ql/lib/ext/System.Net.Http.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "xss", "manual"] + - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "js-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml index 380c0df3391..a5dc7699795 100644 --- a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml +++ b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml @@ -9,8 +9,8 @@ extensions: data: - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "df-generated"] - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "xss", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "xss", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "js-injection", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "js-injection", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateDecryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-decryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index f7a8743a195..a3d507ac69a 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,7 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code-injection", "sql-injection", "xss", "remote", "html-injection"] and + not kind = ["code-injection", "sql-injection", "js-injection", "remote", "html-injection"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll index 0232d9462e2..65ac1687714 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll @@ -24,7 +24,7 @@ abstract class Sink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalXssSink extends Sink { - ExternalXssSink() { sinkNode(this, "xss") } + ExternalXssSink() { sinkNode(this, "js-injection") } } private class HtmlSinkSink extends Sink instanceof HtmlSink { diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index 693ef5c4b03..ffafcaa9738 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -4,5 +4,5 @@ invalidModelRow | Sinks.cs:11:13:11:41 | this access | remote | | Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | | Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | -| Sinks.cs:20:20:20:22 | access to local variable res | xss | +| Sinks.cs:20:20:20:22 | access to local variable res | js-injection | | Sinks.cs:27:20:27:25 | access to local variable resTag | html-injection | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index eff3d52670a..f266d02c945 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -5,7 +5,7 @@ extensions: data: # "namespace", "type", "overrides", "name", "signature", "ext", "spec", "kind", "provenance" - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] - - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] + - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "js-injection", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html-injection", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] From d3da5a7b28e7017affcc6947eb57e191f0fb30dd Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 13:34:06 -0400 Subject: [PATCH 019/210] C#: update cwe-sink.csv file --- csharp/documentation/library-coverage/cwe-sink.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/csharp/documentation/library-coverage/cwe-sink.csv b/csharp/documentation/library-coverage/cwe-sink.csv index e71e194a2ed..70f0034ecd3 100644 --- a/csharp/documentation/library-coverage/cwe-sink.csv +++ b/csharp/documentation/library-coverage/cwe-sink.csv @@ -1,2 +1,2 @@ CWE,Sink identifier,Label -CWE-079,html xss,Cross-site scripting \ No newline at end of file +CWE-079,html-injection js-injection,Cross-site scripting From 06a28f6221aa669cdbc4066c9e81daf8f37a403a Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 14:03:19 -0400 Subject: [PATCH 020/210] C#: update 'remote' sink kind to 'file-content-store' --- csharp/ql/lib/ext/ServiceStack.model.yml | 150 +++++++++--------- .../code/csharp/dataflow/ExternalFlow.qll | 3 +- .../flowsinks/ExternalLocationSink.qll | 2 +- .../dataflow/external-models/sinks.expected | 4 +- .../dataflow/external-models/sinks.ext.yml | 2 +- 5 files changed, 81 insertions(+), 80 deletions(-) diff --git a/csharp/ql/lib/ext/ServiceStack.model.yml b/csharp/ql/lib/ext/ServiceStack.model.yml index 988c7f3b8f9..19188e5eeb5 100644 --- a/csharp/ql/lib/ext/ServiceStack.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.model.yml @@ -3,81 +3,81 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "remote", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index a3d507ac69a..46a19828a81 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -211,7 +211,8 @@ module ModelValidation { ) or exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["code-injection", "sql-injection", "js-injection", "remote", "html-injection"] and + not kind = + ["code-injection", "sql-injection", "js-injection", "html-injection", "file-content-store"] and not kind.matches("encryption-%") and result = "Invalid kind \"" + kind + "\" in sink model." ) diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll index 26b75f06269..df77a905281 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll @@ -19,7 +19,7 @@ private import semmle.code.csharp.dataflow.ExternalFlow abstract class ExternalLocationSink extends DataFlow::ExprNode { } private class ExternalModelSink extends ExternalLocationSink { - ExternalModelSink() { sinkNode(this, "remote") } + ExternalModelSink() { sinkNode(this, "file-content-store") } } /** diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index ffafcaa9738..3a4489dcb91 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -1,8 +1,8 @@ invalidModelRow #select | Sinks.cs:8:19:8:22 | access to local variable arg1 | code-injection | -| Sinks.cs:11:13:11:41 | this access | remote | -| Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | +| Sinks.cs:11:13:11:41 | this access | file-content-store | +| Sinks.cs:11:30:11:40 | access to local variable argToTagged | file-content-store | | Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | | Sinks.cs:20:20:20:22 | access to local variable res | js-injection | | Sinks.cs:27:20:27:25 | access to local variable resTag | html-injection | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index f266d02c945..c44c1b4fd36 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -7,5 +7,5 @@ extensions: - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "js-injection", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html-injection", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "file-content-store", "manual"] - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] From 588a62c3a4215a683721be7caf83c6ecb81cfeb8 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 16 May 2023 14:05:33 -0400 Subject: [PATCH 021/210] C#: update CaptureSinkModels test case --- .../modelgenerator/dataflow/CaptureSinkModels.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index e65a2ae7d4a..4a11cff39af 100644 --- a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,4 +1,4 @@ -| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html;df-generated | +| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html-injection;df-generated | From 7880e9e92c204137540560002bf74e5ee57b3627 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 14:52:13 -0400 Subject: [PATCH 022/210] JS: update 'command-line-injection' sink kind to 'command-injection' --- .../customizing-library-models-for-javascript.rst | 6 +++--- .../security/dataflow/CommandInjectionCustomizations.qll | 2 +- .../ql/test/library-tests/DataExtensions/execa.model.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst index d8a9e15faf5..d5cf4e0338e 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst @@ -53,7 +53,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi pack: codeql/javascript-all extensible: sinkModel data: - - ["execa", "Member[shell].Argument[0]", "command-line-injection"] + - ["execa", "Member[shell].Argument[0]", "command-injection"] - Since we're adding a new sink, we add a tuple to the **sinkModel** extensible predicate. @@ -64,7 +64,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi - **Member[shell]** selects accesses to the **shell** member of the **execa** package. - **Argument[0]** selects the first argument to calls to that member. -- **command-line-injection** indicates that this is considered a sink for the command injection query. +- **command-injection** indicates that this is considered a sink for the command injection query. Example: Taint sources from window 'message' events --------------------------------------------------- @@ -463,7 +463,7 @@ Sink kinds Unlike sources, sinks tend to be highly query-specific, rarely affecting more than one or two queries. Not every query supports customizable sinks. If the following sinks are not suitable for your use case, you should add a new query. - **code-injection**: A sink that can be used to inject code, such as in calls to **eval**. -- **command-line-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. - **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **fs.readFile**. - **sql-injection**: A sink that can be used for SQL injection, such as in a MySQL **query** call. - **nosql-injection**: A sink that can be used for NoSQL injection, such as in a MongoDB **findOne** call. diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll index fee201c1d05..8581a5b0cb0 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll @@ -49,6 +49,6 @@ module CommandInjection { } private class SinkFromModel extends Sink { - SinkFromModel() { this = ModelOutput::getASinkNode("command-line-injection").asSink() } + SinkFromModel() { this = ModelOutput::getASinkNode("command-injection").asSink() } } } diff --git a/javascript/ql/test/library-tests/DataExtensions/execa.model.yml b/javascript/ql/test/library-tests/DataExtensions/execa.model.yml index 2516e1a7be8..f7e0f70c0bc 100644 --- a/javascript/ql/test/library-tests/DataExtensions/execa.model.yml +++ b/javascript/ql/test/library-tests/DataExtensions/execa.model.yml @@ -6,5 +6,5 @@ extensions: - [ "@example/execa", "Member[shell].Argument[0]", - "command-line-injection", + "command-injection", ] From 359f6ffd1ef86dea9f2354dd4204bae470596900 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 15:12:53 -0400 Subject: [PATCH 023/210] JS: update 'credentials[%]' sink kind to 'credentials-%' --- .../semmle/javascript/frameworks/Credentials.qll | 2 +- .../javascript/frameworks/sequelize/model.json | 8 ++++---- .../javascript/frameworks/sequelize/model.yml | 16 ++++++++-------- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll b/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll index 21ecbc6d001..c1685f11cf4 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Credentials.qll @@ -46,7 +46,7 @@ module CredentialsExpr { private class CredentialsFromModel extends CredentialsNode { string kind; - CredentialsFromModel() { this = ModelOutput::getASinkNode("credentials[" + kind + "]").asSink() } + CredentialsFromModel() { this = ModelOutput::getASinkNode("credentials-" + kind).asSink() } override string getCredentialsKind() { result = CredentialsExpr::normalizeKind(kind) } } diff --git a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json index 88568283605..62ad94b9ea0 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json +++ b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.json @@ -19,10 +19,10 @@ "sequelize.Sequelize;Member[query].Argument[0].Member[query];sql-injection", "sequelize.Sequelize;Member[query].Argument[0];sql-injection", "sequelize.SequelizeStaticAndInstance;Member[asIs,literal].Argument[0];sql-injection", - "sequelize;Argument[0..].Member[password];credentials[password]", - "sequelize;Argument[0..].Member[username];credentials[username]", - "sequelize;Argument[1];credentials[username]", - "sequelize;Argument[2];credentials[password]" + "sequelize;Argument[0..].Member[password];credentials-password", + "sequelize;Argument[0..].Member[username];credentials-username", + "sequelize;Argument[1];credentials-username", + "sequelize;Argument[2];credentials-password" ], "typeDefinitions": [ "sequelize.Sequelize;sequelize-typescript.Sequelize;" diff --git a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml index 41a97e63a76..b25152b3764 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml +++ b/javascript/ql/lib/semmle/javascript/frameworks/sequelize/model.yml @@ -1,17 +1,17 @@ extensions: - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: sinkModel data: - [sequelize.Sequelize, "Member[query].Argument[0].Member[query]", "sql-injection"] - [sequelize.Sequelize, "Member[query].Argument[0]", "sql-injection"] - [sequelize.SequelizeStaticAndInstance, "Member[asIs,literal].Argument[0]", "sql-injection"] - - [sequelize, "Argument[0..].Member[password]", "credentials[password]"] - - [sequelize, "Argument[0..].Member[username]", "credentials[username]"] - - [sequelize, "Argument[1]", "credentials[username]"] - - [sequelize, "Argument[2]", "credentials[password]"] + - [sequelize, "Argument[0..].Member[password]", "credentials-password"] + - [sequelize, "Argument[0..].Member[username]", "credentials-username"] + - [sequelize, "Argument[1]", "credentials-username"] + - [sequelize, "Argument[2]", "credentials-password"] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: typeModel data: @@ -264,7 +264,7 @@ extensions: - [sequelize.ThroughOptions, sequelize.AssociationOptionsBelongsToMany, "Member[through]"] - [sequelize.Utils, sequelize.SequelizeStaticAndInstance, "Member[Utils]"] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: summaryModel data: @@ -274,7 +274,7 @@ extensions: - [sequelize.Model, "", "", "Member[schema,scope,unscoped].ReturnValue", type] - [sequelize.Model, "", "", "Member[sync].ReturnValue.Awaited", type] - - addsTo: + - addsTo: pack: codeql/javascript-all extensible: typeVariableModel data: From 003bb2f6f50651cc5f8e8da28274b7a1310b3026 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 15:20:03 -0400 Subject: [PATCH 024/210] JS: add change note --- .../ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md diff --git a/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md new file mode 100644 index 00000000000..9d215924623 --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `command-line-injection` to `command-injection` + * `credentials[kind]` to `credentials-kind` From 9ec6c7daea8b267f5371ef1b3f5dc465d9f2e417 Mon Sep 17 00:00:00 2001 From: Asger F Date: Wed, 17 May 2023 10:47:25 +0200 Subject: [PATCH 025/210] JS: Avoid using global vars in documentation examples --- ...-labels-for-precise-data-flow-analysis.rst | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst index 597ce491463..8625d637366 100644 --- a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst +++ b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst @@ -70,18 +70,22 @@ For example, we would like to flag this code: .. code-block:: javascript - var data = JSON.parse(str); - if (data.length > 0) { // problematic: `data` may be `null` - ... + function test(str) { + var data = JSON.parse(str); + if (data.length > 0) { // problematic: `data` may be `null` + ... + } } This code, on the other hand, should not be flagged: .. code-block:: javascript - var data = JSON.parse(str); - if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness - ... + function test(str) { + var data = JSON.parse(str); + if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness + ... + } } We will first try to write a query to find this kind of problem without flow labels, and use the @@ -168,11 +172,13 @@ checked for null-guardedness: .. code-block:: javascript - var root = JSON.parse(str); - if (root) { - var payload = root.data; // unproblematic: `root` cannot be `null` here - if (payload.length > 0) { // problematic: `payload` may be `null` here - ... + function test(str) { + var root = JSON.parse(str); + if (root) { + var payload = root.data; // unproblematic: `root` cannot be `null` here + if (payload.length > 0) { // problematic: `payload` may be `null` here + ... + } } } From 0f93f3a5ad134cc612a02df70db8e6ce14d09a73 Mon Sep 17 00:00:00 2001 From: Charis Kyriakou Date: Wed, 17 May 2023 12:34:47 +0100 Subject: [PATCH 026/210] Remove GITHUB_TOKEN permissions note since it's no longer required --- .../running-codeql-queries-at-scale-with-mrva.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst index 656aec444de..83dc32edf76 100644 --- a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst +++ b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst @@ -23,7 +23,7 @@ If you want to run variant analysis on your repositories, you need to enable cod Setting a controller repository for variant analysis ---------------------------------------------------- -When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. The ``GITHUB_TOKEN`` must also have "Read and write permissions" to run workflows in that repository. For more information, see "`Managing GitHub Actions settings for a repository `__." +When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. .. pull-quote:: From 3b2c3f6f40ebb3aa7c8859f38a027c7c52688b56 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 17 May 2023 13:46:51 +0100 Subject: [PATCH 027/210] C++: Use an 'EquivalenceRelation' instead of the 'shortestDistances' HOP in 'getInstruction'. This reduces the memory pressure when generating the CFG for Wireshark. --- .../ir/implementation/aliased_ssa/IRBlock.qll | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll index 78008a6c69b..34a7abf7b5e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll @@ -255,14 +255,27 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Holds if `i` is the `index`th instruction the block starting with `first`. */ - private Instruction getInstructionFromFirst(Instruction first, int index) = - shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) + /** Gets the index of `i` in its `IRBlock`. */ + private int getMemberIndex(Instruction i) { + startsBasicBlock(i) and + result = 0 + or + exists(Instruction iPrev | + adjacentInBlock(iPrev, i) and + result = getMemberIndex(iPrev) + 1 + ) + } + + private module BlockAdjacency = QlBuiltins::EquivalenceRelation; /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - result = getInstructionFromFirst(getFirstInstruction(block), index) + exists(Instruction first | + block = MkIRBlock(first) and + index = getMemberIndex(result) and + BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) + ) } cached From 771abf4f97c8c681ebf823ef2f717892901092ab Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 17 May 2023 13:47:01 +0100 Subject: [PATCH 028/210] C++/C#: Sync identical files. --- .../cpp/ir/implementation/raw/IRBlock.qll | 21 +++++++++++++++---- .../implementation/unaliased_ssa/IRBlock.qll | 21 +++++++++++++++---- .../ir/implementation/raw/IRBlock.qll | 21 +++++++++++++++---- .../implementation/unaliased_ssa/IRBlock.qll | 21 +++++++++++++++---- 4 files changed, 68 insertions(+), 16 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll index 78008a6c69b..34a7abf7b5e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll @@ -255,14 +255,27 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Holds if `i` is the `index`th instruction the block starting with `first`. */ - private Instruction getInstructionFromFirst(Instruction first, int index) = - shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) + /** Gets the index of `i` in its `IRBlock`. */ + private int getMemberIndex(Instruction i) { + startsBasicBlock(i) and + result = 0 + or + exists(Instruction iPrev | + adjacentInBlock(iPrev, i) and + result = getMemberIndex(iPrev) + 1 + ) + } + + private module BlockAdjacency = QlBuiltins::EquivalenceRelation; /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - result = getInstructionFromFirst(getFirstInstruction(block), index) + exists(Instruction first | + block = MkIRBlock(first) and + index = getMemberIndex(result) and + BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) + ) } cached diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll index 78008a6c69b..34a7abf7b5e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll @@ -255,14 +255,27 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Holds if `i` is the `index`th instruction the block starting with `first`. */ - private Instruction getInstructionFromFirst(Instruction first, int index) = - shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) + /** Gets the index of `i` in its `IRBlock`. */ + private int getMemberIndex(Instruction i) { + startsBasicBlock(i) and + result = 0 + or + exists(Instruction iPrev | + adjacentInBlock(iPrev, i) and + result = getMemberIndex(iPrev) + 1 + ) + } + + private module BlockAdjacency = QlBuiltins::EquivalenceRelation; /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - result = getInstructionFromFirst(getFirstInstruction(block), index) + exists(Instruction first | + block = MkIRBlock(first) and + index = getMemberIndex(result) and + BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) + ) } cached diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll index 78008a6c69b..34a7abf7b5e 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll @@ -255,14 +255,27 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Holds if `i` is the `index`th instruction the block starting with `first`. */ - private Instruction getInstructionFromFirst(Instruction first, int index) = - shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) + /** Gets the index of `i` in its `IRBlock`. */ + private int getMemberIndex(Instruction i) { + startsBasicBlock(i) and + result = 0 + or + exists(Instruction iPrev | + adjacentInBlock(iPrev, i) and + result = getMemberIndex(iPrev) + 1 + ) + } + + private module BlockAdjacency = QlBuiltins::EquivalenceRelation; /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - result = getInstructionFromFirst(getFirstInstruction(block), index) + exists(Instruction first | + block = MkIRBlock(first) and + index = getMemberIndex(result) and + BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) + ) } cached diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll index 78008a6c69b..34a7abf7b5e 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll @@ -255,14 +255,27 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Holds if `i` is the `index`th instruction the block starting with `first`. */ - private Instruction getInstructionFromFirst(Instruction first, int index) = - shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) + /** Gets the index of `i` in its `IRBlock`. */ + private int getMemberIndex(Instruction i) { + startsBasicBlock(i) and + result = 0 + or + exists(Instruction iPrev | + adjacentInBlock(iPrev, i) and + result = getMemberIndex(iPrev) + 1 + ) + } + + private module BlockAdjacency = QlBuiltins::EquivalenceRelation; /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - result = getInstructionFromFirst(getFirstInstruction(block), index) + exists(Instruction first | + block = MkIRBlock(first) and + index = getMemberIndex(result) and + BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) + ) } cached From 8cd85a5676abbd64e1d3f5dafee9647d63e2a90b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Wed, 17 May 2023 16:16:30 +0200 Subject: [PATCH 029/210] add flow support for unmarshaled object fields --- .../lib/semmle/code/java/Serializability.qll | 1 + .../frameworks/google/GsonSerializability.qll | 71 +++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll diff --git a/java/ql/lib/semmle/code/java/Serializability.qll b/java/ql/lib/semmle/code/java/Serializability.qll index fc8a19040f0..72490118020 100644 --- a/java/ql/lib/semmle/code/java/Serializability.qll +++ b/java/ql/lib/semmle/code/java/Serializability.qll @@ -4,6 +4,7 @@ import java private import frameworks.jackson.JacksonSerializability +private import frameworks.google.GsonSerializability private import frameworks.google.GoogleHttpClientApi /** diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll new file mode 100644 index 00000000000..1f887b2d44e --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -0,0 +1,71 @@ +/** + * Provides classes and predicates for working with Java Serialization in the context of + * the `com.google.gson` JSON processing framework. + */ + +import java +import semmle.code.java.Serializability +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.dataflow.FlowSteps + +/** + * A method used for deserializing objects using Gson. The first parameter is the object to be + * deserialized. + */ +private class GsonReadValueMethod extends Method { + GsonReadValueMethod() { + this.getDeclaringType().hasQualifiedName("com.google.gson", "Gson") and + this.getName().matches("fromJson") + } +} + +/** A type whose values may be deserialized by the Gson JSON framework. */ +abstract class GsonDeserializableType extends Type { } + +/** A type whose values are explicitly deserialized in a call to a Gson method. */ +private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableType { + ExplicitlyReadGsonDeserializableType() { + exists(MethodAccess ma | + // A call to a Gson read method... + ma.getMethod() instanceof GsonReadValueMethod and + // ...where `this` is used in the final argument, indicating that this type will be deserialized. + // TODO: find a way to get the type represented by java.lang.reflect.Type and com.google.gson.reflect.TypeToken + // fromJson​(String json, TypeToken typeOfT) + // fromJson​(String json, Type typeOfT) + usesType(ma.getArgument(1).getType(), this) and + not this instanceof TypeClass and + not this instanceof TypeObject + ) + } +} + +predicate test(MethodAccess ma) { + ma.getMethod() instanceof GsonReadValueMethod +} + +/** A type used in a `GsonDeserializableField` declaration. */ +private class FieldReferencedGsonDeserializableType extends GsonDeserializableType { + FieldReferencedGsonDeserializableType() { + exists(GsonDeserializableField f | usesType(f.getType(), this)) + } +} + +/** A field that may be deserialized using the Gson JSON framework. */ +class GsonDeserializableField extends DeserializableField { + pragma[assume_small_delta] + GsonDeserializableField() { + exists(GsonDeserializableType superType | + superType = this.getDeclaringType().getAnAncestor() and + not superType instanceof TypeObject and + // TODO: if we have the source, can we just track the flow through the backing fields? + //superType.fromSource() + not superType.(RefType).getPackage().getName().matches("java%") + ) + } +} + +private class GsonInheritTaint extends DataFlow::FieldContent, TaintInheritingContent { + GsonInheritTaint() { + this.getField() instanceof GsonDeserializableField + } +} From 7baf244ac69f27855cc5fc48b72c5171d925410f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Wed, 17 May 2023 16:18:46 +0200 Subject: [PATCH 030/210] remove test predicate --- .../java/frameworks/google/GsonSerializability.qll | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index 1f887b2d44e..cec369b14c2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -39,10 +39,6 @@ private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableTyp } } -predicate test(MethodAccess ma) { - ma.getMethod() instanceof GsonReadValueMethod -} - /** A type used in a `GsonDeserializableField` declaration. */ private class FieldReferencedGsonDeserializableType extends GsonDeserializableType { FieldReferencedGsonDeserializableType() { @@ -56,7 +52,7 @@ class GsonDeserializableField extends DeserializableField { GsonDeserializableField() { exists(GsonDeserializableType superType | superType = this.getDeclaringType().getAnAncestor() and - not superType instanceof TypeObject and + not superType instanceof TypeObject and // TODO: if we have the source, can we just track the flow through the backing fields? //superType.fromSource() not superType.(RefType).getPackage().getName().matches("java%") @@ -65,7 +61,5 @@ class GsonDeserializableField extends DeserializableField { } private class GsonInheritTaint extends DataFlow::FieldContent, TaintInheritingContent { - GsonInheritTaint() { - this.getField() instanceof GsonDeserializableField - } + GsonInheritTaint() { this.getField() instanceof GsonDeserializableField } } From b235b1cbb9e5d69e3b9fb9038c46bf830873623e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Wed, 17 May 2023 16:40:28 +0200 Subject: [PATCH 031/210] improve yaml models --- java/ql/lib/ext/com.google.gson.model.yml | 33 +++++++++++++++++-- .../frameworks/google/GsonSerializability.qll | 1 - 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/java/ql/lib/ext/com.google.gson.model.yml b/java/ql/lib/ext/com.google.gson.model.yml index a35ff0f117e..b867997c8df 100644 --- a/java/ql/lib/ext/com.google.gson.model.yml +++ b/java/ql/lib/ext/com.google.gson.model.yml @@ -3,11 +3,38 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["com.google.gson", "Gson", False, "toJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "Gson", False, "toJsonTree", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "Gson", False, "toString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["com.google.gson", "Gson", False, "fromJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,JsonWriter)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,Appendable)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,JsonWriter)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toString", "()", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["com.google.gson", "Gson", False, "newJsonReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["com.google.gson", "Gson", False, "newJsonWriter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["com.google.gson.stream", "JsonReader", False, "nextName", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - ["com.google.gson.stream", "JsonReader", False, "nextString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsByte", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsCharacter", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonArray", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonObject", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonPrimitive", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "asList", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "set", "", "", "Argument[1]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[1]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonObject", True, "keySet", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(Character)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"] diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index cec369b14c2..ec1dea15497 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -53,7 +53,6 @@ class GsonDeserializableField extends DeserializableField { exists(GsonDeserializableType superType | superType = this.getDeclaringType().getAnAncestor() and not superType instanceof TypeObject and - // TODO: if we have the source, can we just track the flow through the backing fields? //superType.fromSource() not superType.(RefType).getPackage().getName().matches("java%") ) From 57cc316ecdfd569a6f33cf1e90533dafe1fdb78d Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 17 May 2023 15:42:38 +0100 Subject: [PATCH 032/210] C++: Fix bug for single-instruction basic blocks. --- .../code/cpp/ir/implementation/aliased_ssa/IRBlock.qll | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll index 34a7abf7b5e..4de4279b54c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll @@ -271,8 +271,9 @@ private module Cached { /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | - block = MkIRBlock(first) and + exists(Instruction first | block = MkIRBlock(first) | + first = result and index = 0 + or index = getMemberIndex(result) and BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) ) From 9e05569121c7654f46f08c3f3ef53ea71613488b Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 17 May 2023 15:42:44 +0100 Subject: [PATCH 033/210] C++/C#: Sync identical files. --- cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll | 5 +++-- .../code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll | 5 +++-- csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll | 5 +++-- .../experimental/ir/implementation/unaliased_ssa/IRBlock.qll | 5 +++-- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll index 34a7abf7b5e..4de4279b54c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll @@ -271,8 +271,9 @@ private module Cached { /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | - block = MkIRBlock(first) and + exists(Instruction first | block = MkIRBlock(first) | + first = result and index = 0 + or index = getMemberIndex(result) and BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) ) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll index 34a7abf7b5e..4de4279b54c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll @@ -271,8 +271,9 @@ private module Cached { /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | - block = MkIRBlock(first) and + exists(Instruction first | block = MkIRBlock(first) | + first = result and index = 0 + or index = getMemberIndex(result) and BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) ) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll index 34a7abf7b5e..4de4279b54c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll @@ -271,8 +271,9 @@ private module Cached { /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | - block = MkIRBlock(first) and + exists(Instruction first | block = MkIRBlock(first) | + first = result and index = 0 + or index = getMemberIndex(result) and BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) ) diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll index 34a7abf7b5e..4de4279b54c 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll @@ -271,8 +271,9 @@ private module Cached { /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | - block = MkIRBlock(first) and + exists(Instruction first | block = MkIRBlock(first) | + first = result and index = 0 + or index = getMemberIndex(result) and BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) ) From be84fc2eacb80bfca97e40c7641e43eb599b8b00 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 17 May 2023 10:52:16 -0400 Subject: [PATCH 034/210] C#: add change note --- .../change-notes/2023-05-17-update-csharp-sink-kinds.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md diff --git a/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md new file mode 100644 index 00000000000..ce6d618af5e --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md @@ -0,0 +1,9 @@ +--- +category: minorAnalysis +--- +* Updated the following C# sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `code` to `code-injection` + * `sql` to `sql-injection` + * `html` to `html-injection` + * `xss` to `js-injection` + * `remote` to `file-content-store` From 66b13e2294bb5baea9ec3d7d58aded8a1e4135ec Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 17 May 2023 17:08:14 +0100 Subject: [PATCH 035/210] Swift: Add a test of enum decls. --- .../elements/decl/enumdecl/enumdecl.expected | 27 +++++++++++++++++++ .../elements/decl/enumdecl/enumdecl.ql | 25 +++++++++++++++++ .../elements/decl/enumdecl/enumdecl.swift | 20 ++++++++++++++ 3 files changed, 72 insertions(+) create mode 100644 swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected create mode 100644 swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql create mode 100644 swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected new file mode 100644 index 00000000000..0f20f1f20f4 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected @@ -0,0 +1,27 @@ +| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getMember(0) = case ..., .getMember(1) = red, .getMember(10) = hashValue, .getMember(2) = case ..., .getMember(3) = green, .getMember(4) = yellow, .getMember(5) = case ..., .getMember(6) = blue, .getMember(7) = __derived_enum_equals(_:_:), .getMember(8) = var ... = ..., .getMember(9) = hash(into:), .getType = MyColours | +| enumdecl.swift:3:2:3:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = red | +| enumdecl.swift:3:7:3:7 | red | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:4:2:4:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = green, .getElement(1) = yellow | +| enumdecl.swift:4:7:4:7 | green | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:4:14:4:14 | yellow | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:5:2:5:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = blue | +| enumdecl.swift:5:7:5:7 | blue | (EnumElementDecl), .getDeclaringDecl = MyColours | +| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getMember(0) = case ..., .getMember(1) = str, .getMember(2) = case ..., .getMember(3) = pair, .getType = MyContainer | +| enumdecl.swift:9:2:9:17 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = str | +| enumdecl.swift:9:7:9:17 | str | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = _ | +| enumdecl.swift:10:2:10:26 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = pair | +| enumdecl.swift:10:7:10:26 | pair | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = x, .getParam(1) = y | +| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getMember(0) = case ..., .getMember(1) = one, .getMember(2) = two, .getMember(3) = case ..., .getMember(4) = three, .getMember(5) = four, .getMember(6) = MyNumbers.init(rawValue:), .getMember(7) = var ... = ..., .getMember(8) = RawValue, .getMember(9) = rawValue, .getType = MyNumbers | +| enumdecl.swift:14:2:14:16 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = one, .getElement(1) = two | +| enumdecl.swift:14:7:14:13 | one | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:14:16:14:16 | two | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:15:2:15:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = three, .getElement(1) = four | +| enumdecl.swift:15:7:15:7 | three | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:15:14:15:14 | four | (EnumElementDecl), .getDeclaringDecl = MyNumbers | +| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getMember(0) = case ..., .getMember(1) = alpha, .getMember(2) = beta, .getMember(3) = gamma, .getMember(4) = delta, .getMember(5) = epsilon, .getMember(6) = __derived_enum_equals(_:_:), .getMember(7) = var ... = ..., .getMember(8) = hash(into:), .getMember(9) = hashValue, .getType = MyGreek | +| enumdecl.swift:19:2:19:34 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyGreek, .getElement(0) = alpha, .getElement(1) = beta, .getElement(2) = gamma, .getElement(3) = delta, .getElement(4) = epsilon | +| enumdecl.swift:19:7:19:7 | alpha | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:14:19:14 | beta | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:20:19:20 | gamma | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:27:19:27 | delta | (EnumElementDecl), .getDeclaringDecl = MyGreek | +| enumdecl.swift:19:34:19:34 | epsilon | (EnumElementDecl), .getDeclaringDecl = MyGreek | diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql new file mode 100644 index 00000000000..18d07936f21 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql @@ -0,0 +1,25 @@ +import swift + +string describe(Decl d) { + (d instanceof EnumDecl and result = "(EnumDecl)") + or + (d instanceof EnumCaseDecl and result = "(EnumCaseDecl)") + or + (d instanceof EnumElementDecl and result = "(EnumElementDecl)") + or + result = ".getType = " + d.(EnumDecl).getType().toString() + or + result = ".getDeclaringDecl = " + d.getDeclaringDecl().toString() + or + exists(int i | + result = ".getMember(" + i.toString() + ") = " + d.getMember(i).toString() + or + result = ".getElement(" + i.toString() + ") = " + d.(EnumCaseDecl).getElement(i).toString() + or + result = ".getParam(" + i.toString() + ") = " + d.(EnumElementDecl).getParam(i).toString() + ) +} + +from Decl d +where d.getLocation().getFile().getName() != "" +select d, strictconcat(describe(d), ", ") diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift new file mode 100644 index 00000000000..7a8b06b7d94 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.swift @@ -0,0 +1,20 @@ + +enum MyColours { + case red + case green, yellow + case blue +} + +enum MyContainer { + case str(String) + case pair(x: Int, y: Int) +} + +enum MyNumbers: Int { + case one = 1, two + case three, four +} + +enum MyGreek { + case alpha, beta, gamma, delta, epsilon +} From 95caaecd7158064f114dd8c0ce4e55b1a2775ab7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 17 May 2023 18:40:01 +0100 Subject: [PATCH 036/210] Swift: Add EnumDecl.getEnumElement(_). --- .../codeql/swift/elements/decl/EnumDecl.qll | 51 ++++++++++++++++++- .../elements/decl/enumdecl/enumdecl.expected | 8 +-- .../elements/decl/enumdecl/enumdecl.ql | 2 + 3 files changed, 55 insertions(+), 6 deletions(-) diff --git a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll index f7c42dc9a2f..b1100cc9abe 100644 --- a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll +++ b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll @@ -1,4 +1,51 @@ -// generated by codegen/codegen.py, remove this comment if you wish to edit this file private import codeql.swift.generated.decl.EnumDecl +private import codeql.swift.elements.decl.EnumCaseDecl +private import codeql.swift.elements.decl.EnumElementDecl +private import codeql.swift.elements.decl.Decl -class EnumDecl extends Generated::EnumDecl { } +/** + * An enumeration declaration, for example: + * ``` + * enum MyColours { + * case red + * case green + * case blue + * } + * ``` + */ +class EnumDecl extends Generated::EnumDecl { + /** + * Gets the number of `EnumElementDecl`s in this enumeration before the `index`th member. Some + * of the members of an `EnumDecl` are `EnumCaseDecls` (representing the `case` lines), each of + * which holds one or more `EnumElementDecl`s. + */ + private int countEnumElementsTo(int memberIndex) { + memberIndex = 0 and result = 0 + or + exists(Decl prev | prev = this.getMember(memberIndex - 1) | + result = this.countEnumElementsTo(memberIndex - 1) + prev.(EnumCaseDecl).getNumberOfElements() + or + not prev instanceof EnumCaseDecl and + result = this.countEnumElementsTo(memberIndex - 1) + ) + } + + /** + * Gets the `index`th enumeration element of this enumeration (0-based). + */ + final EnumElementDecl getEnumElement(int index) { + exists(int memberIndex | + result = + this.getMember(memberIndex) + .(EnumCaseDecl) + .getElement(index - this.countEnumElementsTo(memberIndex)) + ) + } + + /** + * Gets an enumeration element of this enumeration. + */ + final EnumElementDecl getAnEnumElement() { + result = this.getMember(_).(EnumCaseDecl).getElement(_) + } +} diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected index 0f20f1f20f4..0494f6a9da8 100644 --- a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected @@ -1,4 +1,4 @@ -| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getMember(0) = case ..., .getMember(1) = red, .getMember(10) = hashValue, .getMember(2) = case ..., .getMember(3) = green, .getMember(4) = yellow, .getMember(5) = case ..., .getMember(6) = blue, .getMember(7) = __derived_enum_equals(_:_:), .getMember(8) = var ... = ..., .getMember(9) = hash(into:), .getType = MyColours | +| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getEnumElement(0) = red, .getEnumElement(1) = green, .getEnumElement(2) = yellow, .getEnumElement(3) = blue, .getMember(0) = case ..., .getMember(1) = red, .getMember(10) = hashValue, .getMember(2) = case ..., .getMember(3) = green, .getMember(4) = yellow, .getMember(5) = case ..., .getMember(6) = blue, .getMember(7) = __derived_enum_equals(_:_:), .getMember(8) = var ... = ..., .getMember(9) = hash(into:), .getType = MyColours | | enumdecl.swift:3:2:3:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = red | | enumdecl.swift:3:7:3:7 | red | (EnumElementDecl), .getDeclaringDecl = MyColours | | enumdecl.swift:4:2:4:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = green, .getElement(1) = yellow | @@ -6,19 +6,19 @@ | enumdecl.swift:4:14:4:14 | yellow | (EnumElementDecl), .getDeclaringDecl = MyColours | | enumdecl.swift:5:2:5:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = blue | | enumdecl.swift:5:7:5:7 | blue | (EnumElementDecl), .getDeclaringDecl = MyColours | -| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getMember(0) = case ..., .getMember(1) = str, .getMember(2) = case ..., .getMember(3) = pair, .getType = MyContainer | +| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getEnumElement(0) = str, .getEnumElement(1) = pair, .getMember(0) = case ..., .getMember(1) = str, .getMember(2) = case ..., .getMember(3) = pair, .getType = MyContainer | | enumdecl.swift:9:2:9:17 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = str | | enumdecl.swift:9:7:9:17 | str | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = _ | | enumdecl.swift:10:2:10:26 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = pair | | enumdecl.swift:10:7:10:26 | pair | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = x, .getParam(1) = y | -| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getMember(0) = case ..., .getMember(1) = one, .getMember(2) = two, .getMember(3) = case ..., .getMember(4) = three, .getMember(5) = four, .getMember(6) = MyNumbers.init(rawValue:), .getMember(7) = var ... = ..., .getMember(8) = RawValue, .getMember(9) = rawValue, .getType = MyNumbers | +| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getEnumElement(0) = one, .getEnumElement(1) = two, .getEnumElement(2) = three, .getEnumElement(3) = four, .getMember(0) = case ..., .getMember(1) = one, .getMember(2) = two, .getMember(3) = case ..., .getMember(4) = three, .getMember(5) = four, .getMember(6) = MyNumbers.init(rawValue:), .getMember(7) = var ... = ..., .getMember(8) = RawValue, .getMember(9) = rawValue, .getType = MyNumbers | | enumdecl.swift:14:2:14:16 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = one, .getElement(1) = two | | enumdecl.swift:14:7:14:13 | one | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:14:16:14:16 | two | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:15:2:15:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = three, .getElement(1) = four | | enumdecl.swift:15:7:15:7 | three | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:15:14:15:14 | four | (EnumElementDecl), .getDeclaringDecl = MyNumbers | -| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getMember(0) = case ..., .getMember(1) = alpha, .getMember(2) = beta, .getMember(3) = gamma, .getMember(4) = delta, .getMember(5) = epsilon, .getMember(6) = __derived_enum_equals(_:_:), .getMember(7) = var ... = ..., .getMember(8) = hash(into:), .getMember(9) = hashValue, .getType = MyGreek | +| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getEnumElement(0) = alpha, .getEnumElement(1) = beta, .getEnumElement(2) = gamma, .getEnumElement(3) = delta, .getEnumElement(4) = epsilon, .getMember(0) = case ..., .getMember(1) = alpha, .getMember(2) = beta, .getMember(3) = gamma, .getMember(4) = delta, .getMember(5) = epsilon, .getMember(6) = __derived_enum_equals(_:_:), .getMember(7) = var ... = ..., .getMember(8) = hash(into:), .getMember(9) = hashValue, .getType = MyGreek | | enumdecl.swift:19:2:19:34 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyGreek, .getElement(0) = alpha, .getElement(1) = beta, .getElement(2) = gamma, .getElement(3) = delta, .getElement(4) = epsilon | | enumdecl.swift:19:7:19:7 | alpha | (EnumElementDecl), .getDeclaringDecl = MyGreek | | enumdecl.swift:19:14:19:14 | beta | (EnumElementDecl), .getDeclaringDecl = MyGreek | diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql index 18d07936f21..a8e9b2e1f9f 100644 --- a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql @@ -17,6 +17,8 @@ string describe(Decl d) { result = ".getElement(" + i.toString() + ") = " + d.(EnumCaseDecl).getElement(i).toString() or result = ".getParam(" + i.toString() + ") = " + d.(EnumElementDecl).getParam(i).toString() + or + result = ".getEnumElement(" + i.toString() + ") = " + d.(EnumDecl).getEnumElement(i).toString() ) } From 6c35bbf5c2c3f0145603b7c6514e19c733d37b2e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 17 May 2023 18:45:19 +0100 Subject: [PATCH 037/210] Swift: Simplify / focus the test. --- .../elements/decl/enumdecl/enumdecl.expected | 8 ++++---- .../test/library-tests/elements/decl/enumdecl/enumdecl.ql | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected index 0494f6a9da8..5e0222c484c 100644 --- a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.expected @@ -1,4 +1,4 @@ -| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getEnumElement(0) = red, .getEnumElement(1) = green, .getEnumElement(2) = yellow, .getEnumElement(3) = blue, .getMember(0) = case ..., .getMember(1) = red, .getMember(10) = hashValue, .getMember(2) = case ..., .getMember(3) = green, .getMember(4) = yellow, .getMember(5) = case ..., .getMember(6) = blue, .getMember(7) = __derived_enum_equals(_:_:), .getMember(8) = var ... = ..., .getMember(9) = hash(into:), .getType = MyColours | +| enumdecl.swift:2:1:6:1 | MyColours | (EnumDecl), .getEnumElement(0) = red, .getEnumElement(1) = green, .getEnumElement(2) = yellow, .getEnumElement(3) = blue, .getType = MyColours | | enumdecl.swift:3:2:3:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = red | | enumdecl.swift:3:7:3:7 | red | (EnumElementDecl), .getDeclaringDecl = MyColours | | enumdecl.swift:4:2:4:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = green, .getElement(1) = yellow | @@ -6,19 +6,19 @@ | enumdecl.swift:4:14:4:14 | yellow | (EnumElementDecl), .getDeclaringDecl = MyColours | | enumdecl.swift:5:2:5:7 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyColours, .getElement(0) = blue | | enumdecl.swift:5:7:5:7 | blue | (EnumElementDecl), .getDeclaringDecl = MyColours | -| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getEnumElement(0) = str, .getEnumElement(1) = pair, .getMember(0) = case ..., .getMember(1) = str, .getMember(2) = case ..., .getMember(3) = pair, .getType = MyContainer | +| enumdecl.swift:8:1:11:1 | MyContainer | (EnumDecl), .getEnumElement(0) = str, .getEnumElement(1) = pair, .getType = MyContainer | | enumdecl.swift:9:2:9:17 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = str | | enumdecl.swift:9:7:9:17 | str | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = _ | | enumdecl.swift:10:2:10:26 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyContainer, .getElement(0) = pair | | enumdecl.swift:10:7:10:26 | pair | (EnumElementDecl), .getDeclaringDecl = MyContainer, .getParam(0) = x, .getParam(1) = y | -| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getEnumElement(0) = one, .getEnumElement(1) = two, .getEnumElement(2) = three, .getEnumElement(3) = four, .getMember(0) = case ..., .getMember(1) = one, .getMember(2) = two, .getMember(3) = case ..., .getMember(4) = three, .getMember(5) = four, .getMember(6) = MyNumbers.init(rawValue:), .getMember(7) = var ... = ..., .getMember(8) = RawValue, .getMember(9) = rawValue, .getType = MyNumbers | +| enumdecl.swift:13:1:16:1 | MyNumbers | (EnumDecl), .getEnumElement(0) = one, .getEnumElement(1) = two, .getEnumElement(2) = three, .getEnumElement(3) = four, .getType = MyNumbers | | enumdecl.swift:14:2:14:16 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = one, .getElement(1) = two | | enumdecl.swift:14:7:14:13 | one | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:14:16:14:16 | two | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:15:2:15:14 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyNumbers, .getElement(0) = three, .getElement(1) = four | | enumdecl.swift:15:7:15:7 | three | (EnumElementDecl), .getDeclaringDecl = MyNumbers | | enumdecl.swift:15:14:15:14 | four | (EnumElementDecl), .getDeclaringDecl = MyNumbers | -| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getEnumElement(0) = alpha, .getEnumElement(1) = beta, .getEnumElement(2) = gamma, .getEnumElement(3) = delta, .getEnumElement(4) = epsilon, .getMember(0) = case ..., .getMember(1) = alpha, .getMember(2) = beta, .getMember(3) = gamma, .getMember(4) = delta, .getMember(5) = epsilon, .getMember(6) = __derived_enum_equals(_:_:), .getMember(7) = var ... = ..., .getMember(8) = hash(into:), .getMember(9) = hashValue, .getType = MyGreek | +| enumdecl.swift:18:1:20:1 | MyGreek | (EnumDecl), .getEnumElement(0) = alpha, .getEnumElement(1) = beta, .getEnumElement(2) = gamma, .getEnumElement(3) = delta, .getEnumElement(4) = epsilon, .getType = MyGreek | | enumdecl.swift:19:2:19:34 | case ... | (EnumCaseDecl), .getDeclaringDecl = MyGreek, .getElement(0) = alpha, .getElement(1) = beta, .getElement(2) = gamma, .getElement(3) = delta, .getElement(4) = epsilon | | enumdecl.swift:19:7:19:7 | alpha | (EnumElementDecl), .getDeclaringDecl = MyGreek | | enumdecl.swift:19:14:19:14 | beta | (EnumElementDecl), .getDeclaringDecl = MyGreek | diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql index a8e9b2e1f9f..e2756b77a49 100644 --- a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql @@ -12,8 +12,6 @@ string describe(Decl d) { result = ".getDeclaringDecl = " + d.getDeclaringDecl().toString() or exists(int i | - result = ".getMember(" + i.toString() + ") = " + d.getMember(i).toString() - or result = ".getElement(" + i.toString() + ") = " + d.(EnumCaseDecl).getElement(i).toString() or result = ".getParam(" + i.toString() + ") = " + d.(EnumElementDecl).getParam(i).toString() From 3539e55bb2651a7b9b8b4b87d7e5059e843a191d Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 17 May 2023 19:21:41 +0100 Subject: [PATCH 038/210] Swift: Autoformat. --- .../test/library-tests/elements/decl/enumdecl/enumdecl.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql index e2756b77a49..dba88e6009d 100644 --- a/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/enumdecl.ql @@ -1,11 +1,11 @@ import swift string describe(Decl d) { - (d instanceof EnumDecl and result = "(EnumDecl)") + d instanceof EnumDecl and result = "(EnumDecl)" or - (d instanceof EnumCaseDecl and result = "(EnumCaseDecl)") + d instanceof EnumCaseDecl and result = "(EnumCaseDecl)" or - (d instanceof EnumElementDecl and result = "(EnumElementDecl)") + d instanceof EnumElementDecl and result = "(EnumElementDecl)" or result = ".getType = " + d.(EnumDecl).getType().toString() or From f0ce5b09c6b9e9d345d94376ff174502166ce90d Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 18 May 2023 09:39:42 +0100 Subject: [PATCH 039/210] Swift: Address QL-for-QL warning. --- swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll index b1100cc9abe..6fb24f21ea0 100644 --- a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll +++ b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll @@ -15,7 +15,7 @@ private import codeql.swift.elements.decl.Decl */ class EnumDecl extends Generated::EnumDecl { /** - * Gets the number of `EnumElementDecl`s in this enumeration before the `index`th member. Some + * Gets the number of `EnumElementDecl`s in this enumeration before the `memberIndex`th member. Some * of the members of an `EnumDecl` are `EnumCaseDecls` (representing the `case` lines), each of * which holds one or more `EnumElementDecl`s. */ From d26a86185faec1057eca98940bc81e719715518f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 18 May 2023 09:42:32 +0100 Subject: [PATCH 040/210] Swift: Codegen. --- swift/ql/.generated.list | 1 - swift/ql/.gitattributes | 1 - 2 files changed, 2 deletions(-) diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index 2a56c1ba2ae..c3c0bfb69ec 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -24,7 +24,6 @@ lib/codeql/swift/elements/decl/ConcreteVarDecl.qll 94bcbdd91f461295c5b6b49fa597b lib/codeql/swift/elements/decl/ConcreteVarDeclConstructor.qll 4b6a9f458db5437f9351b14464b3809a78194029554ea818b3e18272c17afba3 a60d695b0d0ffa917ad01908bec2beaa663e644eddb00fb370fbc906623775d4 lib/codeql/swift/elements/decl/DeinitializerConstructor.qll 85f29a68ee5c0f2606c51e7a859f5f45fbc5f373e11b5e9c0762c9ba5cff51c4 6b28f69b8125d0393607dbad8e7a8aaa6469b9c671f67e8e825cc63964ed2f5d lib/codeql/swift/elements/decl/EnumCaseDeclConstructor.qll 8c907544170671f713a8665d294eeefdbe78a607c2f16e2c630ea9c33f484baf eec83efc930683628185dbdad8f73311aad510074d168a53d85ea09d13f1f7e1 -lib/codeql/swift/elements/decl/EnumDecl.qll 29f9d8cbfb19c174af9a666162fd918af7f962fa5d97756105e78d5eec38cb9e 779940ebdbd510eb651972c57eb84b04af39c44ef59a8c307a44549ab730febb lib/codeql/swift/elements/decl/EnumDeclConstructor.qll 642bbfb71e917d84695622f3b2c7b36bf5be4e185358609810267ab1fc4e221b f6e06d79e7ff65fbabf72c553508b67406fb59c577215d28cc47971d34b6af05 lib/codeql/swift/elements/decl/EnumElementDeclConstructor.qll 736074246a795c14a30a8ec7bb8da595a729983187887294e485487309919dc6 4614fb380fad7af1b5fb8afce920f3e7350378254ece60d19722046046672fbb lib/codeql/swift/elements/decl/ExtensionDeclConstructor.qll 4f811e3332720327d2b9019edbb2fa70fb24322e72881afc040e7927452409d6 554f9832311dfc30762507e0bd4b25c5b6fdb9d0c4e8252cc5a1ef1033fafacb diff --git a/swift/ql/.gitattributes b/swift/ql/.gitattributes index 71cc5c58ecf..a1bd08a0b69 100644 --- a/swift/ql/.gitattributes +++ b/swift/ql/.gitattributes @@ -26,7 +26,6 @@ /lib/codeql/swift/elements/decl/ConcreteVarDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/DeinitializerConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/EnumCaseDeclConstructor.qll linguist-generated -/lib/codeql/swift/elements/decl/EnumDecl.qll linguist-generated /lib/codeql/swift/elements/decl/EnumDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/EnumElementDeclConstructor.qll linguist-generated /lib/codeql/swift/elements/decl/ExtensionDeclConstructor.qll linguist-generated From bf3fb09dfd330665d1f38b3c1437d5c4e63ac28b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Thu, 18 May 2023 12:39:41 +0200 Subject: [PATCH 041/210] Apply suggestions from code review Co-authored-by: Tony Torralba --- .../semmle/code/java/frameworks/google/GsonSerializability.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index ec1dea15497..34a333c8b11 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -14,8 +14,7 @@ import semmle.code.java.dataflow.FlowSteps */ private class GsonReadValueMethod extends Method { GsonReadValueMethod() { - this.getDeclaringType().hasQualifiedName("com.google.gson", "Gson") and - this.getName().matches("fromJson") + this.hasQualifiedName("com.google.gson", "Gson", "fromJson") } } From 5ffde7a7628cc8793ce279f3e64fcabeb40cb234 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 19 May 2023 14:55:39 +0100 Subject: [PATCH 042/210] Update swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll Co-authored-by: Mathias Vorreiter Pedersen --- .../codeql/swift/elements/decl/EnumDecl.qll | 29 +++++-------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll index 6fb24f21ea0..91f597c8d38 100644 --- a/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll +++ b/swift/ql/lib/codeql/swift/elements/decl/EnumDecl.qll @@ -14,32 +14,17 @@ private import codeql.swift.elements.decl.Decl * ``` */ class EnumDecl extends Generated::EnumDecl { - /** - * Gets the number of `EnumElementDecl`s in this enumeration before the `memberIndex`th member. Some - * of the members of an `EnumDecl` are `EnumCaseDecls` (representing the `case` lines), each of - * which holds one or more `EnumElementDecl`s. - */ - private int countEnumElementsTo(int memberIndex) { - memberIndex = 0 and result = 0 - or - exists(Decl prev | prev = this.getMember(memberIndex - 1) | - result = this.countEnumElementsTo(memberIndex - 1) + prev.(EnumCaseDecl).getNumberOfElements() - or - not prev instanceof EnumCaseDecl and - result = this.countEnumElementsTo(memberIndex - 1) - ) - } - /** * Gets the `index`th enumeration element of this enumeration (0-based). */ final EnumElementDecl getEnumElement(int index) { - exists(int memberIndex | - result = - this.getMember(memberIndex) - .(EnumCaseDecl) - .getElement(index - this.countEnumElementsTo(memberIndex)) - ) + result = + rank[index + 1](int memberIndex, Decl d | + d = this.getMember(memberIndex) and + d instanceof EnumElementDecl + | + d order by memberIndex + ) } /** From 881134a6f5776a7ef13017f52e8fc6ed7160e51b Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 19 May 2023 15:29:49 +0100 Subject: [PATCH 043/210] Swift: Add warning note to Decl.getMember. --- swift/ql/.generated.list | 4 ++-- swift/ql/lib/codeql/swift/generated/Raw.qll | 4 ++++ swift/ql/lib/codeql/swift/generated/decl/Decl.qll | 4 ++++ swift/schema.py | 6 +++++- 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index c3c0bfb69ec..dcc8cd2a698 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -383,7 +383,7 @@ lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d lib/codeql/swift/generated/ParentChild.qll 7db14da89a0dc22ab41e654750f59d03085de8726ac358c458fccb0e0b75e193 e16991b33eb0ddea18c0699d7ea31710460ff8ada1f51d8e94f1100f6e18d1c8 lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Raw.qll cc504ec0771dbb461367944a5c95186047bad59a087a9bda74ef346c7b89b0d3 0b5973d56edd8099b645ea1f7be2a4934e62d5fa165261c63299ac2cf634437d lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 @@ -397,7 +397,7 @@ lib/codeql/swift/generated/decl/AssociatedTypeDecl.qll 4169d083104f9c089223ed3c5 lib/codeql/swift/generated/decl/CapturedDecl.qll cbc416f48471f978d21f5f9ec02eb912692f9678ed154cb0b6d30df9de48e628 d9534cdf290ad48e285d27a520c0b1692afed14bbdd907430bcd46e7de2fbb31 lib/codeql/swift/generated/decl/ClassDecl.qll a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 lib/codeql/swift/generated/decl/ConcreteVarDecl.qll 4801ccc477480c4bc4fc117976fbab152e081064e064c97fbb0f37199cb1d0a8 4d7cfbf5b39b307dd673781adc220fdef04213f2e3d080004fa658ba6d3acb8d -lib/codeql/swift/generated/decl/Decl.qll 2cc8ad7e3a3b658d7b1b06d20bdaf7604de387045c33b0d64191b5ef998708c2 7ed3194e89f7ae37cf9c691e4666449e4f406f6c3ee6d35bbbda4e66cdd3ca5a +lib/codeql/swift/generated/decl/Decl.qll 4bb00d3c64f88f3c8e1bdc7aa9de93d2bef6477adf756d6f7e3897d2c5685726 36d805a6f2b0c2dd8bdfbd10de6978bd9344a025e71c938e58d0c3c0f9672247 lib/codeql/swift/generated/decl/Deinitializer.qll 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe lib/codeql/swift/generated/decl/EnumCaseDecl.qll 7942eb77f91680c3553becb313f21723e0b437eadebc117f0690e5364705bef1 40eec2e74c514cecdfcdf6d7d5c8a033c717f69a38cfca834934fe3859c4e1ef lib/codeql/swift/generated/decl/EnumDecl.qll fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index dc5ddeed979..8989bc83905 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -310,6 +310,10 @@ module Raw { /** * Gets the `index`th member of this declaration (0-based). + * + * Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + * on the order of members given by `getMember`. In some cases the order of members may not + * align with expectations, and could change in future releases. */ Decl getMember(int index) { decl_members(this, index, result) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll index 673de2cffee..136d28ea852 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll @@ -34,6 +34,10 @@ module Generated { /** * Gets the `index`th member of this declaration (0-based). + * + * Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + * on the order of members given by `getMember`. In some cases the order of members may not + * align with expectations, and could change in future releases. */ final Decl getMember(int index) { result = this.getImmediateMember(index).resolve() } diff --git a/swift/schema.py b/swift/schema.py index 8fc0941e171..ccb538769af 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -80,7 +80,11 @@ class Type(Element): @group("decl") class Decl(AstNode): module: "ModuleDecl" - members: list["Decl"] | child + members: list["Decl"] | child | desc(""" + Prefer to use more specific methods (such as `EnumDecl.getEnumElement`) rather than relying + on the order of members given by `getMember`. In some cases the order of members may not + align with expectations, and could change in future releases. + """) @group("expr") class Expr(AstNode): From 19080333b9c5b3165ef4233f5593557991816305 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 19 May 2023 16:50:49 +0100 Subject: [PATCH 044/210] Swift: Add a few test cases. --- .../CWE-135/StringLengthConflation.expected | 56 +++++++++++++++++++ .../CWE-135/StringLengthConflation.swift | 19 +++++++ 2 files changed, 75 insertions(+) diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected index b0154ec15af..ffae88451e2 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected @@ -18,6 +18,18 @@ edges | StringLengthConflation.swift:137:34:137:36 | .count | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | | StringLengthConflation.swift:138:36:138:38 | .count | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | | StringLengthConflation.swift:144:28:144:30 | .count | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | +| StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | +| StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | +| StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | +| StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | +| StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | +| StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | +| StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | +| StringLengthConflation.swift:176:35:176:52 | .count | StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | +| StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | +| StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | +| StringLengthConflation.swift:180:37:180:44 | .count | StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | +| StringLengthConflation.swift:182:37:182:45 | .count | StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | StringLengthConflation.swift:53:43:53:46 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:60:47:60:50 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:66:33:66:36 | .length | @@ -27,6 +39,10 @@ edges | file://:0:0:0:0 | .length | StringLengthConflation.swift:108:25:108:28 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:114:23:114:26 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:120:22:120:25 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:32 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:33 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:38 | .length | +| file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:39 | .length | nodes | StringLengthConflation2.swift:35:36:35:38 | .count | semmle.label | .count | | StringLengthConflation2.swift:35:36:35:46 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | @@ -76,6 +92,30 @@ nodes | StringLengthConflation.swift:151:45:151:53 | .count | semmle.label | .count | | StringLengthConflation.swift:156:45:156:52 | .count | semmle.label | .count | | StringLengthConflation.swift:161:45:161:53 | .count | semmle.label | .count | +| StringLengthConflation.swift:168:29:168:36 | .count | semmle.label | .count | +| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:169:29:169:37 | .count | semmle.label | .count | +| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:170:29:170:46 | .count | semmle.label | .count | +| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:171:29:171:32 | .length | semmle.label | .length | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:172:29:172:33 | .length | semmle.label | .length | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:174:35:174:42 | .count | semmle.label | .count | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:175:35:175:43 | .count | semmle.label | .count | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:176:35:176:52 | .count | semmle.label | .count | +| StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:177:35:177:38 | .length | semmle.label | .length | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:178:35:178:39 | .length | semmle.label | .length | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:180:37:180:44 | .count | semmle.label | .count | +| StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:182:37:182:45 | .count | semmle.label | .count | +| StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | semmle.label | .length | subpaths #select @@ -117,3 +157,19 @@ subpaths | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | This String.unicodeScalars length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | This String.utf8 length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | This String.utf16 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | This String.unicodeScalars length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | StringLengthConflation.swift:176:35:176:52 | .count | StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | This String.unicodeScalars length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | StringLengthConflation.swift:180:37:180:44 | .count | StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | StringLengthConflation.swift:182:37:182:45 | .count | StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift index 67b8feb657f..4d858ee669f 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift @@ -161,6 +161,25 @@ func test(s: String) { let _ = s.index(s.startIndex, offsetBy: s_utf16.count) // BAD let _ = s_utf16.index(s_utf16.startIndex, offsetBy: scalars.count) // GOOD let _ = s_utf16.index(s_utf16.startIndex, offsetBy: s.count) // BAD [NOT DETECTED] + + // --- methods provided by Sequence, Collection etc --- + + let _ = String(s.prefix(s.count - 10)) // GOOD + let _ = String(s.prefix(s.utf8.count - 10)) // BAD + let _ = String(s.prefix(s.utf16.count - 10)) // BAD + let _ = String(s.prefix(s.unicodeScalars.count - 10)) // BAD + let _ = String(s.prefix(ns.length - 10)) // BAD + let _ = String(s.prefix(nms.length - 10)) // BAD + let _ = String(scalars.prefix(s.count - 10)) // BAD [NOT DETECTED] + let _ = String(scalars.prefix(s.utf8.count - 10)) // BAD + let _ = String(scalars.prefix(s.utf16.count - 10)) // BAD + let _ = String(scalars.prefix(s.unicodeScalars.count - 10)) // GOOD [FALSE POSITIVE] + let _ = String(scalars.prefix(ns.length - 10)) // BAD + let _ = String(scalars.prefix(nms.length - 10)) // BAD + let _ = String(s.utf8.dropFirst(s.count - 10)) // BAD [NOT DETECTED] + let _ = String(s.utf8.dropFirst(s.utf8.count - 10)) // GOOD [FALSE POSITIVE] + let _ = String(s.utf16.dropLast(s.count - 10)) // BAD [NOT DETECTED] + let _ = String(s.utf16.dropLast(s.utf16.count - 10)) // GOOD [FALSE POSITIVE] } // `begin :thumbsup: end`, with thumbs up emoji and skin tone modifier From 2028b5ef958cba55eafc831c1e4d54ca8f3c53e7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 19 May 2023 17:24:50 +0100 Subject: [PATCH 045/210] Swift: Fix imprecise sinks. --- .../StringLengthConflationExtensions.qll | 57 ++++++++++++++++--- .../CWE-135/StringLengthConflation.expected | 36 ++++++------ .../CWE-135/StringLengthConflation.swift | 12 ++-- 3 files changed, 73 insertions(+), 32 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll index 560a332fc76..59fbe38a867 100644 --- a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll +++ b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll @@ -180,14 +180,6 @@ private class StringLengthConflationSinks extends SinkModelCsv { override predicate row(string row) { row = [ - ";Sequence;true;dropFirst(_:);;;Argument[0];string-length", - ";Sequence;true;dropLast(_:);;;Argument[0];string-length", - ";Sequence;true;prefix(_:);;;Argument[0];string-length", - ";Sequence;true;suffix(_:);;;Argument[0];string-length", - ";Collection;true;formIndex(_:offsetBy:);;;Argument[0..1];string-length", - ";Collection;true;formIndex(_:offsetBy:limitBy:);;;Argument[0..1];string-length", - ";Collection;true;removeFirst(_:);;;Argument[0];string-length", - ";RangeReplaceableCollection;true;removeLast(_:);;;Argument[0];string-length", ";String;true;index(_:offsetBy:);;;Argument[0..1];string-length", ";String;true;index(_:offsetBy:limitBy:);;;Argument[0..1];string-length", ";String.Index;true;init(encodedOffset:);;;Argument[0];string-length", @@ -203,3 +195,52 @@ private class StringLengthConflationSinks extends SinkModelCsv { ] } } + +/** + * An extra sink that don't fit into the CSV scheme (because we care about the actual + * type the method is being called on, not just the type it's declared on). + */ +private class ExtraStringLengthConflationSink extends StringLengthConflationSink { + StringType stringType; + + ExtraStringLengthConflationSink() { + exists(CallExpr call, string typeName | + ( + // `String` + typeName = "String" and + stringType = TString() + or + // `String.utf8` + typeName = "String.UTF8View" and + stringType = TStringUtf8() + or + // `String.utf16` + typeName = "String.UTF16View" and + stringType = TStringUtf16() + or + // `String.unicodeScalars` + typeName = "String.UnicodeScalarView" and + stringType = TStringUnicodeScalars() + ) and + // sink is a length or offset argument to [type].[method] + ( + call.getQualifier().getType().(NominalType).getName() = typeName or + call.getQualifier().getType().(InOutType).getObjectType().(NominalType).getName() = typeName + ) and + ( + call.getStaticTarget().getName() = + [ + "dropFirst(_:)", "dropLast(_:)", "prefix(_:)", "suffix(_:)", "removeFirst(_:)", + "removeLast(_:)" + ] and + this.asExpr() = call.getArgument(0).getExpr() + or + call.getStaticTarget().getName() = + ["formIndex(_:offsetBy:)", "formIndex(_:offsetBy:limitBy:)"] and + this.asExpr() = call.getArgument([0, 1]).getExpr() + ) + ) + } + + override StringType getCorrectStringType() { result = stringType } +} diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected index ffae88451e2..69e72385ddb 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected @@ -23,13 +23,13 @@ edges | StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | | StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | | StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | +| StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | -| StringLengthConflation.swift:176:35:176:52 | .count | StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | -| StringLengthConflation.swift:180:37:180:44 | .count | StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | -| StringLengthConflation.swift:182:37:182:45 | .count | StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | +| StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | +| StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | StringLengthConflation.swift:53:43:53:46 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:60:47:60:50 | .length | | file://:0:0:0:0 | .length | StringLengthConflation.swift:66:33:66:36 | .length | @@ -102,20 +102,20 @@ nodes | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | StringLengthConflation.swift:172:29:172:33 | .length | semmle.label | .length | | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:173:35:173:37 | .count | semmle.label | .count | +| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | StringLengthConflation.swift:174:35:174:42 | .count | semmle.label | .count | | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | StringLengthConflation.swift:175:35:175:43 | .count | semmle.label | .count | | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | -| StringLengthConflation.swift:176:35:176:52 | .count | semmle.label | .count | -| StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | StringLengthConflation.swift:177:35:177:38 | .length | semmle.label | .length | | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | StringLengthConflation.swift:178:35:178:39 | .length | semmle.label | .length | | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | -| StringLengthConflation.swift:180:37:180:44 | .count | semmle.label | .count | -| StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | -| StringLengthConflation.swift:182:37:182:45 | .count | semmle.label | .count | -| StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:179:37:179:39 | .count | semmle.label | .count | +| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | +| StringLengthConflation.swift:181:37:181:39 | .count | semmle.label | .count | +| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | semmle.label | ... .-(_:_:) ... | | file://:0:0:0:0 | .length | semmle.label | .length | subpaths #select @@ -164,12 +164,12 @@ subpaths | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | StringLengthConflation.swift:176:35:176:52 | .count | StringLengthConflation.swift:176:35:176:60 | ... .-(_:_:) ... | This String.unicodeScalars length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | StringLengthConflation.swift:180:37:180:44 | .count | StringLengthConflation.swift:180:37:180:52 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | StringLengthConflation.swift:182:37:182:45 | .count | StringLengthConflation.swift:182:37:182:53 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | This String length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.utf8 length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.utf16 length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | +| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | This String length is used in a String.utf8, but it may not be equivalent. | +| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | This String length is used in a String.utf16, but it may not be equivalent. | diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift index 4d858ee669f..c707b81fe35 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.swift @@ -170,16 +170,16 @@ func test(s: String) { let _ = String(s.prefix(s.unicodeScalars.count - 10)) // BAD let _ = String(s.prefix(ns.length - 10)) // BAD let _ = String(s.prefix(nms.length - 10)) // BAD - let _ = String(scalars.prefix(s.count - 10)) // BAD [NOT DETECTED] + let _ = String(scalars.prefix(s.count - 10)) // BAD let _ = String(scalars.prefix(s.utf8.count - 10)) // BAD let _ = String(scalars.prefix(s.utf16.count - 10)) // BAD - let _ = String(scalars.prefix(s.unicodeScalars.count - 10)) // GOOD [FALSE POSITIVE] + let _ = String(scalars.prefix(s.unicodeScalars.count - 10)) // GOOD let _ = String(scalars.prefix(ns.length - 10)) // BAD let _ = String(scalars.prefix(nms.length - 10)) // BAD - let _ = String(s.utf8.dropFirst(s.count - 10)) // BAD [NOT DETECTED] - let _ = String(s.utf8.dropFirst(s.utf8.count - 10)) // GOOD [FALSE POSITIVE] - let _ = String(s.utf16.dropLast(s.count - 10)) // BAD [NOT DETECTED] - let _ = String(s.utf16.dropLast(s.utf16.count - 10)) // GOOD [FALSE POSITIVE] + let _ = String(s.utf8.dropFirst(s.count - 10)) // BAD + let _ = String(s.utf8.dropFirst(s.utf8.count - 10)) // GOOD + let _ = String(s.utf16.dropLast(s.count - 10)) // BAD + let _ = String(s.utf16.dropLast(s.utf16.count - 10)) // GOOD } // `begin :thumbsup: end`, with thumbs up emoji and skin tone modifier From b6122d01fcd8c770e7a924d08177ecdc6176f878 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 19 May 2023 22:30:38 +0100 Subject: [PATCH 046/210] Swift: Clean up the query somewhat. --- .../StringLengthConflationExtensions.qll | 49 +++++++++---------- .../CWE-135/StringLengthConflation.expected | 40 +++++++-------- 2 files changed, 42 insertions(+), 47 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll index 59fbe38a867..efc8eeefe35 100644 --- a/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll +++ b/swift/ql/lib/codeql/swift/security/StringLengthConflationExtensions.qll @@ -38,27 +38,34 @@ class StringType extends TStringType { csvLabel = "nsstring-length" or this = TStringUtf8() and - name = "String.utf8" and - singular = "a String.utf8" and + name = "String.UTF8View" and + singular = "a String.UTF8View" and equivClass = this and csvLabel = "string-utf8-length" or this = TStringUtf16() and - name = "String.utf16" and - singular = "a String.utf16" and + name = "String.UTF16View" and + singular = "a String.UTF16View" and equivClass = TNsString() and csvLabel = "string-utf16-length" or this = TStringUnicodeScalars() and - name = "String.unicodeScalars" and - singular = "a String.unicodeScalars" and + name = "String.UnicodeScalarView" and + singular = "a String.UnicodeScalarView" and equivClass = this and csvLabel = "string-unicodescalars-length" } - /** Gets a textual representation of this string type. */ + /** + * Gets a textual representation of this string type. + */ string toString() { result = name } + /** + * Gets the name of this string type. + */ + string getName() { result = name } + /** * Gets the equivalence class for this string type. If these are equal, * they should be treated as equivalent. @@ -142,21 +149,16 @@ private class ExtraStringLengthConflationSource extends StringLengthConflationSo StringType stringType; ExtraStringLengthConflationSource() { - exists(MemberRefExpr memberRef, string typeName | + // source is the result of a call to `[stringType].count`. + exists(MemberRefExpr memberRef | ( - // result of a call to `String.utf8.count` - typeName = "String.UTF8View" and stringType = TStringUtf8() or - // result of a call to `String.utf16.count` - typeName = "String.UTF16View" and stringType = TStringUtf16() or - // result of a call to `String.unicodeScalars.count` - typeName = "String.UnicodeScalarView" and stringType = TStringUnicodeScalars() ) and - memberRef.getBase().getType().(NominalType).getName() = typeName and + memberRef.getBase().getType().(NominalType).getName() = stringType.getName() and memberRef.getMember().(VarDecl).getName() = "count" and this.asExpr() = memberRef ) @@ -204,28 +206,21 @@ private class ExtraStringLengthConflationSink extends StringLengthConflationSink StringType stringType; ExtraStringLengthConflationSink() { - exists(CallExpr call, string typeName | + // sink is a length or offset argument of a call to `[stringType].[method]`. + exists(CallExpr call | ( - // `String` - typeName = "String" and stringType = TString() or - // `String.utf8` - typeName = "String.UTF8View" and stringType = TStringUtf8() or - // `String.utf16` - typeName = "String.UTF16View" and stringType = TStringUtf16() or - // `String.unicodeScalars` - typeName = "String.UnicodeScalarView" and stringType = TStringUnicodeScalars() ) and - // sink is a length or offset argument to [type].[method] ( - call.getQualifier().getType().(NominalType).getName() = typeName or - call.getQualifier().getType().(InOutType).getObjectType().(NominalType).getName() = typeName + call.getQualifier().getType().(NominalType).getName() = stringType.getName() or + call.getQualifier().getType().(InOutType).getObjectType().(NominalType).getName() = + stringType.getName() ) and ( call.getStaticTarget().getName() = diff --git a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected index 69e72385ddb..909c6233ba5 100644 --- a/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected +++ b/swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected @@ -124,17 +124,17 @@ subpaths | StringLengthConflation.swift:36:93:36:93 | len | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:36:93:36:93 | len | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:53:43:53:46 | .length | StringLengthConflation.swift:53:43:53:46 | .length | StringLengthConflation.swift:53:43:53:46 | .length | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:53:43:53:46 | .length | file://:0:0:0:0 | .length | StringLengthConflation.swift:53:43:53:46 | .length | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | This String.utf16 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | This String.unicodeScalars length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | StringLengthConflation.swift:54:43:54:50 | .count | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | StringLengthConflation.swift:55:43:55:51 | .count | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | StringLengthConflation.swift:56:43:56:60 | .count | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | StringLengthConflation.swift:60:47:60:50 | .length | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:60:47:60:59 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | StringLengthConflation.swift:66:33:66:36 | .length | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:66:33:66:45 | ... ./(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:72:33:72:35 | .count | StringLengthConflation.swift:72:33:72:35 | .count | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:78:47:78:49 | .count | StringLengthConflation.swift:78:47:78:49 | .count | StringLengthConflation.swift:78:47:78:49 | .count | This String length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | This String.utf8 length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | This String.unicodeScalars length is used in an NSString, but it may not be equivalent. | +| StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | StringLengthConflation.swift:79:47:79:54 | .count | This String.UTF8View length is used in an NSString, but it may not be equivalent. | +| StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | StringLengthConflation.swift:81:47:81:64 | .count | This String.UnicodeScalarView length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | StringLengthConflation.swift:96:28:96:31 | .length | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:96:28:96:40 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:100:27:100:39 | ... .-(_:_:) ... | StringLengthConflation.swift:100:27:100:30 | .length | StringLengthConflation.swift:100:27:100:39 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | @@ -154,22 +154,22 @@ subpaths | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | StringLengthConflation.swift:137:34:137:36 | .count | StringLengthConflation.swift:137:34:137:44 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | StringLengthConflation.swift:138:36:138:38 | .count | StringLengthConflation.swift:138:36:138:46 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | StringLengthConflation.swift:144:28:144:30 | .count | StringLengthConflation.swift:144:28:144:38 | ... .-(_:_:) ... | This String length is used in an NSString, but it may not be equivalent. | -| StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | This String.unicodeScalars length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | This String.utf16 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | This String.utf8 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | This String.utf16 length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | This String.unicodeScalars length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | StringLengthConflation.swift:151:45:151:53 | .count | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | StringLengthConflation.swift:156:45:156:52 | .count | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | StringLengthConflation.swift:161:45:161:53 | .count | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | StringLengthConflation.swift:168:29:168:36 | .count | StringLengthConflation.swift:168:29:168:44 | ... .-(_:_:) ... | This String.UTF8View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | StringLengthConflation.swift:169:29:169:37 | .count | StringLengthConflation.swift:169:29:169:45 | ... .-(_:_:) ... | This String.UTF16View length is used in a String, but it may not be equivalent. | +| StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | StringLengthConflation.swift:170:29:170:46 | .count | StringLengthConflation.swift:170:29:170:54 | ... .-(_:_:) ... | This String.UnicodeScalarView length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | StringLengthConflation.swift:171:29:171:32 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:171:29:171:41 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | StringLengthConflation.swift:172:29:172:33 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:172:29:172:42 | ... .-(_:_:) ... | This NSString length is used in a String, but it may not be equivalent. | -| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | This String length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.utf8 length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.utf16 length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.unicodeScalars, but it may not be equivalent. | -| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | This String length is used in a String.utf8, but it may not be equivalent. | -| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | This String length is used in a String.utf16, but it may not be equivalent. | +| StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | StringLengthConflation.swift:173:35:173:37 | .count | StringLengthConflation.swift:173:35:173:45 | ... .-(_:_:) ... | This String length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | StringLengthConflation.swift:174:35:174:42 | .count | StringLengthConflation.swift:174:35:174:50 | ... .-(_:_:) ... | This String.UTF8View length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | StringLengthConflation.swift:175:35:175:43 | .count | StringLengthConflation.swift:175:35:175:51 | ... .-(_:_:) ... | This String.UTF16View length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | StringLengthConflation.swift:177:35:177:38 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:177:35:177:47 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | StringLengthConflation.swift:178:35:178:39 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | file://:0:0:0:0 | .length | StringLengthConflation.swift:178:35:178:48 | ... .-(_:_:) ... | This NSString length is used in a String.UnicodeScalarView, but it may not be equivalent. | +| StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | StringLengthConflation.swift:179:37:179:39 | .count | StringLengthConflation.swift:179:37:179:47 | ... .-(_:_:) ... | This String length is used in a String.UTF8View, but it may not be equivalent. | +| StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | StringLengthConflation.swift:181:37:181:39 | .count | StringLengthConflation.swift:181:37:181:47 | ... .-(_:_:) ... | This String length is used in a String.UTF16View, but it may not be equivalent. | From bf07b0f97b196c635629b749191949657246b4c0 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Fri, 19 May 2023 18:32:09 -0400 Subject: [PATCH 047/210] C++: fix cxartesian product in constant off-by-one query --- .../CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 19 +++- .../ConstantSizeArrayOffByOne.expected | 90 +++++-------------- 2 files changed, 38 insertions(+), 71 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 943faf6d75c..da227e65f92 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -87,6 +87,18 @@ predicate pointerArithOverflow( delta = bound - size } +module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + pointerArithOverflow(source.asInstruction(), _, _, _, _) + } + + predicate isSink(DataFlow::Node sink) { + isInvalidPointerDerefSink1(sink, _, _) + } +} + +module PointerArithmeticToDerefFlow = DataFlow::Global; + module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { newtype FlowState = additional TArray(Field f) { pointerArithOverflow(_, f, _, _, _) } or @@ -101,9 +113,12 @@ module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { ) } + pragma[inline] predicate isSink(DataFlow::Node sink, FlowState state) { - isInvalidPointerDerefSink1(sink, _, _) and - state instanceof TOverflowArithmetic + exists(DataFlow::Node pai | + state = TOverflowArithmetic(pai.asInstruction()) and + PointerArithmeticToDerefFlow::flow(pai, sink) + ) } predicate isBarrier(DataFlow::Node node, FlowState state) { none() } diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index 0b688810262..6ff343ea369 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -1,72 +1,33 @@ edges -| test.cpp:26:10:26:12 | buf | test.cpp:26:5:26:12 | buf | -| test.cpp:30:10:30:12 | buf | test.cpp:30:5:30:12 | buf | -| test.cpp:34:10:34:12 | buf | test.cpp:34:5:34:12 | buf | -| test.cpp:35:5:35:12 | buf | test.cpp:35:5:35:22 | access to array | -| test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:12 | buf | -| test.cpp:36:5:36:12 | buf | test.cpp:36:5:36:24 | access to array | -| test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:12 | buf | -| test.cpp:39:14:39:16 | buf | test.cpp:39:9:39:16 | buf | -| test.cpp:43:9:43:16 | buf | test.cpp:43:9:43:19 | access to array | -| test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:16 | buf | -| test.cpp:48:10:48:12 | buf | test.cpp:48:5:48:12 | buf | -| test.cpp:49:5:49:12 | buf | test.cpp:49:5:49:22 | access to array | -| test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:12 | buf | -| test.cpp:50:5:50:12 | buf | test.cpp:50:5:50:24 | access to array | -| test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:12 | buf | -| test.cpp:53:14:53:16 | buf | test.cpp:53:9:53:16 | buf | -| test.cpp:57:9:57:16 | buf | test.cpp:57:9:57:19 | access to array | -| test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:16 | buf | -| test.cpp:61:9:61:16 | buf | test.cpp:61:9:61:19 | access to array | -| test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:16 | buf | +| test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | +| test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | +| test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | +| test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | +| test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | +| test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | +| test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | | test.cpp:66:32:66:32 | p | test.cpp:66:32:66:32 | p | | test.cpp:66:32:66:32 | p | test.cpp:67:5:67:6 | * ... | | test.cpp:66:32:66:32 | p | test.cpp:67:6:67:6 | p | -| test.cpp:70:33:70:33 | p | test.cpp:71:5:71:5 | p | -| test.cpp:70:33:70:33 | p | test.cpp:72:5:72:5 | p | -| test.cpp:72:5:72:5 | p | test.cpp:72:5:72:15 | access to array | -| test.cpp:76:32:76:34 | buf | test.cpp:76:27:76:34 | buf | +| test.cpp:70:33:70:33 | p | test.cpp:72:5:72:15 | access to array | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:27:77:34 | buf | test.cpp:77:27:77:44 | access to array | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:26:77:44 | & ... | -| test.cpp:77:32:77:34 | buf | test.cpp:77:27:77:34 | buf | +| test.cpp:77:32:77:34 | buf | test.cpp:77:26:77:44 | & ... | | test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | | test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | -| test.cpp:85:34:85:36 | buf | test.cpp:87:5:87:11 | charBuf | -| test.cpp:85:34:85:36 | buf | test.cpp:88:5:88:11 | charBuf | nodes -| test.cpp:26:5:26:12 | buf | semmle.label | buf | -| test.cpp:26:10:26:12 | buf | semmle.label | buf | -| test.cpp:30:5:30:12 | buf | semmle.label | buf | -| test.cpp:30:10:30:12 | buf | semmle.label | buf | -| test.cpp:34:5:34:12 | buf | semmle.label | buf | -| test.cpp:34:10:34:12 | buf | semmle.label | buf | -| test.cpp:35:5:35:12 | buf | semmle.label | buf | | test.cpp:35:5:35:22 | access to array | semmle.label | access to array | | test.cpp:35:10:35:12 | buf | semmle.label | buf | -| test.cpp:36:5:36:12 | buf | semmle.label | buf | | test.cpp:36:5:36:24 | access to array | semmle.label | access to array | | test.cpp:36:10:36:12 | buf | semmle.label | buf | -| test.cpp:39:9:39:16 | buf | semmle.label | buf | -| test.cpp:39:14:39:16 | buf | semmle.label | buf | -| test.cpp:43:9:43:16 | buf | semmle.label | buf | | test.cpp:43:9:43:19 | access to array | semmle.label | access to array | | test.cpp:43:14:43:16 | buf | semmle.label | buf | -| test.cpp:48:5:48:12 | buf | semmle.label | buf | -| test.cpp:48:10:48:12 | buf | semmle.label | buf | -| test.cpp:49:5:49:12 | buf | semmle.label | buf | | test.cpp:49:5:49:22 | access to array | semmle.label | access to array | | test.cpp:49:10:49:12 | buf | semmle.label | buf | -| test.cpp:50:5:50:12 | buf | semmle.label | buf | | test.cpp:50:5:50:24 | access to array | semmle.label | access to array | | test.cpp:50:10:50:12 | buf | semmle.label | buf | -| test.cpp:53:9:53:16 | buf | semmle.label | buf | -| test.cpp:53:14:53:16 | buf | semmle.label | buf | -| test.cpp:57:9:57:16 | buf | semmle.label | buf | | test.cpp:57:9:57:19 | access to array | semmle.label | access to array | | test.cpp:57:14:57:16 | buf | semmle.label | buf | -| test.cpp:61:9:61:16 | buf | semmle.label | buf | | test.cpp:61:9:61:19 | access to array | semmle.label | access to array | | test.cpp:61:14:61:16 | buf | semmle.label | buf | | test.cpp:66:32:66:32 | p | semmle.label | p | @@ -75,31 +36,22 @@ nodes | test.cpp:67:5:67:6 | * ... | semmle.label | * ... | | test.cpp:67:6:67:6 | p | semmle.label | p | | test.cpp:70:33:70:33 | p | semmle.label | p | -| test.cpp:71:5:71:5 | p | semmle.label | p | -| test.cpp:72:5:72:5 | p | semmle.label | p | | test.cpp:72:5:72:15 | access to array | semmle.label | access to array | -| test.cpp:76:27:76:34 | buf | semmle.label | buf | -| test.cpp:76:32:76:34 | buf | semmle.label | buf | | test.cpp:77:26:77:44 | & ... | semmle.label | & ... | -| test.cpp:77:27:77:34 | buf | semmle.label | buf | -| test.cpp:77:27:77:44 | access to array | semmle.label | access to array | | test.cpp:77:32:77:34 | buf | semmle.label | buf | | test.cpp:79:27:79:34 | buf | semmle.label | buf | | test.cpp:79:32:79:34 | buf | semmle.label | buf | -| test.cpp:85:34:85:36 | buf | semmle.label | buf | -| test.cpp:87:5:87:11 | charBuf | semmle.label | charBuf | -| test.cpp:88:5:88:11 | charBuf | semmle.label | charBuf | subpaths #select -| test.cpp:35:5:35:22 | access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | -| test.cpp:36:5:36:24 | access to array | test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | -| test.cpp:43:9:43:19 | access to array | test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | -| test.cpp:49:5:49:22 | access to array | test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | -| test.cpp:50:5:50:24 | access to array | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | -| test.cpp:57:9:57:19 | access to array | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | -| test.cpp:61:9:61:19 | access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | -| test.cpp:72:5:72:15 | access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:35:5:35:22 | PointerAdd: access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | +| test.cpp:36:5:36:24 | PointerAdd: access to array | test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | +| test.cpp:43:9:43:19 | PointerAdd: access to array | test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | +| test.cpp:49:5:49:22 | PointerAdd: access to array | test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | +| test.cpp:50:5:50:24 | PointerAdd: access to array | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | +| test.cpp:57:9:57:19 | PointerAdd: access to array | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | +| test.cpp:61:9:61:19 | PointerAdd: access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | +| test.cpp:72:5:72:15 | PointerAdd: access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | From 69ca49f168e13afb3d7cc07befbdb7db9bf411a3 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:39:54 +0100 Subject: [PATCH 048/210] Deleted the UBV query change note. --- .../2013-05-02-post-unicode-normalization-query.md | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md diff --git a/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md b/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md deleted file mode 100644 index b24e408ff4b..00000000000 --- a/ruby/ql/src/change-notes/2013-05-02-post-unicode-normalization-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `ruby/post-unicode-normalization`, to detect a misuse of a post-unicode normalization. From eb7e1de65b58db76075a21848d648344465f9c07 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:43:05 +0100 Subject: [PATCH 049/210] Update ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll Co-authored-by: Arthur Baars --- .../codeql/ruby/experimental/UnicodeBypassValidationQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index 3b353d5b339..c6683b08900 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -50,7 +50,7 @@ class Configuration extends TaintTracking::Configuration { override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { exists(DataFlow::CallNode cn | cn.getMethodName() = "unicode_normalize" and - cn.getArgument(0).toString() = [":nfkc", ":nfc"] and + cn.getArgument(0).getConstantValue().getSymbol() = [":nfkc", ":nfc"] and sink = cn.getReceiver() ) and state instanceof PostValidation From 8dcf139b454e69feecf64f7d1b9d32b7bdbec544 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:46:54 +0100 Subject: [PATCH 050/210] Update ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp Co-authored-by: Arthur Baars --- ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp | 1 - 1 file changed, 1 deletion(-) diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp index ddcdc3b31b2..cbdb7216e1e 100644 --- a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -9,7 +9,6 @@ The validation of concern are any character escaping, any regex validation or any string verification.

    - Security checks bypassed

    Perform a Unicode normalization before the logical validation.

    From c3c65ca7129a43c6ee18e4dfa3e14846d769909a Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:48:26 +0100 Subject: [PATCH 051/210] Qhelp formatting --- .../src/experimental/cwe-176/UnicodeBypassValidation.qhelp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp index cbdb7216e1e..3916813c734 100644 --- a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -28,7 +28,10 @@
  • Research study: Unicode vulnerabilities that could bYte you - and +
    • +
  • + Unicode pentest cheatsheet.
    • From c9c7179a0bcc8ee0ddd5b65ef996edba50d7a443 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:49:46 +0100 Subject: [PATCH 052/210] Deleted the ugly flowchart. --- .../experimental/cwe-176/vulnerability-flow.png | Bin 37706 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ruby/ql/src/experimental/cwe-176/vulnerability-flow.png diff --git a/ruby/ql/src/experimental/cwe-176/vulnerability-flow.png b/ruby/ql/src/experimental/cwe-176/vulnerability-flow.png deleted file mode 100644 index e1a354717ef1273043075e966df13a19e4402e1c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 37706 zcmeFZcTkkivo9>LE0K*+Ulf4j6_$iTp`s! zspwz1fX`OS;8Tb(@xfNQS&`PIcOGiHsE+*$PeY2M)T?eI3 zWOL4ZypKEvUH7XFeE+P~%lnpp^n9m05gG$S1^t&-9z~Dpc8i1(HW%_AubHqbogr6m z`GxB>5h{_`_<_ToTp&k$0xabQuw|M7b5 zHN*JN&)|7WB?!|>%_Fb!50W7A0HH{1EY1ptGqR&i_+~gs+E1zbR6Uf~-Y!dty8?85 z2~9uw3FDD=RIj~ITJ=tMxZ*8gc>NdmJf2Dl!MGZRo6_wa2Gxs zzO|xYJP;2eO4#x0N~dzei%JD50v@c$2#blVD)5f~4vUI_9()dB$QmL|A|TU(!fYM5tqL^B}h=p5?8_!JcabVc63=mfnK*VEZ5#wi@_sfw$zQ z0goWim7S+B^3cTQ*9Kp9l6K4{AR7pEWjkK+op1(Q0EP*Qrljn_JCJ5@5Lgs~v{pzs z?ASEqQm~Y%L}Vm2kcu;ovlkb|Gw|g$&zEx)JPmO0+}3j-1H9Mbq2Lza9oxo9I~C@F z1{{$ETi5)b&1OaWOlQ>9)FQ16)JMA?1#T-ti3))MM@!Rz3pM?(7ODp2laAgu^7tNX ze6$o}wl;xOL$k_7pNrxp;O~x#A5e!V@U;4?%B;?1=UYp#euahN5hhAx{^akP^L|l@HtTymfP02Y;gA3_w(gidman!Sj%0n@ADZR46{MuA!LN73;I( zze$Wg%KEk_Ijw$HTBjfPWXaS_j(x}CYB&UHtlDh2`fFRUZ6g|4*Ox)l)}C z3NQ{1rwb7m1r8X8{`K}XE{hxBX{6@&u#Oye81dBjGUr{^b|J1fOGU-|@s&cSo^W0AUf zD%DmAD%ldbN_dxBt<_+n(yQ*YEB`JYBFW_QB6%Up9bCqn+1C|R9zYmq@aoP@l z{^+;cFIjo#y}uhUI(5~l2dRS@aT9nNj{oK8Gm@B+Eqrml7@KroRb;uwnbv{f{NQ} zvevoMSXHs+WYg15g6GW@<1(e?S#{Q4@x5yjkDL$gd-g^@&grM%0;~QqKUVtI{^s=H z9^d;Y9>PIASuQMTa}8{MB(N2@(Jk!pNDg2txDq|qH{ZOIAg`J9tD+7@%D64ZpYHUD zRNC}29vQ8{l{l#ka=g`cN{0Q5i#SO>2c~c2lz8=&4g$R=m}!5zT=_EquZ<1 z49(b|PE;op-!+3z%sRfjX6VtiJ>@ywyO3%w{Pb^q(%(AkzSPG)WU8~4cPIS{+c1hO zY_H_Nj#>Xet9}cZQ(*LTGS;JDf^g)vMR0+c=^-OMRn8}*zP zieZvWQO6@q{84784zthhi#$ycGA;0rAoF10oyjlsA~?jJ*~8HUvZ*Lq>Ik_74jae5 z9KW63AtiefyRmmdWg`#S3Swn8f|1AHQU&HZs}H_%>OdB5cj^AhFT>GtQ{I@r^ZBDbJCrcgvdmWvoyC&T zw;ds+-d@_AMDLr9?TS8(${m>T=VENW=cx|7xW%^|0Jf3!PBOpxS3+CEdXGQ1p0+!= zsRMI1lL!Bg(`oGrWGA1_8NM~rn`zmctQ*$QAWB^f@uhcS!;xS6-B^Ev9gT&4uAw8( z53G_$7nkz{RVbdeost$-WZGc4fx6G$GP~>2z{|%uzQS`qcNY3&x*ItvXH{j>hEtr( zakTG>sh2A`&1CUaZcG+N%{++INa7*XPm(T;SIi2xP196o8Kd@*9;TARql+mPD%@w3 z$j|qxXxC=u{>K51at6Dc-x1F8`{USywGoLKD^41kaWyw+ajaK z`H-lzUyj_g=BXd+_9C>N8ny6AFzRY@uUgAGI z0~%i7a$xYJWgCV^K6FtQ-`(pmFxyGt)nVvAr4>X{zN*JFoIlE$9LNdD&gXgBJX zdEV%IAbp?=FMN`f-7)WocA9)wqiXo=368Kw`=9TFwlsPBQcH-MJDw{OcLUCkmP#;K z{v19|g^@Iq*8%O5CtDaz5vffN$;s_sl(HWeB=xDhzk zo?P*(U`G8ZC1y6laYbNk{#O~7QhjaN9Xs?oz<*_=uFBQGb7iQ|8WT!bxtAYjHBzGI z?EgpZV3N~tnRIrF%?o+cagyF(dV86(=&J82RcDC0u3t24C>k)D!H_)69{dD$ijLq= zjqIr|HE8$n-kMQ7I@xSqh+qp$_WT|2%elqDj`rHUKv;0dL*cMqm10 zoL{?USRQ#|7Q(~2b@Hp$*)mVjib~lkH=<2 z3wpNQ`p?8iG4C%l3g)|e4&OT3>)cmSajbIl+V|Ihq1ox^8C0er4|uX|Ood_t3%_Ei zIS>kyr9`XBI-Jhpul#QG9Y1G><0%}MF#E25h~+#V)=}_gRIg-fON)~~UPhwv2^y6n z$O!XPODA_q39^nRU3W%JpIP&>KFZPo^Oe{978o=4Wa(5E5b=qPfeC`6%OdwX!iuVg zEZ8dwKYC$6W-}T1pFJHKN%L8rzkBH)%(jIsgfltDPb_6}Lf&bh1PkO4?o2$#t^D#b z1@bah#&bhR7^Lq+(q7}~&$#(AvG5il2kWKz@MD=$ZOrv{m0BrCvg#hl+L^^?>me3t zO6z4G$Wdq(|FQYNZ8l85=r+Srm3iRV-QWJ3a+gjLGF8O63Sq7(vp0(?7t`MQ zPlMHwcR~l%Pp^SJs9w~a?X#n?)V!T;yTtd3$M8NkZOLNY{a0_|HOkqGN8e2bwuNf-L#zV z-<@RN!0)P8d+!=P;J5BeabFMfJCl0ffQjy%5^k8m=HHPkBMj`(h^XgOi2i=&vvWLbvMvsjy z9%nm;&ktn%nw2;?T3S%LAM(JS^>i=T(;_DSLQG)t1KFpizj!oLg}hp=#AwpH$)d%-u}odiiQYMeg=Ti?5z#9w!D~9H|T3eZxiZfCAO% zbKsHbUrqSMqd9=>?CHWQCb>Htm|9W__T+UR-Pv5F!NSDY!BC0dWx{> ziI0|s5wyK}_F1Fp;@r18{Dho2{>|eoZVFZfJ5rL+Nasi0u?(C?Bdt@pj~1gO?B{m} z6;iR)S-5MKeFaM5eXYL1jT?PF&Jm2=3nst{cCSF?lbe2WNYHw9(^`s6!E&2}_4F;) z+rsak7d2A^SE2#WO-W+iEKBI{oWS#=i&5j`=eEuMlf|mje?KlWMQ<&|GggNai4oj; zn=5MBEzQ%lN$lV@0nWqa@A=k)zZ+vMB3|!Ls8#sd@mzJ9^&Rw(Bt8mFCA8Y=%m6HFi*K;tim+o&|Ky9!J_7u zI65K1eT)ga?N1N8oK2bZ=tc&{FvhZZl{&!%ZSkuY7daJIgL1_+RQZkwK=Z~D$Cw*-xyb<06ZMhdgSY)o^ z6|9nunGW}YhqQ37o-++9R>;2oB+7v`2(0&0mwt({o@(1+W-RngwQiS0qCDd&8!1YX z;p^%uoOET4Jj|c2Mvk+MEf2qX)|Afwlz+(YG`2I!YpV*6LbPocefl+9PR7!a!W|VA z@;ZhG+F*P*L-=~S@_rrY+cvm0M6?1u_XXxJj@Lw%s^kUu*ej6_1d%VSS;%2s3WDN&Bi z^7FJWso!O};|K3wQ9TQx)0TyHN>4yX2*a)gt@*fW>|f8%RgN6+VF@9d z^V6gB>>KJi0i`!dS^B0JC7jje;pn2}dZ#x-`KwRzRjJ4m7Uw(#A9RG|NPIIKyGcf} z{5Fr4lFBpWM%5TQ!^du9ihP) zxhK3k3D=S|DO^#@C6(E#cU$^3;%*^`(s+JfME-qxL>R3oM(59nsL z)eh*uIYyix&SmWh7l^QXvOX;RlP8P` z_34`3lM2eQvWFR-aO>VI8@glR-OLw^VF6@{uaBf%x>-D}r0AM4?2}+SaRX-S@px7; zLi*dv>pU_NJy!}-)xg}x$ZDH{qHF9E;yU^A=!x8SxcFEzo|K+eKuf?DTFudmjCi}e zb%P3J4!Jb;rUTKiHY#+g7ji><$U2fvXtjXs>F)-qIe$dC&1WL40@~bgc9WgB zPLC&E_2A?&qdi`SMdCMG#)=oe?P$N@s=Q2|(edZ`2>gk+BM1Gkh0)SmN!N7WrX;o&V0^&@Q7ll3jY$xROe2n*xaM zUkhujN~%i`=bn|-qx^)e==GU#`B-b`vyD-WwHV>1Lre*#^%)xt`S*Zdhf;*FIIyT& z4g(DMnaG9?oa@jf(i^FhWW2kOD&{oPa@&em;j9`?3e&b)=2vhUn#64bGj)9@s&S2F zu~>)IM|rf5${y0Y7Fb)Y(ocMRwn=04D*U<2h%J1GN<%j7vDPu!>h0_iOG6P5D5^7b zolquz(Z4&h-UJh*+qSS{%^ntQVx-b|o~1dX!Y9)KFz>{}00zepxLCkTxRuVg` z6^(}fz}pQPj?VKMc8bHvd~E+yY7N%2iZmCwVyZK|!8a;dlonQ_x-0ntr-^7umn!UAgG zLPyN)nVsmFe2t#toHb+Y9?eV*Y$N1FsD4Ll(~NQ$Pcj7=B+po2(zL6+(D-{HNm+I) zE0VSNSjAUc72g+olFu}peVY@HkUOt+t>*3^-H2@w%?s#aw$;ik4SS1Vq?7sX#P{73 zTr3vMrW(~Bx+%)N`4qD;nV-%GTOXNwhm+YEHyLnUAkXuWg?z0WNq?qbs1Jb(+{6CE zVW|L`f)MFLzj5yn+_TYlWoLYO3UNR3QE<>d^Oq|nI*^@F;ftmu?f!rJ(Dl_vw(TG^jedQ6cU)!w0o{nd6?gb)^uG?;>kpDX<3CtS#$V-G zwLhlVXlc>7jWChW&muB9Ucvb&V^o78Rvvkr^MD{?E;_30wXb2A%qaE7QcD(3?Qknv z>XZbZ5#CSomnz^G92>=fXHr+G(B$CSdFW&%!ev1UT~BVG^2nXx^0xS$Zg-0*>BxzZ z#!`ByItSBwd^&jJdKyA^iXpq=`M@7+$jtj@aQs$XM#cCyZ!MOc`R?-MC_qv zTRPoq&9Up3yV7^X7T=P@%J9yNaKzxpN_4b}3vsDg!LH7K9Ad;1FL?Dj1#3__l;!U0 zpt#~kqaHz&65^Q-#JZ|wK5nyEL$^HBC(I&3KR_D(M&Q;MP-K2DmU{8=|{f?H@= zW|AP^>+lC(N@JWZh&IB5=>LM_XDt(Vc=WVtFgOuu24O3-yfU1@BfK-}vIXZ32qh|b zuoZMZ(|I?g!V;nQVcqGG2Nep!azZ(mh&A9sPza;YSc;zt4Wf$d0vz&4>=jk;)VSXJ zGagw91&yO*r!}#Axj|UQ?A%X=kPC`Dv?c6@amA-V?$XfPOd3KJ&`d!~$p#PJgCL^^ z`|}PcxG`u>RL$Px4xWcV4B^10EEp9O)|l-%Qldg>f|J75_MUbmEDtoJBhlpXNFRt? z5nq>^T=9aSxtC+`AQ9;Tg@RKRrnRvNq2Q3yydOJZ0XN{GTKpQXDz+YIR#EN1N5LBb zxdo|mQcP4RI?!yDu;i-&uY;)Q%X!8d90~c_1>q}|J-dxu@n#Se3xhRD$To-yW+`(Nwk-sE3H5)`NI>2J&3csESX3wx z@U&vBGY}3-gyd&DfAoL~B@C#T-&y*l0iOkfQ^jVAa0OR`>v(*M%|ZbRE&!TK(1%wD z3$B8vy-ME4%GkY-`~-LWLr3;Er$)lFn+wDMwoOzAn&7>DWCP*HC=G0;n-1}E zzWb=w=eUJRVMP2=YGjd@fHhnSQquOUXWRg14o-&lT4m8}3xr(5SD+?GY_dxjTp!X* zyPqNX>`=!$kgnVsoiV!Xhzn_d5G4Y3Ih!6(8Gbu@vM6YR|5Qnc5P#5A`iwIcV8}r* zDrn#5)frH(H%Z4?*%B5Q==$ z@stkw01E~TQ@s5ul?X-;A_wEiTWsq=H2fz_4T<6j7~%5%3{4Ad+SZS9kF_B<{vqJP z=^+>jyi|a|T0SaXqV(}EAov{iuOxs@oUwo90tE4b-)3LmX1|<*3rmd^+tx!n1Cjs- zFds9kU}o^Ln1}Fgh^-cC;2P+p9a3CUn|OtjJXlbboR~zZwT&-&UJ7=k-fjRsl)4q=@+PLWHhCvEj#JWNFY4RFGgFmK4bk@Lov&9IiBFLqq7t04m-Xht6H<-w22u$4h^j zL0xv_hV(C#0YLx_540WVpDo?L6#Tz#1b5I>>c}1&cS#f!vui5T^QX< zqA0=4REp`F5XV?DU>V14C1Wp_!UYNn$L3mhLmXSkffZQO>bYD=q#x+lk;?1K331{E z30He`-t3Y*c;nxduWKNL9-%zK``eK~XdD2(14Wxwm<0(FWP0!=^Lx{6r<0X0GvSg?lfJaa*p z3_OI^Fg!!#GKWS6j5q#}H#QMk_(Xs#urrJtX+u9kJp_aEJ1~=7=KCZu9?}u4C@{Q{l_1&6OKpURqD(%z6nO;*w1#AP%#~b{@eUSn_Sf)d zlfQ3={Iz>;`EZG7&}%Y387@~j$R7;3Ud5n(8(L;(UT`_YGHwoNT%T^fKsW6!^zptF zxSI&_H9F54*DviZszn%Z;_)*o|I+3&b5>aQ(f$1N)U@cFo&HveAiwpO~3zrY%3l_{{B&-PzAOntuV zvNRwRLB^6eRH%7lHJ)O}kMRGkH(DN`(l_&)WsYcA{dQvje4?|nG$?ZS%^i*9`hT4t@Zb^1c1-NgE~DVTV584|ak}0+<-jLr{pw-9 z4yT93zYG2Qe1to@f`;T(w`Gcv$k>>aoWuWigw zwFY(Rz4DA?;rk|#QeK>%yg&WqT{Sl|Q1jIzYomVf!|6D0c8?L(B_JqW{Icv`r~h5# zm78~*JvZu>Zq>Og6zJwERoagU|J*;>tn@o_@jjUH%(}Q4gPFZ}1+2nGUjj=a@)o3^ z8dXlZToek}A0qJ)w_XLF^fRC~%B~yOBZyr`o47-uTb})9=kU(ej8|0AMFm>&SlpFcor465wdhBbfx9yCiO@9z`|7U9mzGm3YLKY3_x>eN~TkstU^8cRs zbvsGM)3NTorFyC1`|Ph7a;A%4)02jZlsl}ZoBY+IDeavWLC)sNgKZje^mUS933CAK zc|UE%PM5I1S9B0!K3t@=@QF@n{(bX#qIQ-{-*n)G*7it&TG*|pBr1mq;3u7i|Y zh9h_c_=wv<3~k<@!J=B99&Yb!_-<aWkGkx9|Fr|pO<|$UT4lSD5_a5Jd6R&ng{$3qo-(@$E+aal z&ePu->M}ukkbbSx!^a0Fn$hM}i>+Pr`Ei-$G)SV8zWC#K^}btznft;^{Z9_YM~1@@04?Wpec;{s z@aaS}!wsuc>7OijDr$c@ceC)$b;tBoKloh287sdz>XQI6%w+8CiljG*M_zc2$)n$;wmI~O&w zQG4dmn&IcTc$@dwf`dF~*(dwv(~N4nAGZcZJ}l>@uq6{`6W=cmSdSL31^`^Iu}+u- z_D=n~<~W6Oqs4(&sR`2bwsP!$-<+Hs^kqocGk=If<&J%vt~20Oe{%ej3xojnnZ68a zz~z8;6hyE{5mTX2@ZXr+_eIx!jL^^{dKH*G_HuN;>*lEt+D;YqQ?6X+(GMOZvX$-+ zC8V}$EE;a93pCEMLzFsoIX3^f*H+3|50&M zz}c~OC~n}4Qu~WCgZh2SM}!!xmHRRh{kTWl<^e~A$-3R-o9c{|h&1Lir-9$L#aTQ! zY<}M;Nut~gSxB^HXJK_pOBo=gU}d=GS(h0ngYR-YyUS{6@vRFiocXo)&HJaOSoqZL zFbY*C@!dBB(&|e_21`U(Sh-Io{*K+}t$Bk`JRaWBk*7o~kuu$MTa;Frezv%*F6;IU z<2=I9P#k;W{CT(emOTSJ1I{;v!NPv$ktH2VA12pA=#DT_aPs(&ZDW6@bLx#fS5dQ? z)#6}|$nf27Dt1XD0oAjUIM7f4xIq+E=B55@0f!IONy1EZpuDHu}Np(T)K!)9)ugK6ERnhD{e zK!B4e_=XfOvp8fnGhr}w0#Y)LoyN75jjh7e2dgww+Bx!aI14`*8Cqi3x#Sp@0E#nk z=*{oG$NR>p<=qK7finyH!Kox;=0ik8QLA?-wUp zc@FW6Nn9&GPWpWjgPtggg#mG)CTmecU;kkvT)ybda10GOjb(&A>RB5bqHLVsgDvjG z)b8$pjEG%E*w|8ABO3=%d3jMYas<8;jKa?V$eI4*_@WTAV^fI*V!e3X$K+vOQA;M3 zRxfV5z7V?+j&*iI%-r_t&TG|c`rXnEheoPqPgJlUEhxoIAo-q- ziHmr)ztBSbS;qY+=@5(7VTysvmD?gwk6k3uT!{2(|AVYuO9f0TqF1NXLRGwVssW8J z8|TJe@K#RjN&MSUzAKCze1lK){)!0L`5bJpcxcT=@QJHa-h@rG$H`J{*EzA#Z&%#S zfAr^0ZS5~rMs{Qe@gw@Y@%LGx9&Zosc}~47HE*ESBl~I(@}<*9sfVyA7nEp7+FDh% zzbSf*HeKbTA%DQP%|KO=11=h8H|I%Ea80l~A`B&p*^2+B-BZ~u*O6c0;$;lV`ucFy zfqiVM`b1)C861F~9*!SEqQbH7ps}l%96H(`Uo(^@(|+=*@MzZ8t$5hqu#J1QU{1%l z93S~6v7Y^|RlIc6lad$63_K6bS-!yBz^xkRjsAlM`G_Ua-%JvA!OOTFQwj3(jucWn zIV_mmw4&6|GRf;KJ>Abe{4K>aCF}wuR*-v@U;hqI1J<{!oejK369qb-T}0tF()@O|qGe zBYGB1W45gb=2qQpr{p3Z_)Gq3xvdr){i~g2$C5C^60hqQG0Caq@`vy|e@clU0|w0y z<)2FSv@Koz{VKP0>6!TDaO;2dWNns6z)A1O`jnP}oUmF>DVx{_ojBQS1$rTojLyM_ zDsSj^_VvW0mDb;Ga4Vkmlf)c4eE%CJ&Z{6)mT#im8Nw!$KY+#m$iCVG51-2F$L(gL z9HaM7fQL~nI3k_*dt%Tt>}@)7`WEHSGEq~9-)LA0 zmf&|`GV^?I8y8YcGlxCmi$YTH3- znKNKLlu~(()q;B522-G+9fPH9ti-5uub4MoDth!u*v}7=_*kK@*!0J)V)4(uNA0#Ov7Q_D1LVhlodoD-hJQ9`CyE*GsIBeFBY~A zE>{*cX9ypFkidC6aI}$1M6gK9sR6=Rr%t_h{0+3uX}EZ z4B$e4lxHngCQqg$3mL0GR57LAqlS4jDm=#O(d46N1t;hZ%3~l$kkF7|AVJwQ!U*+%bYLyvE}Lk%FEla za>M9VGXH^w)bdqNtk>7C%CtLnj}%znzF}$z}eEyTj@ij%_PmAUaFKIzP&(gweil_a2+b zT@Y3CoaL*nW=VaJllXV|I4lpgqJ{WDKx)}Vc9vz*v#!msnme#w=hJ5J7L(iXd*!;B z4ug++zPJVJ#KtHFqvk_JISTKh^%+#*3ZP(}iEs}aZiS0a6+f8WwSQNq<~YPiuQK%Y z^bC#P@GCA$FO#g5&ZO$$hKb@ToBoyda^7g#ZnkD{erj`dt!)yF$}{SiVlGNSG~wT4 z+qT-^!WVRZx&K|%j|$=#@rbHDY!O5n=MU#r(S+Q7=FJzGu4v+ecg2+CXkm*3CR=HQ zC|;^x>ug9B-qJAQ>7pC`$hDd3A~BOa;>Sdi#M6b^{LF{^$IXUoj@uxEe3RM!MV4je zr;xU_M8?Jz7MQBr602(Qc*0G7vG3XKgtAV1GtqO2pZpm`kz~HkQ-A#piP7K57s;1M zEZbLfC}h1@Iq>SIoCKY(iMp&h^C;|$alXKJJy+mhdcWrUp3kE*3x6>iA6?+|yrrM5 zeyPO1<(<^;i+nY){SubzfoOU(waRt)J|Q;Gz=?626=73iYr@ERe7ao1r=i z?$#Aur#H@Z%p2awsZgmEg0MxWYG?0>HJ=2g$bOM~+s~tRDGFOWW4`SseG1jws^E+} z4H(HoR@AN;$NPlRaEUid+HxL;{f)}Z2$eA+WwR(;bR}kJsOtS`!C{x zhdF~CKt6U4o@~HNm;)SgsIr*!^=3+1TRXx`6PS%%+q7!M**RHt=}97XZcZ_jmyiif zn8?ks;SMhr@SKvwatOo9in`-i%Q3hE*FE+Vp2eMd_~EHv?VO??dubvVL&HpC&sI2S z*|1h^KG|hIRJPTSy0jI5s6!dFZYXq6FwdrERECVI@Am5ah?<%aoMXjXA3rZ_!-|y} zICx*A&BVN*<@16ikN;v==IZUf)o@#to4PvB>y*)OA>0GAw7#vpaw$Y{?Ty?>)-0mO z^x87Q1R?aTMwG#XTERq(4;jC6sW3X(GHnrWQXNfaCp{Lmot?fCnGJcVukI3HJr z(f9|>89)8mnsu-pvC&j;qP@BYPKULT1fM!6E&7!)M!Q;E@wb7$(OWR+3BrQ}T>7#W z>a^Z-s8X*xBH_eOK?v@;SBv?>*d+I>Rrt&rZACiU@z+QEC<(cs5FHz!&#-1(ib}xEPUV4Lsm~~u_Mc{ALQew<4rU4p-$wTJ3O)wc;&~Fo z{ae_j5RUUhunhzkGYPqrWC8w1*dMm<=3Jpaq zqh}5!s4AfHTA>sSLZihIFz)dyE}s|cJqUR>Bw}2-Eck&3p-I~PFe%6yd?$E=K0*^) z6vFf=nVZ$HKS2cuo%+nYgyW#nr`7Sqd5>!b2;yJot006cmd+v^s44)c6Jm`w=cEBw z1Cxk8pBqE9(1E8%;cFd?WAnofc_LJKmD zKv0*06A=&tbASpmq6!h(R285^H)LvmZds!R;8XbT3l5nHjUW>A+nvX`EEvFdeI#A8 ziO6U$$s<_z`-C7N@Z|7;rdtEs1BC1=eg!bg5qbd$&%C6`0hJtSkLv}T z{HYO~c5B7GimG{c-+Hy$w$h^YIU?rPd?{~^+wte(r@w0d_QvJ`-9QhZb>flIU~i)E zuep$M#p43)UGAHMidws37&QQ1RR99(i69hwS!Gk46PN-5M9i~WSNZi-7$qGAp}IEz zlYLcx#lNd+@7HAhJs03dAt+*t4QT*{1SNyNc94i|ClI*S1nF$nP>Cq02x7iU-k%|n z1cF6hinLyd{r<7ibdq@?xBr6IK{1_fuD}aLe8Yw69|g~l6CVHZj8Xi_j0!FsTmEd% z;K+T~MyevPxkXg|VA6FV4U{=}ikn>5%f~CqGA)kXTmG)R;qc=YNP4tB!0zo@ZhwKV zFl8;dqg$fOo-XSDnS@E+EJeh8W9f(AO?=3-Ub*7|3Q!^Afg97to`94En?x z6=C<|O>fZo89%GORj{6H0h%2_Le&G|oKhrdQ%T55X#7ttAUr8DC;kz)R3(mtk!HUY zWT_Kmo7Q`jL+SovmR%(LcPcE39&bMRsSnC_WNke+8^sPkbk9cvkgiX-*{liFz%WR= zm4udgBe^UOHl}vsBa>2&&oU(JdcLc({UJ!J+g(|hZ4hmFHU267k zr9)C)Tdz-#*WN=2L2p|aah7*}x>REkzYP?jo^(F>^St_Ib&SF(9KcI&{VvW9de1*< z_Z}F?78DpG_^8k_K)-7_ts}VNO@NW)_?7=UGRW4T_=|al&q%qcWVc4lsBW{jcTFQFOfkb||na)gM}pyvFPtLeM{GLX7dK&ZoVd zAJ~AuYkc0z``j&G^COzsUzw(kxQNM)(HMZd^WYBamgzZ?oqWwu`#Qet^q=z+7EuFG zvc2?pdFiF0xqF_{+Sq%~RY4`%RHG9RJ1WSwGqvC9d8}S)Nwl zPCbwbPbs>cEoeW&Q|R`4cX2S4?T$FJ=cKa>sOOgYd;O2QpQ5&5RP_MJzByZK{cq8G zu$R_4LB%a`-3CB+>ZP-ye!MU%Boog3_I4=dcyB`p`~kw3Y+5mf(gza_ zDy(11<`m5AshZA@?Y*65kdM3BNC!@y$mJ5^t~zc9@!htL@gn(-jxqf@yVNi4GV|^k z@`IaZmgkdxWkBBP^}%lwFJ%Q9;9ubI&k9>X4wJQ_%CZ*GAj$eA02-~Y*RFIiEvTK{ zuvs7Hu|GG8sE44KGS9DZPs`iWWlzLLP;$m8sU{tUH|`@=bH5?ifoDv~^t@4-gNV|H;W!UaBS)yMm+{Wla#w;eXz{MBo8iOI zWPTMbILTDMiu41oZB=i*3;Ofs)14@{)k&%0s;;iVH*!uxbfz}I;+awYH-P+iOq|)p zjX{L6b~oEpOqYgcPgvmEpPH<;Re(JWt_WV+-U4<0ed|j(gL^|LOm1}cvfHjujg`-6 zCVVe!@lauJtDRv$aFrKN_Hc$WDgB)%*StQyOj!?3lNGbM=jsqJo+1bKpGV!wv(hdm z>>2zm8x9Tj=aaJTaC<6S*?gNlrVvSp@D;zmN~9&?Qv5LeoaAba7t+7uBO~FPGT!^S zH?brbHuf_|;YK6RaSM;bZ4^sE8CVNN3Np=uobercc61*zY@}-*_B* z5Jnr%%g>7a=!y1?EnsA@n_&d-DPZS2Y#y$A<&^TPluL*Ou>{l%XS@XEFwqgxy&IYs z3Q@k&`XeF7dLhm2E5V|QB9BgP6Bppy3n@KedVj!AqnALfCEG$6sD?}7G2&}GK|6ty z@y5V(IKe4Bqb_NdPUwr{?}j=9`m^vNzT75EOEAv!q+(sk8AI9EWUx}*Gkg*!{nSa) z@1eq<>o@7hQJmNZ+?uIh^v|kXm$Z3*lztw)Hj`Xt1k(72HEsP-yG)LV=WMI|YEMjl z5Xlu??fjz#f{=oXnl$9b7s7h79sAEnn^mztK@NBSBW4l8L*Tm3P#g8kb$NH&D*IRO zUlB^c%#K^ez3k1{saot4v3@;D5_+?MWuf<#670@Rt0J#VP@`+%U?!PiCtr%_M4U_>O^`4NrB(RbakphuROr+XEw zo2!mRH(Q>~V|6a`-O723`|H_iLJ6p?2%{uNe0bwptgTLyP#>lvh{=6Lm%{n z=jzg{XFl-wXsqAE20ilgAY0(+?CIALnhu$#g#HS7AITp-VZqbBUlNvkk9?Q@$S#~kC!1}-Is>Wf>3 z;Qev;v&0}R=yFm?*L@3H6u6ye5>j>dwo(=06Yy^lbIe+wLH-kOcXL`1@sDpZEEP=6 z;Gb(4O6m@4U9a>rGeyb}J0&lHKTu%7r;(YIVrTs-T8ffrTd<}OM5nz@tE-Krwv4&A zYrzKr(!#@29$&Yq8+D&H6mitOl1eA=6bw>lXq>*{DLdmeTEACc;*Z=uw2RRWnpP?A zMtcn6z_3EGgeTg$9c!ntWzL!Q<~hv>@b&PV!#_v!l3f*=+X(Mp{W_QTdAGX4_wD(q zA}w333{L8gV7ZOSmhBI<4S#T0L{un;>H$)+7?E6M;xj4K73mY6zo#AJW8#XXw_i!8 zFgVKbL>ycZ&l7UJ&@7D28rXEuHS*gNW--D;aOmP|RM9qCmhuU=#e%ba2Qdef5 z`CVVzS|M+MEDz+Dz5py1$y+UEY*0X{nPb-h2MS1@9ho?Va#rmL>E8cZL}T zS~jkKPaQod>07%Gt9{B?Y7q6?M-#YLi<5HB>8$RNBU!9+J_ywThkwR(FkowP#Y#-8 zU~536(5yQL^4nd3{-me15mw?nUg%C<>wX+|^?{Q%;UmsqD=0j4bmmu2uPi=_TK-!_w&5x{qlZ!&vmZHPt(Qv%{Av-W6e3n z9QS=s6Zi)30uzN*$Q2PRw3)uo2D@()5|5oTuL;03RzE*?H0$D@QlOUA}W6Y)X; zjW+of2@VuYhGRdm{eOP!t^04@8aTWtc`~GaSv7$JRB1Xd_I3!4v%NKP%cbPf)kJ9A zg9V0H0ZZa&>&(FKY|{|LV3~l=s2EorIm6s>?%PtNBo?x^)38M@U_Iyh8?luiu)lPI z=e^j`o+oi;VC1=X`*1cwqSxcn-0|-FyM^4y+<{Gap=}xP1ypx(wdEM-Z?u&M&2$J( z#uV0^>V0`K$xScn90Lws8$jzFoJ{_u>JYP)WH;O1BZZaW2+B+sX%t;^i+1Z~aG-Y}< zjeez)GrY6MhdbYEJdYZF_2=K?w|v%0Ppr?Y?nIj}=*Z}~+XLHyXs`i@*5-kYpMeH% zj*=H6ND@OBVUbvG{U;tp!oA*wBzHd5C8b}Sz;IQsBqx+cSo@c?+wGs+hI7DP|9WtWO=Z9|Ug7+Df5O|i z#d1xu?B-&W!W@DJbzb}N9fWrH#a{gt5U=*_Kj?fHGIYpL$kigY<=>txVO%qGeG&q( za7QnN?{CQURCx7&CK*r8+vYrzRK8Ufhg&4+DH}#3kWnNb=r#F8P5ku0G&V0+4W!OG z7PE9eK5!WSJfsXe1N2@NfLDmFO10F=Nte88TvK(9@g`SarQqqNpVP*~Nw9rfkov%G z7QkhU-Y;I8$mtsXZ2i_Fx74*3c#+^Z)|%}G#N^@Zt*CqlsSDU9QIauaZCw^R?e8x| zvd%oU$Hk_lDFQEpQtl<}5FtFA6uqP!V&u!sZ)q@wcQ5LgabW41Tl@8J8TXkN?B5RXDdxo17(W0A@f#)yiiyz3 z+c0bSV$W26I6c2S5KNfHok9Wrh+p}J*=+PZ@4KzlPYV6#`*T5D=-1-(FBh3!e?+Fvo&e+HS_5UOlWe|Jdbt}pw#!3Csot^bupszl$IXzuZxY-IgxM( z6cmK>>&|<;1#L4r5m(KLo*6s5x~n(jR#@nH7DPZ?uI`xD^s@36sZg|I13Chy*KBkg ztw-kG&#o4^q6>)Vh+zNygza|z&IaDjJ+5)#WPWq?tmbW>bpsil-PHjVMD*cnG<$?< z^S;CUt0RDY+UxX8RT1B+_euPHKG};CbW@&sO(;8V7HS7M)%lTp8(OA}5B#ZMm62Mf zrJ(e~eWODWb9pQ`dRB6OdHlx<^%C20JxztpNRd8Lfhd|Z+FSkiPo)yALkGqyEZ8vB zxtnmY!jlghzADs`@~}EptveOjsXr?#$(#i>F1#(f2$8wFIWpq1!k+J|R2w~*n*uE< z(K|(02#QAHcxobrX-2LS?IeOAUNNYmsa{d$Pj>HoQB`Km&=BSrO28)@R$(EF+dQ5n z#r5m1+;^vLRr_E zZV0V_(o2U!7?;<+VQk73`K(hkX^iI$Ttg zy3u#Le@8lgR?ny`M)a2gT^CcM=rdkv!E^}Tokr~&k6^5PAZeIX;|l}VBo17{gE-uT zSAFt3OZF6ewzAHGvV^1pK7RCT+d}=sDS=ami03tLFBna1+WRK*t%T?34fFj`4Rw?{ zTE%UbzG;qhBQy*&>A>FtAZrdY{)aBS z#Pk;!lIJ`D@*OMg<RoNi?B=dmD~6IBs!qO_X&s%l*O{6Eaw~Zy{DSL+Bzh>~?PkbXE(^WLDa~q^efhGC z3aj_=l%2-yp5j}qMDJ*=_%+k-$0Z*w_`B8#FlHNw&>3%ABivWfx}54O(s@ znY^VTHlLxp*0amiuQB$4jLN0MANm^OT6e8q zNY3h&$gb!D0j&2_crMFa=YJWe#@|}qAf5aLQ)Wgx={TRZsmBuo@{0y5v@q)imY0-6zBO-HMig7>Lvu&QoI&Z zgXk2fb4A$lzqo0M(j@J{ZDOeT<%EbiN%*Dw2tzHczq8A?$0Q!1TU z@l!(rGoES%^>A8ub>xJ5kLFtGon$GeDcA;ZUY54YzdAfsW+404js)9E-{hy=%(UvY zhCt1+54nbA`6N^|uLp8S!UvkG>BVlV#!=pUiTg6hqSg_SmWqY%PDKB$BkLav@X0G7 zx~&)V))}c&6PP94v~Q!7{S+~6pUT@-9R*sV+@q5UZW+_x6{=mJ%%1=L_IqE&N)pPk#Mp5iO#xov=&d9P7tPRdZmK{Q+cE`9uw zO?Y&(i&o^hdh*e#PQmOZ%oaZk$KXqNCDPw4;*$bD+l=r%d%8Xrnr0EYQ?XKTRI8sT zkZGAWAzgit=#mhfUU!ZKPeNgf9}AP)+d3PAjB4v~pSgX6jL??P{;YPzf}Zhnog4YM z8Ly{ru2Ow|(`4$CL|y$-V@%JB*iO+5Y9KOFFZanS%<7%9%D(>$5Lg< z#;`LC>lFFe3vm97LWQ50WL!(kav`3=dEipNGwwD$@;dI>)ffkl6AO%Vys}@^J zKPdr6ffz`tC3qY{vS$2BOv^Zl`!3t%o8*7QI!m_qJ0q}8BhdQZl#wekb-<4^%6)~! z$Q8-Jc&|LbBlg2`KxjEEAZlNVl6;B8pJXz2 z7ug~kp-~POc`Mof6=UN49e5&x0kl0NB)7CRQIEjVM);{OFFtPsUKNt9YxEfr!)HT8 zri-tUPVQ?Y2x-CY4Lg9#okhZ(^o!q?IlGAP;s zyT)v9d7wrFq~Y>1A*$m83egB?`4w(tEjKP*W&q;BWl)NV0e3W$b34=?5_45Age1v> zA!Q#_W@5(97FmG>m_oa+BX5npV&}0Yy?)Xo0=u`Uq-nyqbWj;R{WE;8oybXmUh;~% zFZ(-0fk@D4KOG&N2x&w%!(VC`xiT=KPi^X>A|=B~+X`HDH-E42Jzegnqox(z(?H_B zM=vNzo^8)XfkXNgNEauxy^Vsf+jbfA_kKjBYa6KM0l%)R5${+`dTT0zD)}B2 zmET@rJzE{Wnryk;3N#ah)AOz01vHwma+&A9zornnT}J);RyFnSd11#n*hlJo0m`g<^fUd-7qus*n2U^yKJan7n9t{!kPkfpy=vu>kU~>Yj3Jm#4~A zo~1o%7zck_h`KOW6Q~HOq12*-hj_mp_vb|Q*B(3wQUZNt{_%zrXrH`c529~~D8wPW zoq!O^sL9to5UW8tyCb^V%Jc>+!}?H6C1@@h(yWN8yymSLrgUHk)k;o5^Mj<&X1p`?Y!n$!0d0EzU-Khfz*QPR!q^ zK?D+a+W9l>rW+8N+2M9xVZz}FM61-3E4}5P44iu897+evdv=q=rEg@jLfPU&nIABmY~5+KKgl zuwocJOLjHc2{)vyhk?u&0;?-Q;vzkrnNWl+E?t*9 z8Hv$IAO(qF&O1Lp;yW8l2m5&kerr=cAdM9f{>i2(lyS=>;rGMky25*(16_U4#Mb(6(WB#h zwEMUnAn9?tdDxNPyrs$OIYINu=uncFyBX|;Z0~4D2uoA#v3S`mHjBTbZ2}^T!3>^a ze$U>@kmv?RsV|B6B3_^zXWQAqEQ#=zKgAruNurP93PSza!17|OI}kge7gd*|wTdn> zsy$j4?W)Z)I(w1%7rN;m?2r~dV9a6=t<1bz#|ZDOa(x{~;e7Z(2EaPJP>*&k*!gT|Ik)gBHK zZQ0Am*OQ~t<-aO$s;biNH&Jv}>5nHW@Um1(zsp5JzeB8 z8bGb@+f5ymi9v9Nq>xy5xzc@fwa$TR{LPLRB`JqwBwbc97!8F#PWH{?SkuH2 z$U^Ag9vU-sF7?)R*;pn%GaB{8=em9u{W$o$9wUOOA7;RPXQ9b`2Vt~&Nu#XtaWSLl zqfiO~UtZ_z?ZdU!JkPqUO!-gJ)(nAplC7gFqo4CW4XXJG(Y*ISGWXAPumx#Y>`9qP z88LP2Bu!Ee4-LaCVj@ZY18@5qJO*+vBj-tajEbb`g@w2*6f-Y==-eLtY(39Bj_;iP zqwGjnsTrM)V^umxq#cCp1f9#rJ8KWU!1uxOo?2Ab{>do1=f~*YemESAyNYA_c6gi= zf3YAuZ{*p{E9%h#4nl6aizd~(3f?vHDq|fP7Waonc|k@m z^xbn;-Uru5M;*LRLkVPut6#qqaq%Nk7uk|Ml*1;`ei`a2X+_4uzW&QUOY=3?z21*X z8E?)XU9Y&jSp2B4M6my)i7E+etmU`Pc0-@hSrKry_=)yap~lG zzG&m@6}58dn1&mLwRv7PvRhL@7m_cbyCbWYwP<((DBZ$>80)gxWI)$E_ zXQ@0qEtgn-ciH9vd;c0oys1f4`1QWm(&U!XW#7@fBTd60Z>yi#8cj@dqwO#XSVAl~ z*;WLEy+)BqH1h9?_*E@!V1cFjbNG=FHhkYq&^1Jih3AknzRLoGQL=l zBz<5wg;mJoWXN>Ft|!xP5_e%Oy)!eSxa~c)IXLf%#*Tuk!=^;zIhOab4(~r{!mN4X zym|6#wpAST&xcrJeoVL*?uc5rp7U5_W;X;5%yEJIr?4Z(m$(uo2VD5Wpr250^uvCR zZR&-jbF<$hWPn7+ByWX9ni|OwrfOXbq1U8zV|k5F{KD`Q-}h!t+8QFanHUK#h@C z%8jsvY}C#s$M#G#U>ZgSGbu<&+6mKAStyW_=sDUINeE*4Rr@iU7cg;&+a0RSo{nng zxNd%Dm`RDI^O+rL=I2MKg=IY`H`>`ALyk&Qlw~q8T5AYw#Hc-omcQoJ;^n3 z6^vgC;HSzBu8$ z#&@2Fb>HK8Ru&AwbgwO^HS?}X2c|+rtHo0cP@W&ROTh6@o72@pH8uXhrL>~y_|zrF z?)bUx$GFJ2OR_*rmKSV?kZ>I-h_v2B@XJ4%OCcZ@~$`aM{v zsJP5@nW=ZZFYe+leL-v+=F2jzqQu)ftPID+5p1A63LU-ANYX;o7eN(#asP<^HnHjx!REwMO-MH(bdUVNx6U~Kw{fEi3-_G<8+fIV>z!#^h}vB zKk65yUcZg{9RhZSh5bs_p5t03O=vxB6BvRwjdhLEz4EcI2oCG&n1|J1{uNJw zYK~W~b`sWfW*M)TGr6>7Ixq>MwXV*nQ;Q%6c3_C&C zKjc$b?dTobug8X?|Kem|IVt#E{w!gpzE9%of7|RqJQ*uI+upGgI8MWi?!2YEIS_4# z8;JRvFxN2`3o3IKa&E6GlJrJL*cn)@fZ(afixD@o70}#YSXGV3$)*oTRg`m}+Kh`K z_8`e-ET?CrBh*iKd-}79I%96CtqTB&!j%(=C1`^uHi%5U67%nmuH|!Lp}JO;0HgNt&CjAxVXe!(P>mw0Ak}6Fs!e zJ$76?3DctbpTFshO~`0iiIl1*p4;-tAtCr?tUZ0fZ79e-QcEZTw(654nhWe&RJR9%!Zhq^a-dNj)P(Z7L#|(DW9Ff7K0Wp1$~`kmOR?Ybj~0j zr_hw_3}nmuEdw0GREF+YJ7JXX+Wo$3{gFpK(>I+URa=4n9^D#E9RCw_s?qlf!7Lab z^&_fLx4XJ)Gw#bM6fw!+P}R(5xN>B-S~pNP2_+J??@9}WmX?WZZ*blc@)mkdNi4ds zA%}8(NV}edOV|3+^q!XK^CL>qdpTJK_Ga9&R0K~t!oG2A2kIWnrpp$tsLgTg*60S@ zMOV8k(^I8H*4Smg%H`h@#Mxr!(9bNEb>S>b+EwVAP{0)$kkso5!tkVH*GJz+S@ff4 zKM-?rHGs*?_!qFpCcUagTj>-+;}S@mPR>%iO^M>&8Aub|3?t-P$m+`)>&HM%vPhL) zgN?z<>u&lfpf@1m{R4sh4~U)gHB8nr{ZxyXsjZ)9ZZ7hd2z_}c;$|mqZ$;)T^U-uw z{0k)+&T5eiZwefp!2B|8JX?^t8Nae{;D(i*lP|`0dX}}Mfl2H6T*ZTP>Xf#Va`aeD zn9kWBt-U@cMSE8f(7^Eow8>g`N!_e(Xy@8hI$~F+V@Tsxu9qpG?JJu--9RgAV%_%f znzER6xVcJa>S5Q?aYZM1Sh8D^bXw7X2aY*#yHC3mXqka-n7PLkygGNM)jMx=gY~?Z z(88eSF}Ia=oUwPcqpyMeHMWUd7Bso4GA@!mvh{S=`wEmkLk%6XZfTUGjBYDC*&=r- z=iQYe>bI&$xjx^x_CE4gsoJf=O=1Ha3;!U-t*N)3Y+F;MjD^3X*oX!1$>_)!)aK0e z${O1Bb9%Wj$<|$%p1FhI*bx~vyB7W$>j6YSe z|5oGrXH7Lh6uRQ`n?JsiT!rWSiADKG?tc(=YlCuAP`X>g>=Z37rR?SEUKk*e2JZ>X5M3)My_$ zqz!x*f|M~v5M>!6*JDonVK}&_9_Olk=)X3_eW;+CKl#nD3+30`GTW_G$AYwhIz;Bu zf8jyFIQYF5lK&SGx(=aG@WdRP!`DUB%^u9!FS41CA#Dh4PJJbL6FOyv$xy3|aTCU- zs9u?l6@M5uR_eWI9dOwGISq~rVQ+ri5^^Fh`deCzi55Cgj2>Zp37r-(E0as%QUCLr z|NnZ;zGp)d)phy;3*K~RPt`NO?f;LFM%^^eIhi0wsN0Ko`hC-#(m&E;i8llplc!ecAAvUNq=U&W9Ng53Qpc|V9 zoEY4Aqznd&HHPEaR20jd|S7b~mw)7@*QafF!)NY4^9z6)!Kr9fVO{OU0vl)rQ zU@TXM4Q(JaOq0hNqk_Ip%EoHQYqQGj+vow z6xf?)^z?^HrZ^VqzZ&5yVEp9m&r=t_)$z)q0EgTj3|}CWC`n2A>f~rjZEtUL^a94$$mxzAbm5jGhc5EAI04Bl43acy+xyvp?{de0*G>9~*k#e31J?;X0rE*Kp*1 z2^ci5-6$<4xPJs*l$p$HPZlWuJvvan2k+F3`rSAylndau1}hi$kb8Qdoc3u!5viX7 z>SrI7je@eII@BqA|7Qwvy&A5&yURR8t`|Vt%Gc3a70}SJxG0!Vx`U+Oq>wT>l>5&q zBV`+C!*DmY6*LWN6}mq>LiJu6$_|$$UE8R|aOI(#4=+=9l7&DP%4z4BP_io>JxE{P z!gINwhUk$&AMv0}#^i_x15~F4R*)W+ZUbc|eR%ygUyF^A>wlX)v`rq`Mm=w4j5DL2pZA}&M#|^lS=TN2WRUh~gI#8%HJc-C zaE0-i8F(Tef`)+?b4AjXBRZG_8Rw7C=B6)u=jhO}NICBLY}Up4!W~SSacI-Nj+k&! zG9?&_6c|Vm{wxf?!DEVyfluYiWpRJ_Pm{KfD9J|~Q9oojlwmmRoRNz0?0)(>!WHP} z74!xfZB-9E_)l;qnhV2&5oesR|8mDuxMTT|2lBj4J*dv8^ld$2HI~ro-kI6&$Vhm@ zNSwKS3r0pl6|VDL`s#&@vBg)3$V2ZTR)hZ95U~hu_@)fj89pPHG6KCc8+u!f zlsnzu<4#*T^VxL!ITCKi?tOo8fv$yo@DsJsd__*cL4a zu^Jn&n&CmRWyDfeVWfxq2sx2*KD0r%2j?YXHThsQx+51}{$VxjU^R(i3dk_oz%UI@ zFfYqMnFTCb_FU&Q(wD!d4d^2Wv_Xr*@f`BD)!=Q%d!}0ecu)iVhLLv`D9+Zj2zAb06oIz*tBq`k7O0R!>x6Rbi@V;uy5K7BRQxE zjSQgOX~VvK2J)V7(8Zdt%5B8CK;lfBj zK#-xHC^GhR>iCb}a)8y^@%`};QxYtW2LV>;1rF}GUWo;B#e(l&6@UfUG5mQCnQpnm z!y-GqY)(iTlhglEKUUe!A9KYB)o{_%Y*h6D;fOiI-q(e2AMrQ=51l;mg4Z4NzNo&! z^);Hd`vN2m*%q8~Xz1DSyD6PYjtl6eScA5s%zYO=ye)mC_UgIk(HLiv6`7rC%JXM2 z>-azSqLS!o6w^g+)8!>OkV)2^hcDr3VwyS@9VK34V~MZ%*9oyodOGw=tW)8VUd_r5 zOJY3a3}cqmuUV!tV2%CyMe7EJEqoedixjtiGfTQ|rbmQgp#Olu{o)e*`|qWETo@{L zyq0c)l>nn6G;;H$d>s*7qV-Hu{(HSLse~GT5o&p1$keeHK_52sH`WR5Es-~2E&m6HI~28;>A!WfVs_vR*rQF9Hja%aji^7xLM+N z8wY8Tq0gp?dr%I^-+ovkOkhGod<61!O7QsT$LSVWWAKo&9`^UU;I&LCFj8Y!%4;?>j?Bb^@cMyX|j@Z~f#bu=Q zDulD&dJByu;M~&y;VD8exXj75ufS5|}*mVe%}N*EefT6m@wcewniU-F2Cyc!9hozc1Ha z7@cVPa33xAf>IyHr4P@#EmadiQIUIX91;XB*gW^=%un2S>Q21%QTr*J4RKoTB;YGmdGO>Ni3#|<)66buvY8)DSY zj@AMuKbQ@wt0v#PrmN92G?vJ51=U|@Y%Cu^a|sgD(bIsH2ULdV^gh4|xGG2zxnHXm zy^!yyO^4NMI^ZZE2vA&Y7LKi~h0*~`LN2ZIYYG;ha~h2S6M+?c zFz{qy&Ip!{HDw~b1ut`*wy-|6@ddlG#wR?z4aIYe;wU^ETmllmCso&71!eiB?^l*r zl1(hR9!v+#1317zV)5M_sK9cT`X&Y$e3C3UKke|ElwcyzDBb(2-++9=l*OF&XV zES-I0$^EibJUc%Twa5)!m--9U&`&qV@L)+gm=o<+MNH+HSfCNVQm?*yiUT{kuNs#J zqTzrwoCx`AmMh3fg%^1xjXZ#rIM<`V@BDK*^=tIQ^|A6^IACnbkQ`BJ9OHG}^xBAP ztHDx$)q@yTA4+g$IAVlxFs{RTBHMS6Diau7(|SL=JUE%};Wsah8}E&(E5@vh7+jjj z6xtG9#xGUW3Ey&IXxL0)T^sxmZ{X1*S6}f`i9}pi$TjH;WydqW36tQF^awdpV$E>FgN~@{4#?WlV4yuo zrfUd3iL(V$-JD~s{!uhkwfGngg6-lwck!FuM}2Xf{0 zD9@$5Fj{;PvP2yJpx_kYa~Rjb)S8a5Ob+nOZo!i62b;dbFBYv5UR9YMUE`s zR^p4|$}u^^SPp+quw)p)MMEQ>R+5#{L1!gRgw}~zhx;S`JU9kvFvH8HwqGX=&V@f@ zg_#cv!>2OmpXkRzDhflks@Lg57Od{GNt!62ApMuauLbL5n&!eqye1v^LthL3Y64tw zXy}w83r6a9zGhyBCksnnaAzDVnCuiCOn-m-uMar?v_a>;W3eWr{>nG}CRk}OQ^=Zk zL_w?mpZ3sHvUN_B9eR~eY{5m4sRukZ~Gih{_IL-JnXg+ zN_Oh@4{FozLMMaJWSaTSWAko2S=LA^S0O<8%oQhz&A$Mp*TMXInHPi~wO_QH$dBEv zS>_ypGi$&39j-m`z6uWAE99(7Ky2JP^}1XGUUKb&txdbtkF770M0u(;u6(yT}Hxo4cgV^F)6~L)ygLU*U7vXwhr;ox>r7w&21?E*(hEYc!y+D%m0b1>0Ku+s=g5QSzXU_zXkW_>tb zF+O{x!d;^qck?k#u-ESq^KC$Qdv6f`_~a5JOHcYRpKM7Z@}{8>=NHk z@Yt-!m8~o0CD*-2D94dyi_fotD}5NJP2HgeHsb`&AX2_*TIQq zqG4KP0+zk96|uQCddXfcLj{K0J@0RCm)4%B-HAQxzm}l=wyclpbc-ZbEV1DRhBm&)d0wD8fw}oQMuQijc?2$ z8p|5uhq4oVRMo!|0r-0xIsFwhLarsup0-MyYE>B9Ns-E5co*_}98ONjGd`BS;fmLa?T4~<#KU!B2L0P2qVQ)2;f{TM| z{qRvd;r7yH&E+g~yY|H%siJtGw~*=*-~6dL#BKPT@St9B;$r^?--UxOkNrq9_Bz0G zL*zdW0rsnmO4j~Z-NltuXx7kshobXMd`<2CguC{9ieE<1(!J=Guz6=k;!B_2_-)or zwm^^<0B?=pVYsiPDs~z%$v2eEf!*O^dIUi;kIV>3pu9o+LEJE5_HtcuU)s+>|T@K ziT$$h+_9-G3iQ;s8{(XNKTOac)*A!|Y3TQME&WXPSk9eFld!M6-<`swW5KIb<)?jI zvTV}OxOW+~$n%@#4LG%02T@TAch}M*#4GHgp1n8iAv7Rj&rJoI(5$#hVw#3^dI_To*YtD_5?^>9s+b&3wy0){Eg1$%JqoQLeKsbxPf0y! zxIpYXL0wjLx3EF<{KN5Q97|`m3bA$0KR%S=>{&A5VJ6|c>0Gc>a|^PxY+$h<5|#DS^M+A6&s><`ZV@r5564MF|Yf-GhJAB@wI=mk_>61-47{%T^i)$6O{~Yd!j{F_T4g__~9V zrJ6&1%*pMIx}|cJ?%-yoOYrWHb2UWZ6L=Wv5I7o4mtgJ(lL{t0;^1v%@a$ z_15f-7v0`Y^g-&kmB&iDMxTtoA|jdpIAEzY?!L?6unJ4tcc)L{@*8?f<9Yut_LD)w z(0P-p^lf~|*i4_`%MFkG!%Jncv6T!)9)VOvFKWqyCY3IucKLVKL}Qn(iacDJJUeyC z9X}`G5>oz2(}V1@mlDrzd)J^8Q+J3|b@xzned)OK53i&CT+y?=zT^vmxYbMr)(fL6 zg=3jw^@>znD|+F*UwBb5PUab|u8I%2+)zX$xM$|?wPvjHhRcf&&q!Zh^_^;2)9I`x#Qk8nP5?fy*lo39*JV#nGmT6)pkkIotyPf4+& zsX8b#!ybtRO1zbaaWo!V75VK`+Lmyz-rt zkbuI9-^+X(s6`f2LpIupXWbz`ljE}~U+*`&=&5o}Gr#_5CW`V88KB616Hq2%xH43G z`n0^kZ{lltAD8o_m0Q}a_b(;zRj4wor}~VHWzEqjRd?A}r%}cahsdlU`HZeTcSr#3(h0`oFlyT=q1<&Spi#uzu+*th zrfeZKLr_1tyCAV&_+V;E36&k2&9gM>TPuFzw0W_sX^nTs;&yd>ipDo2I<2pI=E?43 z6lwG*=^&;oVDB>byP8g}o8n(lStS`J+L_9)>!gP?=qyw&p%#A!nYF%J+w5*NC|jur zoCz5p&`jpdbg|d2-bv9gr~rhg>`|J_OLD57puma(sqBaVF_jXr0o1QAh4-9{{(KdF zYTof$gcx}K@G?5Fk*yBN_tR2@J?t|exWMW9AgU&r+1{%x4= zIpB^^y<0AMYZ@VTQ+M@!h*6^&WBmKtFYJLqvmLBTLGK{SlApP}Q{6PR%kF6JiO^_M zXl?P5PK-z2D7z{?a1wu`XV)zy z24%NXg!k{#?5w}E>#Lb`*y*TGOliX24C^qx)f(ISy^~)IgYQ@vplS zqVj0}BnnA|iX@*k_!*Tg&0g8-dHq`)-Sb!$7 z0g{SjyXE$u3n$nB#6M?rn#E(?w~tyB@!u3a`Ym+FlPj+?YRKiHMYm8(6`nfdVXoue z6aLRZRHu4{fy|y<76(Q?Zx#}9-S%aF?pRxtH~EL#5e{K^KzzOZ{#mK->2^WHxsw6= z)~|VmHJtmgqO`c9+W7ELot9S}n<+fqeU(@u^C}yQt9(WkcQU`=TNl2Qn{f-0og_?6 zRb|Z9yW`qjmsPJexpKYH-*3jHXg8{eu%q&Z6Jf{R{PT(pnT|@SUG;v-9dc1a@AP^( zV~f)EF|A%B39Hk}g4XWO)HIxX?w6_s*(kpF{wXcQx;LEz;z&1TQ&7`VK?PLn z=COieD>13Rftmeqry>9G!dB+hjw9M#OW|g!tJ&^9ndb(nLY8Qg_BsP6Zg=mCqfEIU z?Jdc^h&ReuiO<=4Yw0=iLw={YNbX4$^QV{9`1fklT_`&RdEQu?B+Y&5L&e=rPT(Iv zWj*yNkM3!&>M2ubpm2U!dtYy(VzF?BupRq-jebhLplUV^LrD#M6)-SQEeiLVtwcH$ z8)s%NsSse!@b0*dWIgh&!V&W1ce*#t?4e_2c_!GaFulxTHNJbj;P*_asp?dYRaVdk zfoXd<8>N1f%FsI1JBxW;ox;}X`bqiEBwDVS!N)IhwI*vdM`^SAK3_t)Zc{NgO4jki zrjR+&Lm|9jHqD7mlfH{N*ywk$Ty^sP*e@P~^h?>e#CwH0E4Xi9Emf!sc3hJLVy2l) zAVjY3ZPC1dAr9fL2TWjg5H?LIXXj9$m%>2X?nf+>73o1F_0*lC^Y6##LcCj4ay=#h z&d&44WvpnsXaFI0S?`r)*}BK@j2|cIZdm#7Slw}kmpiIZ<2@N_VvIMicgywo+(YIm zKX_~qHy_SjXh?z6OA#_VeYnZ_EQbL-4<37`G-w6|akJ~7W}u%>COkuhR^}ew0W8~_ zsUe~De{Y5VPuKo0erx{I)0JV#A(WH{ylgEl^Vpv63hItT9Z;twT_mvDjEK)l# z&MBuO4hHl}?3(e93U9o(636AV>0zlXvDKA1%~O`^l5e(yOyUJF%xj6DUiD}C2+0F+ p!9JAk1k*PpN%_~+|ATHj@b-(xig(X!mO_JnN^ Date: Sat, 20 May 2023 12:51:24 +0100 Subject: [PATCH 053/210] nfd and nfkd are considered --- .../codeql/ruby/experimental/UnicodeBypassValidationQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index c6683b08900..032fef5ec2a 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -50,7 +50,7 @@ class Configuration extends TaintTracking::Configuration { override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { exists(DataFlow::CallNode cn | cn.getMethodName() = "unicode_normalize" and - cn.getArgument(0).getConstantValue().getSymbol() = [":nfkc", ":nfc"] and + cn.getArgument(0).getConstantValue().getSymbol() = [":nfkc", ":nfc", ":nfkd", ":nfd"] and sink = cn.getReceiver() ) and state instanceof PostValidation From 7cd1fd4bbf31e3d779c7e3fccace01bcb359c42b Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:51:45 +0100 Subject: [PATCH 054/210] CWE-179 and CWE-180 are included in metadata --- ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql index 64ea34779a2..92c60f0b681 100644 --- a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.ql @@ -8,6 +8,8 @@ * @tags security * experimental * external/cwe/cwe-176 + * external/cwe/cwe-179 + * external/cwe/cwe-180 */ import ruby From e345d7dca488d305203c963a6af5d884ad1e0100 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:54:03 +0100 Subject: [PATCH 055/210] Update ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb Co-authored-by: Arthur Baars --- .../src/experimental/cwe-176/examples/unicode_normalization.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb index f22cd101486..6bf49406362 100644 --- a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb +++ b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb @@ -1,7 +1,7 @@ class UnicodeNormalizationHtMLSafeController < ActionController::Base def unicodeNormalize unicode_input = params[:unicode_input] - unicode_html_safe = unicode_input.html_safe + unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD end From d11cb9195cf66869320f1305f2067a8dc83c1147 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 12:57:50 +0100 Subject: [PATCH 056/210] Use of CGI.escapeHTML() in test samples --- .../query-tests/experimental/cwe-176/unicode_normalization.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb index 0526c0e197f..da3d33a3a8d 100644 --- a/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb +++ b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb @@ -18,7 +18,7 @@ end class UnicodeNormalizationHtMLSafeController < ActionController::Base def unicodeNormalize unicode_input = params[:unicode_input] - unicode_html_safe = unicode_input.html_safe + unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD end From f5ff50880c05009e4f0d2749fec736cc79657fd2 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 17:58:24 +0100 Subject: [PATCH 057/210] Updated qhelp for the use of html_escape() --- .../experimental/cwe-176/UnicodeBypassValidation.qhelp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp index 3916813c734..90751fd81c6 100644 --- a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -16,10 +16,10 @@

    The following example showcases the bypass of all checks performed by - flask.escape() due to a post-unicode normalization.

    -

    For instance: the character U+FE64 () is not filtered-out by the flask - escape function. But due to the Unicode normalization, the character is transformed and - would become U+003C ( < ).

    + html_escape() due to a post-unicode normalization.

    +

    For instance: the character U+FE64 () is not filtered-out by the + html_escape() function. But due to the Unicode normalization, the character is + transformed and would become U+003C ( < ).

    From ad754f138586e27715c64b5e280269e1db5f6651 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 17:59:08 +0100 Subject: [PATCH 058/210] use of all normalization forms without the ":" prefix --- .../codeql/ruby/experimental/UnicodeBypassValidationQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index 032fef5ec2a..5b715f03d38 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -50,7 +50,7 @@ class Configuration extends TaintTracking::Configuration { override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { exists(DataFlow::CallNode cn | cn.getMethodName() = "unicode_normalize" and - cn.getArgument(0).getConstantValue().getSymbol() = [":nfkc", ":nfc", ":nfkd", ":nfd"] and + cn.getArgument(0).getConstantValue().getSymbol() = ["nfkc", "nfc", "nfkd", "nfd"] and sink = cn.getReceiver() ) and state instanceof PostValidation From 0a0a6dde40c7828bcf7ba6b97f6a14850462725e Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 17:59:39 +0100 Subject: [PATCH 059/210] Replaced CGI.escapeHTML() with the html_escape() --- .../experimental/cwe-176/examples/unicode_normalization.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb index 6bf49406362..099c2cfa051 100644 --- a/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb +++ b/ruby/ql/src/experimental/cwe-176/examples/unicode_normalization.rb @@ -1,7 +1,9 @@ +require "erb" + class UnicodeNormalizationHtMLSafeController < ActionController::Base def unicodeNormalize unicode_input = params[:unicode_input] - unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe + unicode_html_safe = ERB::Util.html_escape(unicode_input) normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD end From f7f0564e369a24aecc82efdab02e0b681b4a6d97 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sat, 20 May 2023 18:00:27 +0100 Subject: [PATCH 060/210] added one more test --- .../cwe-176/unicode_normalization.rb | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb index da3d33a3a8d..848be4b081c 100644 --- a/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb +++ b/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb @@ -1,3 +1,7 @@ +require "erb" +include ERB::Util +require 'cgi' + class UnicodeNormalizationOKController < ActionController::Base def unicodeNormalize unicode_input = params[:unicode_input] @@ -15,11 +19,20 @@ class UnicodeNormalizationStrManipulationController < ActionController::Base end end -class UnicodeNormalizationHtMLSafeController < ActionController::Base +class UnicodeNormalizationHtMLEscapeController < ActionController::Base def unicodeNormalize unicode_input = params[:unicode_input] - unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe + unicode_html_safe = html_escape(unicode_input) normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD end end + +class UnicodeNormalizationCGIHtMLEscapeController < ActionController::Base + def unicodeNormalize + unicode_input = params[:unicode_input] + unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe + normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkd) # $result=BAD + normalized_nfc = unicode_html_safe.unicode_normalize(:nfd) # $result=BAD + end +end From 97e8e0bd8edd9788ded6f000b3b94d071c7af89f Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Sun, 21 May 2023 11:52:29 +0100 Subject: [PATCH 061/210] Add String Manipulation Method Calls & CGI.escapeHTML() support --- .../UnicodeBypassValidationQuery.qll | 37 ++++++++++++++++++- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index 5b715f03d38..a642438c1b2 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -6,6 +6,7 @@ private import ruby private import codeql.ruby.dataflow.RemoteFlowSources private import codeql.ruby.Concepts private import codeql.ruby.TaintTracking +private import codeql.ruby.ApiGraphs import UnicodeBypassValidationCustomizations::UnicodeBypassValidation /** A state signifying that a logical validation has not been performed. */ @@ -39,8 +40,40 @@ class Configuration extends TaintTracking::Configuration { exists(Escaping escaping | nodeFrom = escaping.getAnInput() and nodeTo = escaping.getOutput()) or exists(RegexExecution re | nodeFrom = re.getString() and nodeTo = re) - // or - // stringManipulation(nodeFrom, nodeTo) + or + // String Manipulation Method Calls + // https://ruby-doc.org/core-2.7.0/String.html + exists(DataFlow::CallNode cn | + cn.getMethodName() = + [ + [ + "ljust", "lstrip", "succ", "next", "rjust", "capitalize", "chomp", "gsub", "chop", + "downcase", "swapcase", "uprcase", "scrub", "slice", "squeeze", "strip", "sub", + "tr", "tr_s", "reverse" + ] + ["", "!"], "concat", "dump", "each_line", "replace", "insert", "inspect", "lines", + "partition", "prepend", "replace", "rpartition", "scan", "split", "undump", + "unpack" + ["", "1"] + ] and + nodeFrom = cn.getReceiver() and + nodeTo = cn + ) + or + exists(DataFlow::CallNode cn | + cn.getMethodName() = + [ + "casecmp" + ["", "?"], "center", "count", "each_char", "index", "rindex", "sum", + ["delete", "delete_prefix", "delete_suffix"] + ["", "!"], + ["start_with", "end_with" + "eql", "include"] + ["?", "!"], "match" + ["", "?"], + ] and + nodeFrom = cn.getReceiver() and + nodeTo = nodeFrom + ) + or + exists(DataFlow::CallNode cn | + cn = API::getTopLevelMember("CGI").getAMethodCall("escapeHTML") and + nodeFrom = cn.getArgument(0) and + nodeTo = cn + ) ) and stateFrom instanceof PreValidation and stateTo instanceof PostValidation From 9a0f87434e30473d3d669833fc910c957d42db09 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 22 May 2023 15:10:51 +0200 Subject: [PATCH 062/210] Swift: remove unneeded properties from `InterpolatedStringLiteralExpr` These properties were unused in the QL library (hence the full upgrade/downgrade compatibility). --- .../old.dbscheme | 2618 ++++++++++++++++ .../swift.dbscheme | 2630 +++++++++++++++++ .../upgrade.properties | 2 + .../extractor/translators/ExprTranslator.cpp | 4 - swift/ql/.generated.list | 6 +- .../codeql/swift/generated/ParentChild.qll | 17 +- swift/ql/lib/codeql/swift/generated/Raw.qll | 14 - .../expr/InterpolatedStringLiteralExpr.qll | 57 - swift/ql/lib/swift.dbscheme | 12 - .../integer_literal_exprs.ql | 13 + .../old.dbscheme | 2630 +++++++++++++++++ .../swift.dbscheme | 2618 ++++++++++++++++ .../upgrade.properties | 5 + .../test/library-tests/ast/PrintAst.expected | 6 - swift/schema.py | 2 - 15 files changed, 10521 insertions(+), 113 deletions(-) create mode 100644 swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme create mode 100644 swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme create mode 100644 swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties create mode 100644 swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql create mode 100644 swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme create mode 100644 swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme create mode 100644 swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme new file mode 100644 index 00000000000..44e36e15e90 --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/old.dbscheme @@ -0,0 +1,2618 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme new file mode 100644 index 00000000000..ba4171b90d0 --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/swift.dbscheme @@ -0,0 +1,2630 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_count_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int literal_capacity_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties new file mode 100644 index 00000000000..2a0d022be0c --- /dev/null +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties @@ -0,0 +1,2 @@ +description: Revert removing `getInterpolationCountExpr` and `getLiteralCapacityExpr` from `InterpolatedStringLiteralExpr` +compatibility: full diff --git a/swift/extractor/translators/ExprTranslator.cpp b/swift/extractor/translators/ExprTranslator.cpp index 9c24dfb823b..6939415913b 100644 --- a/swift/extractor/translators/ExprTranslator.cpp +++ b/swift/extractor/translators/ExprTranslator.cpp @@ -61,10 +61,6 @@ codeql::InterpolatedStringLiteralExpr ExprTranslator::translateInterpolatedStrin const swift::InterpolatedStringLiteralExpr& expr) { auto entry = createExprEntry(expr); entry.interpolation_expr = dispatcher.fetchOptionalLabel(expr.getInterpolationExpr()); - // TODO we should be extracting getInterpolationCount and getLiteralCapacity directly to ints - // these expressions here are just an internal thing, the ints are actually directly available - entry.interpolation_count_expr = dispatcher.fetchOptionalLabel(expr.getInterpolationCountExpr()); - entry.literal_capacity_expr = dispatcher.fetchOptionalLabel(expr.getLiteralCapacityExpr()); entry.appending_expr = dispatcher.fetchOptionalLabel(expr.getAppendingExpr()); return entry; } diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index a28e6ba533b..d43696f7c23 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -381,10 +381,10 @@ lib/codeql/swift/generated/KeyPathComponent.qll 00b1e586b8532f0193b3f61111e70d4e lib/codeql/swift/generated/Locatable.qll bfdf2dafae2829cac8d1e863a93676228d131b5a7f3df87c40d2f3b1839962b8 af243098af0955a40862387edf7526826fde62a64e5e6ca28de9e9603a8622bf lib/codeql/swift/generated/Location.qll 921922352d39449067d9f2788309b5f3490091097ffe35e6aa98f9368626ce2c 0795c63565c4308e745400bc70ea73675160201590a95bb418de4e2ebca32764 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll f490202e849b9cbd550ee9d758644b85d43e60d81413e6c28df2850fb1e9a2d6 6b95aeab6b53a880b230ad0c96b6deb519a7368898c844632ae96090de59df99 +lib/codeql/swift/generated/ParentChild.qll 3808a52565a4abb8ce878fb4aad09e8fb0e860d6379bb86897d0e0282389919c 408c7e6332dccfc98398f04ecbd54af8e0754d466ad7ca4d404b029c7f5bde49 lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Raw.qll 062d062fada3e3f1b6af04cda724f8204de6b66bbca53d233e9b4d96df7a5c99 3c1e70b5ec4c576c92979b04d6d3ee59159b050c16c47f93463cba28f40ca906 lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 @@ -498,7 +498,7 @@ lib/codeql/swift/generated/expr/InOutToPointerExpr.qll 4b9ceffe43f192fac0c428d66 lib/codeql/swift/generated/expr/InitializerRefCallExpr.qll 4556d49d78566ad70a5e784a6db4897dc78ef1f30e67f0052dbb070eca8350f0 4556d49d78566ad70a5e784a6db4897dc78ef1f30e67f0052dbb070eca8350f0 lib/codeql/swift/generated/expr/InjectIntoOptionalExpr.qll b6fafb589901d73e94eb9bb0f5e87b54378d06ccc04c51a9f4c8003d1f23ead6 b6fafb589901d73e94eb9bb0f5e87b54378d06ccc04c51a9f4c8003d1f23ead6 lib/codeql/swift/generated/expr/IntegerLiteralExpr.qll aa54660c47169a35e396ea44430c3c4ec4353e33df1a00bd82aff7119f5af71b 7ba90cf17dd34080a9923253986b0f2680b44c4a4ba6e0fbad8b39d3b20c44b9 -lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll e2c1aadf140c808a615bdc8732a154f6c1f8b79168779e1ba48753506fbd9516 5e9f20ee16b133269de6874c6776611b6f4eaec202a0e6a955a572c2a082ac40 +lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll 8090616e43d79e03c2250352da722f577c4b6531befe40f2d2910db0db3895bc ba09ffbbe3557e6fc6a3219d656e5ce886d70117eea15334cf910825f2250e6e lib/codeql/swift/generated/expr/IsExpr.qll b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 lib/codeql/swift/generated/expr/KeyPathApplicationExpr.qll 157a9c2fcf229b76d104abfa49f74337e20ac4d1fa1be2eaed1290cbd9bd1232 70ec0e7ee2e2c716ba510916fdf6d1d6dd6fd93b740a46c909ddb9e877427fe1 lib/codeql/swift/generated/expr/KeyPathDotExpr.qll ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 09c48606353..7b8c9313e56 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -2515,31 +2515,18 @@ private module Impl { private Element getImmediateChildOfInterpolatedStringLiteralExpr( InterpolatedStringLiteralExpr e, int index, string partialPredicateCall ) { - exists( - int b, int bLiteralExpr, int n, int nInterpolationCountExpr, int nLiteralCapacityExpr, - int nAppendingExpr - | + exists(int b, int bLiteralExpr, int n, int nAppendingExpr | b = 0 and bLiteralExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLiteralExpr(e, i, _)) | i) and n = bLiteralExpr and - nInterpolationCountExpr = n + 1 and - nLiteralCapacityExpr = nInterpolationCountExpr + 1 and - nAppendingExpr = nLiteralCapacityExpr + 1 and + nAppendingExpr = n + 1 and ( none() or result = getImmediateChildOfLiteralExpr(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediateInterpolationCountExpr() and - partialPredicateCall = "InterpolationCountExpr()" - or - index = nInterpolationCountExpr and - result = e.getImmediateLiteralCapacityExpr() and - partialPredicateCall = "LiteralCapacityExpr()" - or - index = nLiteralCapacityExpr and result = e.getImmediateAppendingExpr() and partialPredicateCall = "AppendingExpr()" ) diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index dc5ddeed979..f9a967867aa 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -1961,20 +1961,6 @@ module Raw { interpolated_string_literal_expr_interpolation_exprs(this, result) } - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - */ - Expr getInterpolationCountExpr() { - interpolated_string_literal_expr_interpolation_count_exprs(this, result) - } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - */ - Expr getLiteralCapacityExpr() { - interpolated_string_literal_expr_literal_capacity_exprs(this, result) - } - /** * Gets the appending expression of this interpolated string literal expression, if it exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll index c7f67891199..abdcf4a1850 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll @@ -1,7 +1,6 @@ // generated by codegen/codegen.py private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw -import codeql.swift.elements.expr.Expr import codeql.swift.elements.expr.LiteralExpr import codeql.swift.elements.expr.OpaqueValueExpr import codeql.swift.elements.expr.TapExpr @@ -38,62 +37,6 @@ module Generated { */ final predicate hasInterpolationExpr() { exists(this.getInterpolationExpr()) } - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - Expr getImmediateInterpolationCountExpr() { - result = - Synth::convertExprFromRaw(Synth::convertInterpolatedStringLiteralExprToRaw(this) - .(Raw::InterpolatedStringLiteralExpr) - .getInterpolationCountExpr()) - } - - /** - * Gets the interpolation count expression of this interpolated string literal expression, if it exists. - */ - final Expr getInterpolationCountExpr() { - exists(Expr immediate | - immediate = this.getImmediateInterpolationCountExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - - /** - * Holds if `getInterpolationCountExpr()` exists. - */ - final predicate hasInterpolationCountExpr() { exists(this.getInterpolationCountExpr()) } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - Expr getImmediateLiteralCapacityExpr() { - result = - Synth::convertExprFromRaw(Synth::convertInterpolatedStringLiteralExprToRaw(this) - .(Raw::InterpolatedStringLiteralExpr) - .getLiteralCapacityExpr()) - } - - /** - * Gets the literal capacity expression of this interpolated string literal expression, if it exists. - */ - final Expr getLiteralCapacityExpr() { - exists(Expr immediate | - immediate = this.getImmediateLiteralCapacityExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - - /** - * Holds if `getLiteralCapacityExpr()` exists. - */ - final predicate hasLiteralCapacityExpr() { exists(this.getLiteralCapacityExpr()) } - /** * Gets the appending expression of this interpolated string literal expression, if it exists. * diff --git a/swift/ql/lib/swift.dbscheme b/swift/ql/lib/swift.dbscheme index ba4171b90d0..44e36e15e90 100644 --- a/swift/ql/lib/swift.dbscheme +++ b/swift/ql/lib/swift.dbscheme @@ -1382,18 +1382,6 @@ interpolated_string_literal_expr_interpolation_exprs( //dir=expr int interpolation_expr: @opaque_value_expr_or_none ref ); -#keyset[id] -interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr - int id: @interpolated_string_literal_expr ref, - int interpolation_count_expr: @expr_or_none ref -); - -#keyset[id] -interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr - int id: @interpolated_string_literal_expr ref, - int literal_capacity_expr: @expr_or_none ref -); - #keyset[id] interpolated_string_literal_expr_appending_exprs( //dir=expr int id: @interpolated_string_literal_expr ref, diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql new file mode 100644 index 00000000000..fc9d93c02b6 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/integer_literal_exprs.ql @@ -0,0 +1,13 @@ +class Element extends @element { + string toString() { none() } +} + +from Element i, string value +where + integer_literal_exprs(i, value) and + not exists(Element interpolated | + interpolated_string_literal_expr_interpolation_count_exprs(interpolated, i) + or + interpolated_string_literal_expr_literal_capacity_exprs(interpolated, i) + ) +select i, value diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme new file mode 100644 index 00000000000..ba4171b90d0 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/old.dbscheme @@ -0,0 +1,2630 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_count_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_count_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_literal_capacity_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int literal_capacity_expr: @expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme new file mode 100644 index 00000000000..44e36e15e90 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/swift.dbscheme @@ -0,0 +1,2618 @@ +// generated by codegen/codegen.py + +// from prefix.dbscheme +/** + * The source location of the snapshot. + */ +sourceLocationPrefix( + string prefix: string ref +); + + +// from schema.py + +@element = + @callable +| @file +| @generic_context +| @locatable +| @location +| @type +; + +#keyset[id] +element_is_unknown( + int id: @element ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_names( + int id: @callable ref, + string name: string ref +); + +#keyset[id] +callable_self_params( + int id: @callable ref, + int self_param: @param_decl_or_none ref +); + +#keyset[id, index] +callable_params( + int id: @callable ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +#keyset[id] +callable_bodies( + int id: @callable ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id, index] +callable_captures( + int id: @callable ref, + int index: int ref, + int capture: @captured_decl_or_none ref +); + +@file = + @db_file +; + +#keyset[id] +files( + int id: @file ref, + string name: string ref +); + +#keyset[id] +file_is_successfully_extracted( + int id: @file ref +); + +@locatable = + @argument +| @ast_node +| @comment +| @diagnostics +| @error_element +; + +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_or_none ref +); + +@location = + @db_location +; + +#keyset[id] +locations( + int id: @location ref, + int file: @file_or_none ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +@ast_node = + @availability_info +| @availability_spec +| @case_label_item +| @condition_element +| @decl +| @expr +| @key_path_component +| @pattern +| @stmt +| @stmt_condition +| @type_repr +; + +comments( + unique int id: @comment, + string text: string ref +); + +db_files( + unique int id: @db_file +); + +db_locations( + unique int id: @db_location +); + +diagnostics( + unique int id: @diagnostics, + string text: string ref, + int kind: int ref +); + +@error_element = + @error_expr +| @error_type +| @overloaded_decl_ref_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_chain_result_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @unresolved_type +| @unresolved_type_conversion_expr +| @unspecified_element +; + +availability_infos( + unique int id: @availability_info +); + +#keyset[id] +availability_info_is_unavailable( + int id: @availability_info ref +); + +#keyset[id, index] +availability_info_specs( + int id: @availability_info ref, + int index: int ref, + int spec: @availability_spec_or_none ref +); + +@availability_spec = + @other_availability_spec +| @platform_version_availability_spec +; + +key_path_components( + unique int id: @key_path_component, + int kind: int ref, + int component_type: @type_or_none ref +); + +#keyset[id, index] +key_path_component_subscript_arguments( + int id: @key_path_component ref, + int index: int ref, + int subscript_argument: @argument_or_none ref +); + +#keyset[id] +key_path_component_tuple_indices( + int id: @key_path_component ref, + int tuple_index: int ref +); + +#keyset[id] +key_path_component_decl_refs( + int id: @key_path_component ref, + int decl_ref: @value_decl_or_none ref +); + +unspecified_elements( + unique int id: @unspecified_element, + string property: string ref, + string error: string ref +); + +#keyset[id] +unspecified_element_parents( + int id: @unspecified_element ref, + int parent: @element ref +); + +#keyset[id] +unspecified_element_indices( + int id: @unspecified_element ref, + int index: int ref +); + +other_availability_specs( + unique int id: @other_availability_spec +); + +platform_version_availability_specs( + unique int id: @platform_version_availability_spec, + string platform: string ref, + string version: string ref +); + +@decl = + @captured_decl +| @enum_case_decl +| @extension_decl +| @if_config_decl +| @import_decl +| @missing_member_decl +| @operator_decl +| @pattern_binding_decl +| @pound_diagnostic_decl +| @precedence_group_decl +| @top_level_code_decl +| @value_decl +; + +#keyset[id] +decls( //dir=decl + int id: @decl ref, + int module: @module_decl_or_none ref +); + +#keyset[id, index] +decl_members( //dir=decl + int id: @decl ref, + int index: int ref, + int member: @decl_or_none ref +); + +@generic_context = + @extension_decl +| @function +| @generic_type_decl +| @subscript_decl +; + +#keyset[id, index] +generic_context_generic_type_params( //dir=decl + int id: @generic_context ref, + int index: int ref, + int generic_type_param: @generic_type_param_decl_or_none ref +); + +captured_decls( //dir=decl + unique int id: @captured_decl, + int decl: @value_decl_or_none ref +); + +#keyset[id] +captured_decl_is_direct( //dir=decl + int id: @captured_decl ref +); + +#keyset[id] +captured_decl_is_escaping( //dir=decl + int id: @captured_decl ref +); + +enum_case_decls( //dir=decl + unique int id: @enum_case_decl +); + +#keyset[id, index] +enum_case_decl_elements( //dir=decl + int id: @enum_case_decl ref, + int index: int ref, + int element: @enum_element_decl_or_none ref +); + +extension_decls( //dir=decl + unique int id: @extension_decl, + int extended_type_decl: @nominal_type_decl_or_none ref +); + +#keyset[id, index] +extension_decl_protocols( //dir=decl + int id: @extension_decl ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +if_config_decls( //dir=decl + unique int id: @if_config_decl +); + +#keyset[id, index] +if_config_decl_active_elements( //dir=decl + int id: @if_config_decl ref, + int index: int ref, + int active_element: @ast_node_or_none ref +); + +import_decls( //dir=decl + unique int id: @import_decl +); + +#keyset[id] +import_decl_is_exported( //dir=decl + int id: @import_decl ref +); + +#keyset[id] +import_decl_imported_modules( //dir=decl + int id: @import_decl ref, + int imported_module: @module_decl_or_none ref +); + +#keyset[id, index] +import_decl_declarations( //dir=decl + int id: @import_decl ref, + int index: int ref, + int declaration: @value_decl_or_none ref +); + +missing_member_decls( //dir=decl + unique int id: @missing_member_decl, + string name: string ref +); + +@operator_decl = + @infix_operator_decl +| @postfix_operator_decl +| @prefix_operator_decl +; + +#keyset[id] +operator_decls( //dir=decl + int id: @operator_decl ref, + string name: string ref +); + +pattern_binding_decls( //dir=decl + unique int id: @pattern_binding_decl +); + +#keyset[id, index] +pattern_binding_decl_inits( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int init: @expr_or_none ref +); + +#keyset[id, index] +pattern_binding_decl_patterns( //dir=decl + int id: @pattern_binding_decl ref, + int index: int ref, + int pattern: @pattern_or_none ref +); + +pound_diagnostic_decls( //dir=decl + unique int id: @pound_diagnostic_decl, + int kind: int ref, + int message: @string_literal_expr_or_none ref +); + +precedence_group_decls( //dir=decl + unique int id: @precedence_group_decl +); + +top_level_code_decls( //dir=decl + unique int id: @top_level_code_decl, + int body: @brace_stmt_or_none ref +); + +@value_decl = + @abstract_storage_decl +| @enum_element_decl +| @function +| @type_decl +; + +#keyset[id] +value_decls( //dir=decl + int id: @value_decl ref, + int interface_type: @type_or_none ref +); + +@abstract_storage_decl = + @subscript_decl +| @var_decl +; + +#keyset[id, index] +abstract_storage_decl_accessors( //dir=decl + int id: @abstract_storage_decl ref, + int index: int ref, + int accessor: @accessor_or_none ref +); + +enum_element_decls( //dir=decl + unique int id: @enum_element_decl, + string name: string ref +); + +#keyset[id, index] +enum_element_decl_params( //dir=decl + int id: @enum_element_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@function = + @accessor_or_named_function +| @deinitializer +| @initializer +; + +infix_operator_decls( //dir=decl + unique int id: @infix_operator_decl +); + +#keyset[id] +infix_operator_decl_precedence_groups( //dir=decl + int id: @infix_operator_decl ref, + int precedence_group: @precedence_group_decl_or_none ref +); + +postfix_operator_decls( //dir=decl + unique int id: @postfix_operator_decl +); + +prefix_operator_decls( //dir=decl + unique int id: @prefix_operator_decl +); + +@type_decl = + @abstract_type_param_decl +| @generic_type_decl +| @module_decl +; + +#keyset[id] +type_decls( //dir=decl + int id: @type_decl ref, + string name: string ref +); + +#keyset[id, index] +type_decl_base_types( //dir=decl + int id: @type_decl ref, + int index: int ref, + int base_type: @type_or_none ref +); + +@abstract_type_param_decl = + @associated_type_decl +| @generic_type_param_decl +; + +@accessor_or_named_function = + @accessor +| @named_function +; + +deinitializers( //dir=decl + unique int id: @deinitializer +); + +@generic_type_decl = + @nominal_type_decl +| @opaque_type_decl +| @type_alias_decl +; + +initializers( //dir=decl + unique int id: @initializer +); + +module_decls( //dir=decl + unique int id: @module_decl +); + +#keyset[id] +module_decl_is_builtin_module( //dir=decl + int id: @module_decl ref +); + +#keyset[id] +module_decl_is_system_module( //dir=decl + int id: @module_decl ref +); + +module_decl_imported_modules( //dir=decl + int id: @module_decl ref, + int imported_module: @module_decl_or_none ref +); + +module_decl_exported_modules( //dir=decl + int id: @module_decl ref, + int exported_module: @module_decl_or_none ref +); + +subscript_decls( //dir=decl + unique int id: @subscript_decl, + int element_type: @type_or_none ref +); + +#keyset[id, index] +subscript_decl_params( //dir=decl + int id: @subscript_decl ref, + int index: int ref, + int param: @param_decl_or_none ref +); + +@var_decl = + @concrete_var_decl +| @param_decl +; + +#keyset[id] +var_decls( //dir=decl + int id: @var_decl ref, + string name: string ref, + int type_: @type_or_none ref +); + +#keyset[id] +var_decl_attached_property_wrapper_types( //dir=decl + int id: @var_decl ref, + int attached_property_wrapper_type: @type_or_none ref +); + +#keyset[id] +var_decl_parent_patterns( //dir=decl + int id: @var_decl ref, + int parent_pattern: @pattern_or_none ref +); + +#keyset[id] +var_decl_parent_initializers( //dir=decl + int id: @var_decl ref, + int parent_initializer: @expr_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_backing_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_backing_var: @var_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_var_bindings( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +var_decl_property_wrapper_projection_vars( //dir=decl + int id: @var_decl ref, + int property_wrapper_projection_var: @var_decl_or_none ref +); + +accessors( //dir=decl + unique int id: @accessor +); + +#keyset[id] +accessor_is_getter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_setter( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_will_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_did_set( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_read( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_modify( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_address( //dir=decl + int id: @accessor ref +); + +#keyset[id] +accessor_is_unsafe_mutable_address( //dir=decl + int id: @accessor ref +); + +associated_type_decls( //dir=decl + unique int id: @associated_type_decl +); + +concrete_var_decls( //dir=decl + unique int id: @concrete_var_decl, + int introducer_int: int ref +); + +generic_type_param_decls( //dir=decl + unique int id: @generic_type_param_decl +); + +named_functions( //dir=decl + unique int id: @named_function +); + +@nominal_type_decl = + @class_decl +| @enum_decl +| @protocol_decl +| @struct_decl +; + +#keyset[id] +nominal_type_decls( //dir=decl + int id: @nominal_type_decl ref, + int type_: @type_or_none ref +); + +opaque_type_decls( //dir=decl + unique int id: @opaque_type_decl, + int naming_declaration: @value_decl_or_none ref +); + +#keyset[id, index] +opaque_type_decl_opaque_generic_params( //dir=decl + int id: @opaque_type_decl ref, + int index: int ref, + int opaque_generic_param: @generic_type_param_type_or_none ref +); + +param_decls( //dir=decl + unique int id: @param_decl +); + +#keyset[id] +param_decl_is_inout( //dir=decl + int id: @param_decl ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_var_bindings( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var_binding: @pattern_binding_decl_or_none ref +); + +#keyset[id] +param_decl_property_wrapper_local_wrapped_vars( //dir=decl + int id: @param_decl ref, + int property_wrapper_local_wrapped_var: @var_decl_or_none ref +); + +type_alias_decls( //dir=decl + unique int id: @type_alias_decl, + int aliased_type: @type_or_none ref +); + +class_decls( //dir=decl + unique int id: @class_decl +); + +enum_decls( //dir=decl + unique int id: @enum_decl +); + +protocol_decls( //dir=decl + unique int id: @protocol_decl +); + +struct_decls( //dir=decl + unique int id: @struct_decl +); + +arguments( //dir=expr + unique int id: @argument, + string label: string ref, + int expr: @expr_or_none ref +); + +@expr = + @any_try_expr +| @applied_property_wrapper_expr +| @apply_expr +| @assign_expr +| @bind_optional_expr +| @capture_list_expr +| @closure_expr +| @collection_expr +| @decl_ref_expr +| @default_argument_expr +| @discard_assignment_expr +| @dot_syntax_base_ignored_expr +| @dynamic_type_expr +| @enum_is_case_expr +| @error_expr +| @explicit_cast_expr +| @force_value_expr +| @identity_expr +| @if_expr +| @implicit_conversion_expr +| @in_out_expr +| @key_path_application_expr +| @key_path_dot_expr +| @key_path_expr +| @lazy_initialization_expr +| @literal_expr +| @lookup_expr +| @make_temporarily_escapable_expr +| @obj_c_selector_expr +| @one_way_expr +| @opaque_value_expr +| @open_existential_expr +| @optional_evaluation_expr +| @other_initializer_ref_expr +| @overloaded_decl_ref_expr +| @property_wrapper_value_placeholder_expr +| @rebind_self_in_initializer_expr +| @sequence_expr +| @super_ref_expr +| @tap_expr +| @tuple_element_expr +| @tuple_expr +| @type_expr +| @unresolved_decl_ref_expr +| @unresolved_dot_expr +| @unresolved_member_expr +| @unresolved_pattern_expr +| @unresolved_specialize_expr +| @vararg_expansion_expr +; + +#keyset[id] +expr_types( //dir=expr + int id: @expr ref, + int type_: @type_or_none ref +); + +@any_try_expr = + @force_try_expr +| @optional_try_expr +| @try_expr +; + +#keyset[id] +any_try_exprs( //dir=expr + int id: @any_try_expr ref, + int sub_expr: @expr_or_none ref +); + +applied_property_wrapper_exprs( //dir=expr + unique int id: @applied_property_wrapper_expr, + int kind: int ref, + int value: @expr_or_none ref, + int param: @param_decl_or_none ref +); + +@apply_expr = + @binary_expr +| @call_expr +| @postfix_unary_expr +| @prefix_unary_expr +| @self_apply_expr +; + +#keyset[id] +apply_exprs( //dir=expr + int id: @apply_expr ref, + int function: @expr_or_none ref +); + +#keyset[id, index] +apply_expr_arguments( //dir=expr + int id: @apply_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +assign_exprs( //dir=expr + unique int id: @assign_expr, + int dest: @expr_or_none ref, + int source: @expr_or_none ref +); + +bind_optional_exprs( //dir=expr + unique int id: @bind_optional_expr, + int sub_expr: @expr_or_none ref +); + +capture_list_exprs( //dir=expr + unique int id: @capture_list_expr, + int closure_body: @explicit_closure_expr_or_none ref +); + +#keyset[id, index] +capture_list_expr_binding_decls( //dir=expr + int id: @capture_list_expr ref, + int index: int ref, + int binding_decl: @pattern_binding_decl_or_none ref +); + +@closure_expr = + @auto_closure_expr +| @explicit_closure_expr +; + +@collection_expr = + @array_expr +| @dictionary_expr +; + +decl_ref_exprs( //dir=expr + unique int id: @decl_ref_expr, + int decl: @decl_or_none ref +); + +#keyset[id, index] +decl_ref_expr_replacement_types( //dir=expr + int id: @decl_ref_expr ref, + int index: int ref, + int replacement_type: @type_or_none ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_ordinary_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +#keyset[id] +decl_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @decl_ref_expr ref +); + +default_argument_exprs( //dir=expr + unique int id: @default_argument_expr, + int param_decl: @param_decl_or_none ref, + int param_index: int ref +); + +#keyset[id] +default_argument_expr_caller_side_defaults( //dir=expr + int id: @default_argument_expr ref, + int caller_side_default: @expr_or_none ref +); + +discard_assignment_exprs( //dir=expr + unique int id: @discard_assignment_expr +); + +dot_syntax_base_ignored_exprs( //dir=expr + unique int id: @dot_syntax_base_ignored_expr, + int qualifier: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +dynamic_type_exprs( //dir=expr + unique int id: @dynamic_type_expr, + int base: @expr_or_none ref +); + +enum_is_case_exprs( //dir=expr + unique int id: @enum_is_case_expr, + int sub_expr: @expr_or_none ref, + int element: @enum_element_decl_or_none ref +); + +error_exprs( //dir=expr + unique int id: @error_expr +); + +@explicit_cast_expr = + @checked_cast_expr +| @coerce_expr +; + +#keyset[id] +explicit_cast_exprs( //dir=expr + int id: @explicit_cast_expr ref, + int sub_expr: @expr_or_none ref +); + +force_value_exprs( //dir=expr + unique int id: @force_value_expr, + int sub_expr: @expr_or_none ref +); + +@identity_expr = + @await_expr +| @dot_self_expr +| @paren_expr +| @unresolved_member_chain_result_expr +; + +#keyset[id] +identity_exprs( //dir=expr + int id: @identity_expr ref, + int sub_expr: @expr_or_none ref +); + +if_exprs( //dir=expr + unique int id: @if_expr, + int condition: @expr_or_none ref, + int then_expr: @expr_or_none ref, + int else_expr: @expr_or_none ref +); + +@implicit_conversion_expr = + @abi_safe_conversion_expr +| @any_hashable_erasure_expr +| @archetype_to_super_expr +| @array_to_pointer_expr +| @bridge_from_obj_c_expr +| @bridge_to_obj_c_expr +| @class_metatype_to_object_expr +| @collection_upcast_conversion_expr +| @conditional_bridge_from_obj_c_expr +| @covariant_function_conversion_expr +| @covariant_return_conversion_expr +| @derived_to_base_expr +| @destructure_tuple_expr +| @differentiable_function_expr +| @differentiable_function_extract_original_expr +| @erasure_expr +| @existential_metatype_to_object_expr +| @foreign_object_conversion_expr +| @function_conversion_expr +| @in_out_to_pointer_expr +| @inject_into_optional_expr +| @linear_function_expr +| @linear_function_extract_original_expr +| @linear_to_differentiable_function_expr +| @load_expr +| @metatype_conversion_expr +| @pointer_to_pointer_expr +| @protocol_metatype_to_object_expr +| @string_to_pointer_expr +| @underlying_to_opaque_expr +| @unevaluated_instance_expr +| @unresolved_type_conversion_expr +; + +#keyset[id] +implicit_conversion_exprs( //dir=expr + int id: @implicit_conversion_expr ref, + int sub_expr: @expr_or_none ref +); + +in_out_exprs( //dir=expr + unique int id: @in_out_expr, + int sub_expr: @expr_or_none ref +); + +key_path_application_exprs( //dir=expr + unique int id: @key_path_application_expr, + int base: @expr_or_none ref, + int key_path: @expr_or_none ref +); + +key_path_dot_exprs( //dir=expr + unique int id: @key_path_dot_expr +); + +key_path_exprs( //dir=expr + unique int id: @key_path_expr +); + +#keyset[id] +key_path_expr_roots( //dir=expr + int id: @key_path_expr ref, + int root: @type_repr_or_none ref +); + +#keyset[id, index] +key_path_expr_components( //dir=expr + int id: @key_path_expr ref, + int index: int ref, + int component: @key_path_component_or_none ref +); + +lazy_initialization_exprs( //dir=expr + unique int id: @lazy_initialization_expr, + int sub_expr: @expr_or_none ref +); + +@literal_expr = + @builtin_literal_expr +| @interpolated_string_literal_expr +| @nil_literal_expr +| @object_literal_expr +| @regex_literal_expr +; + +@lookup_expr = + @dynamic_lookup_expr +| @member_ref_expr +| @subscript_expr +; + +#keyset[id] +lookup_exprs( //dir=expr + int id: @lookup_expr ref, + int base: @expr_or_none ref +); + +#keyset[id] +lookup_expr_members( //dir=expr + int id: @lookup_expr ref, + int member: @decl_or_none ref +); + +make_temporarily_escapable_exprs( //dir=expr + unique int id: @make_temporarily_escapable_expr, + int escaping_closure: @opaque_value_expr_or_none ref, + int nonescaping_closure: @expr_or_none ref, + int sub_expr: @expr_or_none ref +); + +obj_c_selector_exprs( //dir=expr + unique int id: @obj_c_selector_expr, + int sub_expr: @expr_or_none ref, + int method: @function_or_none ref +); + +one_way_exprs( //dir=expr + unique int id: @one_way_expr, + int sub_expr: @expr_or_none ref +); + +opaque_value_exprs( //dir=expr + unique int id: @opaque_value_expr +); + +open_existential_exprs( //dir=expr + unique int id: @open_existential_expr, + int sub_expr: @expr_or_none ref, + int existential: @expr_or_none ref, + int opaque_expr: @opaque_value_expr_or_none ref +); + +optional_evaluation_exprs( //dir=expr + unique int id: @optional_evaluation_expr, + int sub_expr: @expr_or_none ref +); + +other_initializer_ref_exprs( //dir=expr + unique int id: @other_initializer_ref_expr, + int initializer: @initializer_or_none ref +); + +overloaded_decl_ref_exprs( //dir=expr + unique int id: @overloaded_decl_ref_expr +); + +#keyset[id, index] +overloaded_decl_ref_expr_possible_declarations( //dir=expr + int id: @overloaded_decl_ref_expr ref, + int index: int ref, + int possible_declaration: @value_decl_or_none ref +); + +property_wrapper_value_placeholder_exprs( //dir=expr + unique int id: @property_wrapper_value_placeholder_expr, + int placeholder: @opaque_value_expr_or_none ref +); + +#keyset[id] +property_wrapper_value_placeholder_expr_wrapped_values( //dir=expr + int id: @property_wrapper_value_placeholder_expr ref, + int wrapped_value: @expr_or_none ref +); + +rebind_self_in_initializer_exprs( //dir=expr + unique int id: @rebind_self_in_initializer_expr, + int sub_expr: @expr_or_none ref, + int self: @var_decl_or_none ref +); + +sequence_exprs( //dir=expr + unique int id: @sequence_expr +); + +#keyset[id, index] +sequence_expr_elements( //dir=expr + int id: @sequence_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +super_ref_exprs( //dir=expr + unique int id: @super_ref_expr, + int self: @var_decl_or_none ref +); + +tap_exprs( //dir=expr + unique int id: @tap_expr, + int body: @brace_stmt_or_none ref, + int var: @var_decl_or_none ref +); + +#keyset[id] +tap_expr_sub_exprs( //dir=expr + int id: @tap_expr ref, + int sub_expr: @expr_or_none ref +); + +tuple_element_exprs( //dir=expr + unique int id: @tuple_element_expr, + int sub_expr: @expr_or_none ref, + int index: int ref +); + +tuple_exprs( //dir=expr + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_elements( //dir=expr + int id: @tuple_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +type_exprs( //dir=expr + unique int id: @type_expr +); + +#keyset[id] +type_expr_type_reprs( //dir=expr + int id: @type_expr ref, + int type_repr: @type_repr_or_none ref +); + +unresolved_decl_ref_exprs( //dir=expr + unique int id: @unresolved_decl_ref_expr +); + +#keyset[id] +unresolved_decl_ref_expr_names( //dir=expr + int id: @unresolved_decl_ref_expr ref, + string name: string ref +); + +unresolved_dot_exprs( //dir=expr + unique int id: @unresolved_dot_expr, + int base: @expr_or_none ref, + string name: string ref +); + +unresolved_member_exprs( //dir=expr + unique int id: @unresolved_member_expr, + string name: string ref +); + +unresolved_pattern_exprs( //dir=expr + unique int id: @unresolved_pattern_expr, + int sub_pattern: @pattern_or_none ref +); + +unresolved_specialize_exprs( //dir=expr + unique int id: @unresolved_specialize_expr, + int sub_expr: @expr_or_none ref +); + +vararg_expansion_exprs( //dir=expr + unique int id: @vararg_expansion_expr, + int sub_expr: @expr_or_none ref +); + +abi_safe_conversion_exprs( //dir=expr + unique int id: @abi_safe_conversion_expr +); + +any_hashable_erasure_exprs( //dir=expr + unique int id: @any_hashable_erasure_expr +); + +archetype_to_super_exprs( //dir=expr + unique int id: @archetype_to_super_expr +); + +array_exprs( //dir=expr + unique int id: @array_expr +); + +#keyset[id, index] +array_expr_elements( //dir=expr + int id: @array_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +array_to_pointer_exprs( //dir=expr + unique int id: @array_to_pointer_expr +); + +auto_closure_exprs( //dir=expr + unique int id: @auto_closure_expr +); + +await_exprs( //dir=expr + unique int id: @await_expr +); + +binary_exprs( //dir=expr + unique int id: @binary_expr +); + +bridge_from_obj_c_exprs( //dir=expr + unique int id: @bridge_from_obj_c_expr +); + +bridge_to_obj_c_exprs( //dir=expr + unique int id: @bridge_to_obj_c_expr +); + +@builtin_literal_expr = + @boolean_literal_expr +| @magic_identifier_literal_expr +| @number_literal_expr +| @string_literal_expr +; + +call_exprs( //dir=expr + unique int id: @call_expr +); + +@checked_cast_expr = + @conditional_checked_cast_expr +| @forced_checked_cast_expr +| @is_expr +; + +class_metatype_to_object_exprs( //dir=expr + unique int id: @class_metatype_to_object_expr +); + +coerce_exprs( //dir=expr + unique int id: @coerce_expr +); + +collection_upcast_conversion_exprs( //dir=expr + unique int id: @collection_upcast_conversion_expr +); + +conditional_bridge_from_obj_c_exprs( //dir=expr + unique int id: @conditional_bridge_from_obj_c_expr +); + +covariant_function_conversion_exprs( //dir=expr + unique int id: @covariant_function_conversion_expr +); + +covariant_return_conversion_exprs( //dir=expr + unique int id: @covariant_return_conversion_expr +); + +derived_to_base_exprs( //dir=expr + unique int id: @derived_to_base_expr +); + +destructure_tuple_exprs( //dir=expr + unique int id: @destructure_tuple_expr +); + +dictionary_exprs( //dir=expr + unique int id: @dictionary_expr +); + +#keyset[id, index] +dictionary_expr_elements( //dir=expr + int id: @dictionary_expr ref, + int index: int ref, + int element: @expr_or_none ref +); + +differentiable_function_exprs( //dir=expr + unique int id: @differentiable_function_expr +); + +differentiable_function_extract_original_exprs( //dir=expr + unique int id: @differentiable_function_extract_original_expr +); + +dot_self_exprs( //dir=expr + unique int id: @dot_self_expr +); + +@dynamic_lookup_expr = + @dynamic_member_ref_expr +| @dynamic_subscript_expr +; + +erasure_exprs( //dir=expr + unique int id: @erasure_expr +); + +existential_metatype_to_object_exprs( //dir=expr + unique int id: @existential_metatype_to_object_expr +); + +explicit_closure_exprs( //dir=expr + unique int id: @explicit_closure_expr +); + +force_try_exprs( //dir=expr + unique int id: @force_try_expr +); + +foreign_object_conversion_exprs( //dir=expr + unique int id: @foreign_object_conversion_expr +); + +function_conversion_exprs( //dir=expr + unique int id: @function_conversion_expr +); + +in_out_to_pointer_exprs( //dir=expr + unique int id: @in_out_to_pointer_expr +); + +inject_into_optional_exprs( //dir=expr + unique int id: @inject_into_optional_expr +); + +interpolated_string_literal_exprs( //dir=expr + unique int id: @interpolated_string_literal_expr +); + +#keyset[id] +interpolated_string_literal_expr_interpolation_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int interpolation_expr: @opaque_value_expr_or_none ref +); + +#keyset[id] +interpolated_string_literal_expr_appending_exprs( //dir=expr + int id: @interpolated_string_literal_expr ref, + int appending_expr: @tap_expr_or_none ref +); + +linear_function_exprs( //dir=expr + unique int id: @linear_function_expr +); + +linear_function_extract_original_exprs( //dir=expr + unique int id: @linear_function_extract_original_expr +); + +linear_to_differentiable_function_exprs( //dir=expr + unique int id: @linear_to_differentiable_function_expr +); + +load_exprs( //dir=expr + unique int id: @load_expr +); + +member_ref_exprs( //dir=expr + unique int id: @member_ref_expr +); + +#keyset[id] +member_ref_expr_has_direct_to_storage_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_ordinary_semantics( //dir=expr + int id: @member_ref_expr ref +); + +#keyset[id] +member_ref_expr_has_distributed_thunk_semantics( //dir=expr + int id: @member_ref_expr ref +); + +metatype_conversion_exprs( //dir=expr + unique int id: @metatype_conversion_expr +); + +nil_literal_exprs( //dir=expr + unique int id: @nil_literal_expr +); + +object_literal_exprs( //dir=expr + unique int id: @object_literal_expr, + int kind: int ref +); + +#keyset[id, index] +object_literal_expr_arguments( //dir=expr + int id: @object_literal_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +optional_try_exprs( //dir=expr + unique int id: @optional_try_expr +); + +paren_exprs( //dir=expr + unique int id: @paren_expr +); + +pointer_to_pointer_exprs( //dir=expr + unique int id: @pointer_to_pointer_expr +); + +postfix_unary_exprs( //dir=expr + unique int id: @postfix_unary_expr +); + +prefix_unary_exprs( //dir=expr + unique int id: @prefix_unary_expr +); + +protocol_metatype_to_object_exprs( //dir=expr + unique int id: @protocol_metatype_to_object_expr +); + +regex_literal_exprs( //dir=expr + unique int id: @regex_literal_expr, + string pattern: string ref, + int version: int ref +); + +@self_apply_expr = + @dot_syntax_call_expr +| @initializer_ref_call_expr +; + +#keyset[id] +self_apply_exprs( //dir=expr + int id: @self_apply_expr ref, + int base: @expr_or_none ref +); + +string_to_pointer_exprs( //dir=expr + unique int id: @string_to_pointer_expr +); + +subscript_exprs( //dir=expr + unique int id: @subscript_expr +); + +#keyset[id, index] +subscript_expr_arguments( //dir=expr + int id: @subscript_expr ref, + int index: int ref, + int argument: @argument_or_none ref +); + +#keyset[id] +subscript_expr_has_direct_to_storage_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_direct_to_implementation_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_ordinary_semantics( //dir=expr + int id: @subscript_expr ref +); + +#keyset[id] +subscript_expr_has_distributed_thunk_semantics( //dir=expr + int id: @subscript_expr ref +); + +try_exprs( //dir=expr + unique int id: @try_expr +); + +underlying_to_opaque_exprs( //dir=expr + unique int id: @underlying_to_opaque_expr +); + +unevaluated_instance_exprs( //dir=expr + unique int id: @unevaluated_instance_expr +); + +unresolved_member_chain_result_exprs( //dir=expr + unique int id: @unresolved_member_chain_result_expr +); + +unresolved_type_conversion_exprs( //dir=expr + unique int id: @unresolved_type_conversion_expr +); + +boolean_literal_exprs( //dir=expr + unique int id: @boolean_literal_expr, + boolean value: boolean ref +); + +conditional_checked_cast_exprs( //dir=expr + unique int id: @conditional_checked_cast_expr +); + +dot_syntax_call_exprs( //dir=expr + unique int id: @dot_syntax_call_expr +); + +dynamic_member_ref_exprs( //dir=expr + unique int id: @dynamic_member_ref_expr +); + +dynamic_subscript_exprs( //dir=expr + unique int id: @dynamic_subscript_expr +); + +forced_checked_cast_exprs( //dir=expr + unique int id: @forced_checked_cast_expr +); + +initializer_ref_call_exprs( //dir=expr + unique int id: @initializer_ref_call_expr +); + +is_exprs( //dir=expr + unique int id: @is_expr +); + +magic_identifier_literal_exprs( //dir=expr + unique int id: @magic_identifier_literal_expr, + string kind: string ref +); + +@number_literal_expr = + @float_literal_expr +| @integer_literal_expr +; + +string_literal_exprs( //dir=expr + unique int id: @string_literal_expr, + string value: string ref +); + +float_literal_exprs( //dir=expr + unique int id: @float_literal_expr, + string string_value: string ref +); + +integer_literal_exprs( //dir=expr + unique int id: @integer_literal_expr, + string string_value: string ref +); + +@pattern = + @any_pattern +| @binding_pattern +| @bool_pattern +| @enum_element_pattern +| @expr_pattern +| @is_pattern +| @named_pattern +| @optional_some_pattern +| @paren_pattern +| @tuple_pattern +| @typed_pattern +; + +any_patterns( //dir=pattern + unique int id: @any_pattern +); + +binding_patterns( //dir=pattern + unique int id: @binding_pattern, + int sub_pattern: @pattern_or_none ref +); + +bool_patterns( //dir=pattern + unique int id: @bool_pattern, + boolean value: boolean ref +); + +enum_element_patterns( //dir=pattern + unique int id: @enum_element_pattern, + int element: @enum_element_decl_or_none ref +); + +#keyset[id] +enum_element_pattern_sub_patterns( //dir=pattern + int id: @enum_element_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +expr_patterns( //dir=pattern + unique int id: @expr_pattern, + int sub_expr: @expr_or_none ref +); + +is_patterns( //dir=pattern + unique int id: @is_pattern +); + +#keyset[id] +is_pattern_cast_type_reprs( //dir=pattern + int id: @is_pattern ref, + int cast_type_repr: @type_repr_or_none ref +); + +#keyset[id] +is_pattern_sub_patterns( //dir=pattern + int id: @is_pattern ref, + int sub_pattern: @pattern_or_none ref +); + +named_patterns( //dir=pattern + unique int id: @named_pattern, + string name: string ref +); + +optional_some_patterns( //dir=pattern + unique int id: @optional_some_pattern, + int sub_pattern: @pattern_or_none ref +); + +paren_patterns( //dir=pattern + unique int id: @paren_pattern, + int sub_pattern: @pattern_or_none ref +); + +tuple_patterns( //dir=pattern + unique int id: @tuple_pattern +); + +#keyset[id, index] +tuple_pattern_elements( //dir=pattern + int id: @tuple_pattern ref, + int index: int ref, + int element: @pattern_or_none ref +); + +typed_patterns( //dir=pattern + unique int id: @typed_pattern, + int sub_pattern: @pattern_or_none ref +); + +#keyset[id] +typed_pattern_type_reprs( //dir=pattern + int id: @typed_pattern ref, + int type_repr: @type_repr_or_none ref +); + +case_label_items( //dir=stmt + unique int id: @case_label_item, + int pattern: @pattern_or_none ref +); + +#keyset[id] +case_label_item_guards( //dir=stmt + int id: @case_label_item ref, + int guard: @expr_or_none ref +); + +condition_elements( //dir=stmt + unique int id: @condition_element +); + +#keyset[id] +condition_element_booleans( //dir=stmt + int id: @condition_element ref, + int boolean_: @expr_or_none ref +); + +#keyset[id] +condition_element_patterns( //dir=stmt + int id: @condition_element ref, + int pattern: @pattern_or_none ref +); + +#keyset[id] +condition_element_initializers( //dir=stmt + int id: @condition_element ref, + int initializer: @expr_or_none ref +); + +#keyset[id] +condition_element_availabilities( //dir=stmt + int id: @condition_element ref, + int availability: @availability_info_or_none ref +); + +@stmt = + @brace_stmt +| @break_stmt +| @case_stmt +| @continue_stmt +| @defer_stmt +| @fail_stmt +| @fallthrough_stmt +| @labeled_stmt +| @pound_assert_stmt +| @return_stmt +| @throw_stmt +| @yield_stmt +; + +stmt_conditions( //dir=stmt + unique int id: @stmt_condition +); + +#keyset[id, index] +stmt_condition_elements( //dir=stmt + int id: @stmt_condition ref, + int index: int ref, + int element: @condition_element_or_none ref +); + +brace_stmts( //dir=stmt + unique int id: @brace_stmt +); + +#keyset[id, index] +brace_stmt_elements( //dir=stmt + int id: @brace_stmt ref, + int index: int ref, + int element: @ast_node_or_none ref +); + +break_stmts( //dir=stmt + unique int id: @break_stmt +); + +#keyset[id] +break_stmt_target_names( //dir=stmt + int id: @break_stmt ref, + string target_name: string ref +); + +#keyset[id] +break_stmt_targets( //dir=stmt + int id: @break_stmt ref, + int target: @stmt_or_none ref +); + +case_stmts( //dir=stmt + unique int id: @case_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +case_stmt_labels( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int label: @case_label_item_or_none ref +); + +#keyset[id, index] +case_stmt_variables( //dir=stmt + int id: @case_stmt ref, + int index: int ref, + int variable: @var_decl_or_none ref +); + +continue_stmts( //dir=stmt + unique int id: @continue_stmt +); + +#keyset[id] +continue_stmt_target_names( //dir=stmt + int id: @continue_stmt ref, + string target_name: string ref +); + +#keyset[id] +continue_stmt_targets( //dir=stmt + int id: @continue_stmt ref, + int target: @stmt_or_none ref +); + +defer_stmts( //dir=stmt + unique int id: @defer_stmt, + int body: @brace_stmt_or_none ref +); + +fail_stmts( //dir=stmt + unique int id: @fail_stmt +); + +fallthrough_stmts( //dir=stmt + unique int id: @fallthrough_stmt, + int fallthrough_source: @case_stmt_or_none ref, + int fallthrough_dest: @case_stmt_or_none ref +); + +@labeled_stmt = + @do_catch_stmt +| @do_stmt +| @for_each_stmt +| @labeled_conditional_stmt +| @repeat_while_stmt +| @switch_stmt +; + +#keyset[id] +labeled_stmt_labels( //dir=stmt + int id: @labeled_stmt ref, + string label: string ref +); + +pound_assert_stmts( //dir=stmt + unique int id: @pound_assert_stmt, + int condition: @expr_or_none ref, + string message: string ref +); + +return_stmts( //dir=stmt + unique int id: @return_stmt +); + +#keyset[id] +return_stmt_results( //dir=stmt + int id: @return_stmt ref, + int result: @expr_or_none ref +); + +throw_stmts( //dir=stmt + unique int id: @throw_stmt, + int sub_expr: @expr_or_none ref +); + +yield_stmts( //dir=stmt + unique int id: @yield_stmt +); + +#keyset[id, index] +yield_stmt_results( //dir=stmt + int id: @yield_stmt ref, + int index: int ref, + int result: @expr_or_none ref +); + +do_catch_stmts( //dir=stmt + unique int id: @do_catch_stmt, + int body: @stmt_or_none ref +); + +#keyset[id, index] +do_catch_stmt_catches( //dir=stmt + int id: @do_catch_stmt ref, + int index: int ref, + int catch: @case_stmt_or_none ref +); + +do_stmts( //dir=stmt + unique int id: @do_stmt, + int body: @brace_stmt_or_none ref +); + +for_each_stmts( //dir=stmt + unique int id: @for_each_stmt, + int pattern: @pattern_or_none ref, + int sequence: @expr_or_none ref, + int body: @brace_stmt_or_none ref +); + +#keyset[id] +for_each_stmt_wheres( //dir=stmt + int id: @for_each_stmt ref, + int where: @expr_or_none ref +); + +@labeled_conditional_stmt = + @guard_stmt +| @if_stmt +| @while_stmt +; + +#keyset[id] +labeled_conditional_stmts( //dir=stmt + int id: @labeled_conditional_stmt ref, + int condition: @stmt_condition_or_none ref +); + +repeat_while_stmts( //dir=stmt + unique int id: @repeat_while_stmt, + int condition: @expr_or_none ref, + int body: @stmt_or_none ref +); + +switch_stmts( //dir=stmt + unique int id: @switch_stmt, + int expr: @expr_or_none ref +); + +#keyset[id, index] +switch_stmt_cases( //dir=stmt + int id: @switch_stmt ref, + int index: int ref, + int case_: @case_stmt_or_none ref +); + +guard_stmts( //dir=stmt + unique int id: @guard_stmt, + int body: @brace_stmt_or_none ref +); + +if_stmts( //dir=stmt + unique int id: @if_stmt, + int then: @stmt_or_none ref +); + +#keyset[id] +if_stmt_elses( //dir=stmt + int id: @if_stmt ref, + int else: @stmt_or_none ref +); + +while_stmts( //dir=stmt + unique int id: @while_stmt, + int body: @stmt_or_none ref +); + +@type = + @any_function_type +| @any_generic_type +| @any_metatype_type +| @builtin_type +| @dependent_member_type +| @dynamic_self_type +| @error_type +| @existential_type +| @in_out_type +| @l_value_type +| @module_type +| @parameterized_protocol_type +| @protocol_composition_type +| @reference_storage_type +| @substitutable_type +| @sugar_type +| @tuple_type +| @unresolved_type +; + +#keyset[id] +types( //dir=type + int id: @type ref, + string name: string ref, + int canonical_type: @type_or_none ref +); + +type_reprs( //dir=type + unique int id: @type_repr, + int type_: @type_or_none ref +); + +@any_function_type = + @function_type +| @generic_function_type +; + +#keyset[id] +any_function_types( //dir=type + int id: @any_function_type ref, + int result: @type_or_none ref +); + +#keyset[id, index] +any_function_type_param_types( //dir=type + int id: @any_function_type ref, + int index: int ref, + int param_type: @type_or_none ref +); + +#keyset[id] +any_function_type_is_throwing( //dir=type + int id: @any_function_type ref +); + +#keyset[id] +any_function_type_is_async( //dir=type + int id: @any_function_type ref +); + +@any_generic_type = + @nominal_or_bound_generic_nominal_type +| @unbound_generic_type +; + +#keyset[id] +any_generic_types( //dir=type + int id: @any_generic_type ref, + int declaration: @generic_type_decl_or_none ref +); + +#keyset[id] +any_generic_type_parents( //dir=type + int id: @any_generic_type ref, + int parent: @type_or_none ref +); + +@any_metatype_type = + @existential_metatype_type +| @metatype_type +; + +@builtin_type = + @any_builtin_integer_type +| @builtin_bridge_object_type +| @builtin_default_actor_storage_type +| @builtin_executor_type +| @builtin_float_type +| @builtin_job_type +| @builtin_native_object_type +| @builtin_raw_pointer_type +| @builtin_raw_unsafe_continuation_type +| @builtin_unsafe_value_buffer_type +| @builtin_vector_type +; + +dependent_member_types( //dir=type + unique int id: @dependent_member_type, + int base_type: @type_or_none ref, + int associated_type_decl: @associated_type_decl_or_none ref +); + +dynamic_self_types( //dir=type + unique int id: @dynamic_self_type, + int static_self_type: @type_or_none ref +); + +error_types( //dir=type + unique int id: @error_type +); + +existential_types( //dir=type + unique int id: @existential_type, + int constraint: @type_or_none ref +); + +in_out_types( //dir=type + unique int id: @in_out_type, + int object_type: @type_or_none ref +); + +l_value_types( //dir=type + unique int id: @l_value_type, + int object_type: @type_or_none ref +); + +module_types( //dir=type + unique int id: @module_type, + int module: @module_decl_or_none ref +); + +parameterized_protocol_types( //dir=type + unique int id: @parameterized_protocol_type, + int base: @protocol_type_or_none ref +); + +#keyset[id, index] +parameterized_protocol_type_args( //dir=type + int id: @parameterized_protocol_type ref, + int index: int ref, + int arg: @type_or_none ref +); + +protocol_composition_types( //dir=type + unique int id: @protocol_composition_type +); + +#keyset[id, index] +protocol_composition_type_members( //dir=type + int id: @protocol_composition_type ref, + int index: int ref, + int member: @type_or_none ref +); + +@reference_storage_type = + @unmanaged_storage_type +| @unowned_storage_type +| @weak_storage_type +; + +#keyset[id] +reference_storage_types( //dir=type + int id: @reference_storage_type ref, + int referent_type: @type_or_none ref +); + +@substitutable_type = + @archetype_type +| @generic_type_param_type +; + +@sugar_type = + @paren_type +| @syntax_sugar_type +| @type_alias_type +; + +tuple_types( //dir=type + unique int id: @tuple_type +); + +#keyset[id, index] +tuple_type_types( //dir=type + int id: @tuple_type ref, + int index: int ref, + int type_: @type_or_none ref +); + +#keyset[id, index] +tuple_type_names( //dir=type + int id: @tuple_type ref, + int index: int ref, + string name: string ref +); + +unresolved_types( //dir=type + unique int id: @unresolved_type +); + +@any_builtin_integer_type = + @builtin_integer_literal_type +| @builtin_integer_type +; + +@archetype_type = + @opaque_type_archetype_type +| @opened_archetype_type +| @primary_archetype_type +; + +#keyset[id] +archetype_types( //dir=type + int id: @archetype_type ref, + int interface_type: @type_or_none ref +); + +#keyset[id] +archetype_type_superclasses( //dir=type + int id: @archetype_type ref, + int superclass: @type_or_none ref +); + +#keyset[id, index] +archetype_type_protocols( //dir=type + int id: @archetype_type ref, + int index: int ref, + int protocol: @protocol_decl_or_none ref +); + +builtin_bridge_object_types( //dir=type + unique int id: @builtin_bridge_object_type +); + +builtin_default_actor_storage_types( //dir=type + unique int id: @builtin_default_actor_storage_type +); + +builtin_executor_types( //dir=type + unique int id: @builtin_executor_type +); + +builtin_float_types( //dir=type + unique int id: @builtin_float_type +); + +builtin_job_types( //dir=type + unique int id: @builtin_job_type +); + +builtin_native_object_types( //dir=type + unique int id: @builtin_native_object_type +); + +builtin_raw_pointer_types( //dir=type + unique int id: @builtin_raw_pointer_type +); + +builtin_raw_unsafe_continuation_types( //dir=type + unique int id: @builtin_raw_unsafe_continuation_type +); + +builtin_unsafe_value_buffer_types( //dir=type + unique int id: @builtin_unsafe_value_buffer_type +); + +builtin_vector_types( //dir=type + unique int id: @builtin_vector_type +); + +existential_metatype_types( //dir=type + unique int id: @existential_metatype_type +); + +function_types( //dir=type + unique int id: @function_type +); + +generic_function_types( //dir=type + unique int id: @generic_function_type +); + +#keyset[id, index] +generic_function_type_generic_params( //dir=type + int id: @generic_function_type ref, + int index: int ref, + int generic_param: @generic_type_param_type_or_none ref +); + +generic_type_param_types( //dir=type + unique int id: @generic_type_param_type +); + +metatype_types( //dir=type + unique int id: @metatype_type +); + +@nominal_or_bound_generic_nominal_type = + @bound_generic_type +| @nominal_type +; + +paren_types( //dir=type + unique int id: @paren_type, + int type_: @type_or_none ref +); + +@syntax_sugar_type = + @dictionary_type +| @unary_syntax_sugar_type +; + +type_alias_types( //dir=type + unique int id: @type_alias_type, + int decl: @type_alias_decl_or_none ref +); + +unbound_generic_types( //dir=type + unique int id: @unbound_generic_type +); + +unmanaged_storage_types( //dir=type + unique int id: @unmanaged_storage_type +); + +unowned_storage_types( //dir=type + unique int id: @unowned_storage_type +); + +weak_storage_types( //dir=type + unique int id: @weak_storage_type +); + +@bound_generic_type = + @bound_generic_class_type +| @bound_generic_enum_type +| @bound_generic_struct_type +; + +#keyset[id, index] +bound_generic_type_arg_types( //dir=type + int id: @bound_generic_type ref, + int index: int ref, + int arg_type: @type_or_none ref +); + +builtin_integer_literal_types( //dir=type + unique int id: @builtin_integer_literal_type +); + +builtin_integer_types( //dir=type + unique int id: @builtin_integer_type +); + +#keyset[id] +builtin_integer_type_widths( //dir=type + int id: @builtin_integer_type ref, + int width: int ref +); + +dictionary_types( //dir=type + unique int id: @dictionary_type, + int key_type: @type_or_none ref, + int value_type: @type_or_none ref +); + +@nominal_type = + @class_type +| @enum_type +| @protocol_type +| @struct_type +; + +opaque_type_archetype_types( //dir=type + unique int id: @opaque_type_archetype_type, + int declaration: @opaque_type_decl_or_none ref +); + +opened_archetype_types( //dir=type + unique int id: @opened_archetype_type +); + +primary_archetype_types( //dir=type + unique int id: @primary_archetype_type +); + +@unary_syntax_sugar_type = + @array_slice_type +| @optional_type +| @variadic_sequence_type +; + +#keyset[id] +unary_syntax_sugar_types( //dir=type + int id: @unary_syntax_sugar_type ref, + int base_type: @type_or_none ref +); + +array_slice_types( //dir=type + unique int id: @array_slice_type +); + +bound_generic_class_types( //dir=type + unique int id: @bound_generic_class_type +); + +bound_generic_enum_types( //dir=type + unique int id: @bound_generic_enum_type +); + +bound_generic_struct_types( //dir=type + unique int id: @bound_generic_struct_type +); + +class_types( //dir=type + unique int id: @class_type +); + +enum_types( //dir=type + unique int id: @enum_type +); + +optional_types( //dir=type + unique int id: @optional_type +); + +protocol_types( //dir=type + unique int id: @protocol_type +); + +struct_types( //dir=type + unique int id: @struct_type +); + +variadic_sequence_types( //dir=type + unique int id: @variadic_sequence_type +); + +@accessor_or_none = + @accessor +| @unspecified_element +; + +@argument_or_none = + @argument +| @unspecified_element +; + +@associated_type_decl_or_none = + @associated_type_decl +| @unspecified_element +; + +@ast_node_or_none = + @ast_node +| @unspecified_element +; + +@availability_info_or_none = + @availability_info +| @unspecified_element +; + +@availability_spec_or_none = + @availability_spec +| @unspecified_element +; + +@brace_stmt_or_none = + @brace_stmt +| @unspecified_element +; + +@captured_decl_or_none = + @captured_decl +| @unspecified_element +; + +@case_label_item_or_none = + @case_label_item +| @unspecified_element +; + +@case_stmt_or_none = + @case_stmt +| @unspecified_element +; + +@condition_element_or_none = + @condition_element +| @unspecified_element +; + +@decl_or_none = + @decl +| @unspecified_element +; + +@enum_element_decl_or_none = + @enum_element_decl +| @unspecified_element +; + +@explicit_closure_expr_or_none = + @explicit_closure_expr +| @unspecified_element +; + +@expr_or_none = + @expr +| @unspecified_element +; + +@file_or_none = + @file +| @unspecified_element +; + +@function_or_none = + @function +| @unspecified_element +; + +@generic_type_decl_or_none = + @generic_type_decl +| @unspecified_element +; + +@generic_type_param_decl_or_none = + @generic_type_param_decl +| @unspecified_element +; + +@generic_type_param_type_or_none = + @generic_type_param_type +| @unspecified_element +; + +@initializer_or_none = + @initializer +| @unspecified_element +; + +@key_path_component_or_none = + @key_path_component +| @unspecified_element +; + +@location_or_none = + @location +| @unspecified_element +; + +@module_decl_or_none = + @module_decl +| @unspecified_element +; + +@nominal_type_decl_or_none = + @nominal_type_decl +| @unspecified_element +; + +@opaque_type_decl_or_none = + @opaque_type_decl +| @unspecified_element +; + +@opaque_value_expr_or_none = + @opaque_value_expr +| @unspecified_element +; + +@param_decl_or_none = + @param_decl +| @unspecified_element +; + +@pattern_or_none = + @pattern +| @unspecified_element +; + +@pattern_binding_decl_or_none = + @pattern_binding_decl +| @unspecified_element +; + +@precedence_group_decl_or_none = + @precedence_group_decl +| @unspecified_element +; + +@protocol_decl_or_none = + @protocol_decl +| @unspecified_element +; + +@protocol_type_or_none = + @protocol_type +| @unspecified_element +; + +@stmt_or_none = + @stmt +| @unspecified_element +; + +@stmt_condition_or_none = + @stmt_condition +| @unspecified_element +; + +@string_literal_expr_or_none = + @string_literal_expr +| @unspecified_element +; + +@tap_expr_or_none = + @tap_expr +| @unspecified_element +; + +@type_or_none = + @type +| @unspecified_element +; + +@type_alias_decl_or_none = + @type_alias_decl +| @unspecified_element +; + +@type_repr_or_none = + @type_repr +| @unspecified_element +; + +@value_decl_or_none = + @unspecified_element +| @value_decl +; + +@var_decl_or_none = + @unspecified_element +| @var_decl +; diff --git a/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties new file mode 100644 index 00000000000..fa6dbe30ef6 --- /dev/null +++ b/swift/ql/lib/upgrades/ba4171b90d0665b40e9e203bac9e3d4a0b2d03ec/upgrade.properties @@ -0,0 +1,5 @@ +description: Remove `getInterpolationCountExpr` and `getLiteralCapacityExpr` from `InterpolatedStringLiteralExpr` +compatibility: full +interpolated_string_literal_expr_interpolation_count_exprs.rel: delete +interpolated_string_literal_expr_literal_capacity_exprs.rel: delete +integer_literal_exprs.rel: run integer_literal_exprs.ql diff --git a/swift/ql/test/library-tests/ast/PrintAst.expected b/swift/ql/test/library-tests/ast/PrintAst.expected index b4665b644e8..f1fbb4f1544 100644 --- a/swift/ql/test/library-tests/ast/PrintAst.expected +++ b/swift/ql/test/library-tests/ast/PrintAst.expected @@ -206,8 +206,6 @@ cfg.swift: # 40| getExpr(): [VarargExpansionExpr] [...] # 40| getSubExpr(): [ArrayExpr] [...] # 40| getElement(0): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 1 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 14 # 40| getAppendingExpr(): [TapExpr] TapExpr # 40| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 40| getBody(): [BraceStmt] { ... } @@ -1422,8 +1420,6 @@ cfg.swift: # 262| getBody(): [BraceStmt] { ... } # 263| getElement(0): [ReturnStmt] return ... # 263| getResult(): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 4 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 37 # 263| getAppendingExpr(): [TapExpr] TapExpr # 263| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 263| getBody(): [BraceStmt] { ... } @@ -4293,8 +4289,6 @@ expressions.swift: # 7| getBody(): [BraceStmt] { ... } # 7| getElement(0): [PatternBindingDecl] var ... = ... # 7| getInit(0): [InterpolatedStringLiteralExpr] "..." -#-----| getInterpolationCountExpr(): [IntegerLiteralExpr] 1 -#-----| getLiteralCapacityExpr(): [IntegerLiteralExpr] 6 # 7| getAppendingExpr(): [TapExpr] TapExpr # 7| getSubExpr(): [OpaqueValueExpr] OpaqueValueExpr # 7| getBody(): [BraceStmt] { ... } diff --git a/swift/schema.py b/swift/schema.py index 8fc0941e171..c17cae57452 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -679,8 +679,6 @@ class InjectIntoOptionalExpr(ImplicitConversionExpr): class InterpolatedStringLiteralExpr(LiteralExpr): interpolation_expr: optional[OpaqueValueExpr] - interpolation_count_expr: optional[Expr] | child - literal_capacity_expr: optional[Expr] | child appending_expr: optional[TapExpr] | child class LinearFunctionExpr(ImplicitConversionExpr): From 604affdeb06c13611b470803479381078562ae4b Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Mon, 22 May 2023 09:31:39 -0400 Subject: [PATCH 063/210] C++: autoformat --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index da227e65f92..f7bbbbb75d9 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -92,9 +92,7 @@ module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { pointerArithOverflow(source.asInstruction(), _, _, _, _) } - predicate isSink(DataFlow::Node sink) { - isInvalidPointerDerefSink1(sink, _, _) - } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } module PointerArithmeticToDerefFlow = DataFlow::Global; From 4ed7450689b1f9d355d2041fdf243438bea59849 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Mon, 22 May 2023 11:09:44 -0400 Subject: [PATCH 064/210] C++: remove unneeded pragma --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index f7bbbbb75d9..fb664a0c364 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -111,7 +111,6 @@ module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { ) } - pragma[inline] predicate isSink(DataFlow::Node sink, FlowState state) { exists(DataFlow::Node pai | state = TOverflowArithmetic(pai.asInstruction()) and From 3bcaff605914083b4f1f8cc550a41c025b3b61e1 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 22 May 2023 16:37:03 +0100 Subject: [PATCH 065/210] Swift: re-run codegen. --- swift/ql/.generated.list | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index a28e6ba533b..e8993c8570d 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -24,7 +24,6 @@ lib/codeql/swift/elements/decl/ConcreteVarDecl.qll 94bcbdd91f461295c5b6b49fa597b lib/codeql/swift/elements/decl/ConcreteVarDeclConstructor.qll 4b6a9f458db5437f9351b14464b3809a78194029554ea818b3e18272c17afba3 a60d695b0d0ffa917ad01908bec2beaa663e644eddb00fb370fbc906623775d4 lib/codeql/swift/elements/decl/DeinitializerConstructor.qll 85f29a68ee5c0f2606c51e7a859f5f45fbc5f373e11b5e9c0762c9ba5cff51c4 6b28f69b8125d0393607dbad8e7a8aaa6469b9c671f67e8e825cc63964ed2f5d lib/codeql/swift/elements/decl/EnumCaseDeclConstructor.qll 8c907544170671f713a8665d294eeefdbe78a607c2f16e2c630ea9c33f484baf eec83efc930683628185dbdad8f73311aad510074d168a53d85ea09d13f1f7e1 -lib/codeql/swift/elements/decl/EnumDecl.qll 29f9d8cbfb19c174af9a666162fd918af7f962fa5d97756105e78d5eec38cb9e 779940ebdbd510eb651972c57eb84b04af39c44ef59a8c307a44549ab730febb lib/codeql/swift/elements/decl/EnumDeclConstructor.qll 642bbfb71e917d84695622f3b2c7b36bf5be4e185358609810267ab1fc4e221b f6e06d79e7ff65fbabf72c553508b67406fb59c577215d28cc47971d34b6af05 lib/codeql/swift/elements/decl/EnumElementDeclConstructor.qll 736074246a795c14a30a8ec7bb8da595a729983187887294e485487309919dc6 4614fb380fad7af1b5fb8afce920f3e7350378254ece60d19722046046672fbb lib/codeql/swift/elements/decl/ExtensionDeclConstructor.qll 4f811e3332720327d2b9019edbb2fa70fb24322e72881afc040e7927452409d6 554f9832311dfc30762507e0bd4b25c5b6fdb9d0c4e8252cc5a1ef1033fafacb @@ -384,7 +383,7 @@ lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d lib/codeql/swift/generated/ParentChild.qll f490202e849b9cbd550ee9d758644b85d43e60d81413e6c28df2850fb1e9a2d6 6b95aeab6b53a880b230ad0c96b6deb519a7368898c844632ae96090de59df99 lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Raw.qll cc504ec0771dbb461367944a5c95186047bad59a087a9bda74ef346c7b89b0d3 0b5973d56edd8099b645ea1f7be2a4934e62d5fa165261c63299ac2cf634437d lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 @@ -398,7 +397,7 @@ lib/codeql/swift/generated/decl/AssociatedTypeDecl.qll 4169d083104f9c089223ed3c5 lib/codeql/swift/generated/decl/CapturedDecl.qll f8b69887acb35cc8de572984fef83eb08649845b49179b68d3afef36b526bddb 94ab461ef9ab5983dece5e2b1865b6056e381e5c06f2a3ec4dfde634a9368e59 lib/codeql/swift/generated/decl/ClassDecl.qll a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 lib/codeql/swift/generated/decl/ConcreteVarDecl.qll 4801ccc477480c4bc4fc117976fbab152e081064e064c97fbb0f37199cb1d0a8 4d7cfbf5b39b307dd673781adc220fdef04213f2e3d080004fa658ba6d3acb8d -lib/codeql/swift/generated/decl/Decl.qll 1d620c8e43df3cb46e5446dc9f6592205040c4d2b03c2ce1e491d7628f8904d0 b02514d7548a5a1dca39a148974a1b4dfeb681ebf81ad80f78d53ea48bab6133 +lib/codeql/swift/generated/decl/Decl.qll e9a27347096be6b0d1f9e555ba98867b4e3f1629bc4c24ed4c737921e416ef8c 5b9d839d3cce81a282fda869d83a33138c9587c76c1547692811aed05c44aa46 lib/codeql/swift/generated/decl/Deinitializer.qll 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe lib/codeql/swift/generated/decl/EnumCaseDecl.qll 564718862a9fd5b99427591a83921bf57aac2074041b5b335577599e8eefda16 90899d7d7a9c695576ae4b24d19deb05e45e0e85c954ab41de154d5cc521019e lib/codeql/swift/generated/decl/EnumDecl.qll fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 From 7aa23cf11db24341995b4252a64bc13d1b104bb2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 22 May 2023 20:47:00 +0000 Subject: [PATCH 066/210] Release preparation for version 2.13.3 --- cpp/ql/lib/CHANGELOG.md | 16 ++++++++ .../2023-04-28-indirect-barrier-node.md | 4 -- .../2023-04-28-static-local-dataflow.md | 4 -- .../2023-05-02-ir-noreturn-calls.md | 4 -- .../2023-05-02-range-analysis-wrapper.md | 4 -- .../2023-05-22-inline-in-std-namespace.md | 4 -- cpp/ql/lib/change-notes/released/0.7.2.md | 15 +++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 4 ++ cpp/ql/src/change-notes/released/0.6.2.md | 3 ++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++ .../lib/change-notes/released/1.5.2.md | 3 ++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++ .../src/change-notes/released/1.5.2.md | 3 ++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 7 ++++ .../2023-04-26-neutral-model-kinds.md | 4 -- .../0.6.2.md} | 8 ++-- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 4 ++ csharp/ql/src/change-notes/released/0.6.2.md | 3 ++ csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 6 +++ .../0.5.2.md} | 9 ++-- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++ go/ql/src/change-notes/released/0.5.2.md | 3 ++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 41 +++++++++++++++++++ ...-04-20-create-model-for-io-jsonwebtoken.md | 5 --- .../2023-04-26-neutral-model-kinds.md | 4 -- .../2023-05-02-apache-commons-net-models.md | 4 -- ...3-05-03-url-open-stream-as-experimental.md | 4 -- .../lib/change-notes/2023-05-11-new-models.md | 6 --- .../2023-05-12-spring-jdbc-sql-sinks.md | 4 -- .../0.6.2.md} | 17 ++++++-- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 8 ++++ .../change-notes/2023-05-15-xpath-xxe-sink.md | 4 -- .../2023-05-19-groovy-injection-sink.md | 4 -- .../0.6.2.md} | 9 ++-- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 6 +++ .../0.6.2.md} | 9 ++-- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 20 +++++++++ .../2023-04-13-Forge-truncated-sha512-hash.md | 5 --- .../2023-04-26-unsafe-yaml-deserialization.md | 5 --- .../2023-04-28-json-with-comments.md | 5 --- .../2023-05-02-github-actions-sources.md | 5 --- .../change-notes/2023-05-17-indirect-shell.md | 4 -- .../ql/src/change-notes/released/0.6.2.md | 19 +++++++++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++ .../change-notes/released/0.5.2.md | 3 ++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 ++++ ...16-typetracking-read-captured-variables.md | 4 -- .../0.9.2.md} | 8 ++-- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 ++ python/ql/src/change-notes/released/0.7.2.md | 3 ++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 6 +++ .../0.6.2.md} | 7 ++-- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++ ruby/ql/src/change-notes/released/0.6.2.md | 3 ++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++ shared/regex/change-notes/released/0.0.13.md | 3 ++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++ shared/ssa/change-notes/released/0.0.17.md | 3 ++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++ .../tutorial/change-notes/released/0.0.10.md | 3 ++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++ .../change-notes/released/0.0.10.md | 3 ++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++ shared/typos/change-notes/released/0.0.17.md | 3 ++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++ shared/util/change-notes/released/0.0.10.md | 3 ++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++ shared/yaml/change-notes/released/0.0.2.md | 3 ++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- 116 files changed, 347 insertions(+), 159 deletions(-) delete mode 100644 cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md delete mode 100644 cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md delete mode 100644 cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md delete mode 100644 cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md delete mode 100644 cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md create mode 100644 cpp/ql/lib/change-notes/released/0.7.2.md create mode 100644 cpp/ql/src/change-notes/released/0.6.2.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md delete mode 100644 csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md rename csharp/ql/lib/change-notes/{2023-05-16-ilogger-extension-methods.md => released/0.6.2.md} (58%) create mode 100644 csharp/ql/src/change-notes/released/0.6.2.md rename go/ql/lib/change-notes/{2023-04-25-data-flow-varargs-parameters.md => released/0.5.2.md} (85%) create mode 100644 go/ql/src/change-notes/released/0.5.2.md delete mode 100644 java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md delete mode 100644 java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md delete mode 100644 java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md delete mode 100644 java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md delete mode 100644 java/ql/lib/change-notes/2023-05-11-new-models.md delete mode 100644 java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md rename java/ql/lib/change-notes/{2023-05-04-add-libraries-for-query-configurations.md => released/0.6.2.md} (87%) delete mode 100644 java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md delete mode 100644 java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md rename java/ql/src/change-notes/{2023-04-26-xxe-sinks-promotion.md => released/0.6.2.md} (50%) rename javascript/ql/lib/change-notes/{2023-04-03-gh-injection.md => released/0.6.2.md} (85%) delete mode 100644 javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md delete mode 100644 javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md delete mode 100644 javascript/ql/src/change-notes/2023-04-28-json-with-comments.md delete mode 100644 javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md delete mode 100644 javascript/ql/src/change-notes/2023-05-17-indirect-shell.md create mode 100644 javascript/ql/src/change-notes/released/0.6.2.md create mode 100644 misc/suite-helpers/change-notes/released/0.5.2.md delete mode 100644 python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md rename python/ql/lib/change-notes/{2022-11-15-dictionary-read-store-steps.md => released/0.9.2.md} (51%) create mode 100644 python/ql/src/change-notes/released/0.7.2.md rename ruby/ql/lib/change-notes/{2023-05-03-sqlite3.md => released/0.6.2.md} (80%) create mode 100644 ruby/ql/src/change-notes/released/0.6.2.md create mode 100644 shared/regex/change-notes/released/0.0.13.md create mode 100644 shared/ssa/change-notes/released/0.0.17.md create mode 100644 shared/tutorial/change-notes/released/0.0.10.md create mode 100644 shared/typetracking/change-notes/released/0.0.10.md create mode 100644 shared/typos/change-notes/released/0.0.17.md create mode 100644 shared/util/change-notes/released/0.0.10.md create mode 100644 shared/yaml/change-notes/released/0.0.2.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index f77a14c328f..e5d2ae643bc 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. + ## 0.7.1 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md b/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md deleted file mode 100644 index 68421139e7d..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. diff --git a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md b/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md deleted file mode 100644 index be4c4e73ed0..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md b/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md deleted file mode 100644 index 5688945dc80..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md b/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md deleted file mode 100644 index b28167dc52d..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md b/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md deleted file mode 100644 index 8b562bd8357..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-22-inline-in-std-namespace.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. diff --git a/cpp/ql/lib/change-notes/released/0.7.2.md b/cpp/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..4decad06ae8 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,15 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3f6482c1ebe..2008adee602 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.7.2-dev +version: 0.7.2 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 1314e6d7553..4991b66538f 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### New Queries diff --git a/cpp/ql/src/change-notes/released/0.6.2.md b/cpp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4df58a2da69..8b2bb0ed100 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.6.2-dev +version: 0.6.2 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index fb0859160cc..9c09d378a20 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.5.2-dev +version: 1.5.2 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 4c9eeb60c87..241bb764b7c 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.5.2-dev +version: 1.5.2 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 4ebff5c86a7..435255a997a 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. + ## 0.6.1 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md b/csharp/ql/lib/change-notes/released/0.6.2.md similarity index 58% rename from csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md rename to csharp/ql/lib/change-notes/released/0.6.2.md index 4d4f0767238..c3829f2df86 100644 --- a/csharp/ql/lib/change-notes/2023-05-16-ilogger-extension-methods.md +++ b/csharp/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + * The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index fdb710e9371..1e56c93103b 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.6.2-dev +version: 0.6.2 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index fb6006fc6f9..e214ec42a03 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.6.2.md b/csharp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index d68e0a497c1..663ad9efee2 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.6.2-dev +version: 0.6.2 groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index e144655e159..5f09272c19b 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. + ## 0.5.1 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md b/go/ql/lib/change-notes/released/0.5.2.md similarity index 85% rename from go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md rename to go/ql/lib/change-notes/released/0.5.2.md index 881d570361e..ad1dea14924 100644 --- a/go/ql/lib/change-notes/2023-04-25-data-flow-varargs-parameters.md +++ b/go/ql/lib/change-notes/released/0.5.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. \ No newline at end of file +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 346dc087db4..4da3e4ac60c 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.5.2-dev +version: 0.5.2 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 81ce4f00d02..8a1b8bcfebc 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.2 + +No user-facing changes. + ## 0.5.1 No user-facing changes. diff --git a/go/ql/src/change-notes/released/0.5.2.md b/go/ql/src/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..e94d1f4ad5b --- /dev/null +++ b/go/ql/src/change-notes/released/0.5.2.md @@ -0,0 +1,3 @@ +## 0.5.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 64be9928c63..81410e8a0bc 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.5.2-dev +version: 0.5.2 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 03907f74b89..53fb1470bb9 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,44 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs +* Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. +* Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticUncontrolledQuery.qll` library to provide the `ArithmeticUncontrolledOverflowFlow` and `ArithmeticUncontrolledUnderflowFlow` taint-tracking modules to reason about arithmetic with uncontrolled user input. +* Added the `ArithmeticWithExtremeValuesQuery.qll` library to provide the `MaxValueFlow` and `MinValueFlow` dataflow modules to reason about arithmetic with extreme values. +* Added the `BrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `ExecTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToExecFlow` taint-tracking module to reason about command injection vulnerabilities caused by local data flow. +* Added the `ExternallyControlledFormatStringLocalQuery.qll` library to provide the `ExternallyControlledFormatStringLocalFlow` taint-tracking module to reason about format string vulnerabilities caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` dataflow module to reason about improper validation of code-specified sizes used for array construction. +* Added the `ImproperValidationOfArrayConstructionLocalQuery.qll` library to provide the `ImproperValidationOfArrayConstructionLocalFlow` taint-tracking module to reason about improper validation of local user-provided sizes used for array construction caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionQuery.qll` library to provide the `ImproperValidationOfArrayConstructionFlow` taint-tracking module to reason about improper validation of user-provided size used for array construction. +* Added the `ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` data flow module to reason about about improper validation of code-specified array index. +* Added the `ImproperValidationOfArrayIndexLocalQuery.qll` library to provide the `ImproperValidationOfArrayIndexLocalFlow` taint-tracking module to reason about improper validation of a local user-provided array index. +* Added the `ImproperValidationOfArrayIndexQuery.qll` library to provide the `ImproperValidationOfArrayIndexFlow` taint-tracking module to reason about improper validation of user-provided array index. +* Added the `InsecureCookieQuery.qll` library to provide the `SecureCookieFlow` taint-tracking module to reason about insecure cookie vulnerabilities. +* Added the `MaybeBrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `NumericCastTaintedQuery.qll` library to provide the `NumericCastTaintedFlow` taint-tracking module to reason about numeric cast vulnerabilities. +* Added the `ResponseSplittingLocalQuery.qll` library to provide the `ResponseSplittingLocalFlow` taint-tracking module to reason about response splitting vulnerabilities caused by local data flow. +* Added the `SqlConcatenatedQuery.qll` library to provide the `UncontrolledStringBuilderSourceFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by concatenating untrusted strings. +* Added the `SqlTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToSqlFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by local data flow. +* Added the `StackTraceExposureQuery.qll` library to provide the `printsStackExternally`, `stringifiedStackFlowsExternally`, and `getMessageFlowsExternally` predicates to reason about stack trace exposure vulnerabilities. +* Added the `TaintedPermissionQuery.qll` library to provide the `TaintedPermissionFlow` taint-tracking module to reason about tainted permission vulnerabilities. +* Added the `TempDirLocalInformationDisclosureQuery.qll` library to provide the `TempDirSystemGetPropertyToCreate` taint-tracking module to reason about local information disclosure vulnerabilities caused by local data flow. +* Added the `UnsafeHostnameVerificationQuery.qll` library to provide the `TrustAllHostnameVerifierFlow` taint-tracking module to reason about insecure hostname verification vulnerabilities. +* Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. +* Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. +* Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. + ## 0.6.1 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md b/java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md deleted file mode 100644 index 3a037075967..00000000000 --- a/java/ql/lib/change-notes/2023-04-20-create-model-for-io-jsonwebtoken.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the `io.jsonwebtoken` library. - diff --git a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md b/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md deleted file mode 100644 index a669c74d3e8..00000000000 --- a/java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the Apache Commons Net library. diff --git a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md b/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md deleted file mode 100644 index 1d57d64973c..00000000000 --- a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. diff --git a/java/ql/lib/change-notes/2023-05-11-new-models.md b/java/ql/lib/change-notes/2023-05-11-new-models.md deleted file mode 100644 index 067105b4aca..00000000000 --- a/java/ql/lib/change-notes/2023-05-11-new-models.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the following packages: - - * org.apache.hadoop.fs diff --git a/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md b/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md deleted file mode 100644 index 68d6c2b45fe..00000000000 --- a/java/ql/lib/change-notes/2023-05-12-spring-jdbc-sql-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md b/java/ql/lib/change-notes/released/0.6.2.md similarity index 87% rename from java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md rename to java/ql/lib/change-notes/released/0.6.2.md index ead324ee5fb..f0bf9441a47 100644 --- a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md +++ b/java/ql/lib/change-notes/released/0.6.2.md @@ -1,6 +1,11 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs * Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. * Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. * Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. @@ -28,4 +33,8 @@ category: minorAnalysis * Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. * Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. * Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. -* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. \ No newline at end of file +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index c48db63b34d..94ec029ed07 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.6.2-dev +version: 0.6.2 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 744ac866083..1e7cebcfca1 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. +* Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). + ## 0.6.1 No user-facing changes. diff --git a/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md b/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md deleted file mode 100644 index 1696ffbd213..00000000000 --- a/java/ql/src/change-notes/2023-05-15-xpath-xxe-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. diff --git a/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md b/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md deleted file mode 100644 index 7f668dd1b28..00000000000 --- a/java/ql/src/change-notes/2023-05-19-groovy-injection-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. diff --git a/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md b/java/ql/src/change-notes/released/0.6.2.md similarity index 50% rename from java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md rename to java/ql/src/change-notes/released/0.6.2.md index 01bbfe267bd..50a5ff81b8f 100644 --- a/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md +++ b/java/ql/src/change-notes/released/0.6.2.md @@ -1,4 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. * Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 3e640f9376f..8936d5a4373 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.6.2-dev +version: 0.6.2 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 24e199a69d7..3ac3bc23481 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. + ## 0.6.1 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2023-04-03-gh-injection.md b/javascript/ql/lib/change-notes/released/0.6.2.md similarity index 85% rename from javascript/ql/lib/change-notes/2023-04-03-gh-injection.md rename to javascript/ql/lib/change-notes/released/0.6.2.md index 63e913eb694..f97f6633c49 100644 --- a/javascript/ql/lib/change-notes/2023-04-03-gh-injection.md +++ b/javascript/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. \ No newline at end of file +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 4b0fa8d4ffb..c45ff2f4732 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.6.2-dev +version: 0.6.2 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index d0933ef06cf..eb914577876 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,23 @@ +## 0.6.2 + +### Major Analysis Improvements + +* Added taint sources from the `@actions/core` and `@actions/github` packages. +* Added command-injection sinks from the `@actions/exec` package. + +### Minor Analysis Improvements + +* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. +* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except + when it is used with an unsafe schema. +* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, + SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. + +### Bug Fixes + +* Fixed a spurious diagnostic warning about comments in JSON files being illegal. + Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. + ## 0.6.1 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md b/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md deleted file mode 100644 index 1d2bfc9a8f9..00000000000 --- a/javascript/ql/src/change-notes/2023-04-13-Forge-truncated-sha512-hash.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, - SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. \ No newline at end of file diff --git a/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md b/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md deleted file mode 100644 index 02b044ee47a..00000000000 --- a/javascript/ql/src/change-notes/2023-04-26-unsafe-yaml-deserialization.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except - when it is used with an unsafe schema. diff --git a/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md b/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md deleted file mode 100644 index 3ce9949a39a..00000000000 --- a/javascript/ql/src/change-notes/2023-04-28-json-with-comments.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- -* Fixed a spurious diagnostic warning about comments in JSON files being illegal. - Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. diff --git a/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md b/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md deleted file mode 100644 index a9cf1339421..00000000000 --- a/javascript/ql/src/change-notes/2023-05-02-github-actions-sources.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis ---- -* Added taint sources from the `@actions/core` and `@actions/github` packages. -* Added command-injection sinks from the `@actions/exec` package. diff --git a/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md b/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md deleted file mode 100644 index 556e9976152..00000000000 --- a/javascript/ql/src/change-notes/2023-05-17-indirect-shell.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. diff --git a/javascript/ql/src/change-notes/released/0.6.2.md b/javascript/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..777dd69688e --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,19 @@ +## 0.6.2 + +### Major Analysis Improvements + +* Added taint sources from the `@actions/core` and `@actions/github` packages. +* Added command-injection sinks from the `@actions/exec` package. + +### Minor Analysis Improvements + +* The `js/indirect-command-line-injection` query no longer flags command arguments that cannot be interpreted as a shell string. +* The `js/unsafe-deserialization` query no longer flags deserialization through the `js-yaml` library, except + when it is used with an unsafe schema. +* The Forge module in `CryptoLibraries.qll` now correctly classifies SHA-512/224, + SHA-512/256, and SHA-512/384 hashes used in message digests as NonKeyCiphers. + +### Bug Fixes + +* Fixed a spurious diagnostic warning about comments in JSON files being illegal. + Comments in JSON files are in fact fully supported, and the diagnostic message was misleading. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 2c62c9e75d5..f64917ed51f 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.6.2-dev +version: 0.6.2 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9621c2fa167..46787616efa 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.2 + +No user-facing changes. + ## 0.5.1 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.5.2.md b/misc/suite-helpers/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..e94d1f4ad5b --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.5.2.md @@ -0,0 +1,3 @@ +## 0.5.2 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index c5cf2398633..a66a845730d 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.5.2-dev +version: 0.5.2 groups: shared diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index b00d10f98d9..91f53df486b 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.9.2 + +### Minor Analysis Improvements + +* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. +* Added more content-flow/field-flow for dictionaries, by adding support for reads through `mydict.get("key")` and `mydict.setdefault("key", value)`, and store steps through `dict["key"] = value` and `mydict.setdefault("key", value)`. + ## 0.9.1 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md b/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md deleted file mode 100644 index 6905a03c8e8..00000000000 --- a/python/ql/lib/change-notes/2023-03-16-typetracking-read-captured-variables.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. diff --git a/python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md b/python/ql/lib/change-notes/released/0.9.2.md similarity index 51% rename from python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md rename to python/ql/lib/change-notes/released/0.9.2.md index 45b225bbb26..06149b0aac9 100644 --- a/python/ql/lib/change-notes/2022-11-15-dictionary-read-store-steps.md +++ b/python/ql/lib/change-notes/released/0.9.2.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.9.2 + +### Minor Analysis Improvements + +* Type tracking is now aware of reads of captured variables (variables defined in an outer scope). This leads to a richer API graph, and may lead to more results in some queries. * Added more content-flow/field-flow for dictionaries, by adding support for reads through `mydict.get("key")` and `mydict.setdefault("key", value)`, and store steps through `dict["key"] = value` and `mydict.setdefault("key", value)`. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 6789dcd18b7..e1eda519435 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.1 +lastReleaseVersion: 0.9.2 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 9948ffa5d7f..be1ec0efa99 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.9.2-dev +version: 0.9.2 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 36f736322c9..712de670fdc 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.7.2.md b/python/ql/src/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/python/ql/src/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 0d2839ec410..d399ced2ccd 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.7.2-dev +version: 0.7.2 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 2071494bb54..65eba10cc10 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Support for the `sqlite3` gem has been added. Method calls that execute queries against an SQLite3 database that may be vulnerable to injection attacks will now be recognized. + ## 0.6.1 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2023-05-03-sqlite3.md b/ruby/ql/lib/change-notes/released/0.6.2.md similarity index 80% rename from ruby/ql/lib/change-notes/2023-05-03-sqlite3.md rename to ruby/ql/lib/change-notes/released/0.6.2.md index 16af7f859e9..a1214bd6e68 100644 --- a/ruby/ql/lib/change-notes/2023-05-03-sqlite3.md +++ b/ruby/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + * Support for the `sqlite3` gem has been added. Method calls that execute queries against an SQLite3 database that may be vulnerable to injection attacks will now be recognized. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index f25ce14aa24..7d01fb676db 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.6.2-dev +version: 0.6.2 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 20ece6388aa..7e2e0df8b38 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/0.6.2.md b/ruby/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index b85dc0f5e4f..2ba1f5ae58f 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.6.2-dev +version: 0.6.2 groups: - ruby - queries diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 64199d2b5ca..cc83ed1e68c 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.13 + +No user-facing changes. + ## 0.0.12 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.0.13.md b/shared/regex/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..f679eaf0313 --- /dev/null +++ b/shared/regex/change-notes/released/0.0.13.md @@ -0,0 +1,3 @@ +## 0.0.13 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 997fb8da83c..044e54e4f7e 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.13 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index ef9519ead25..deb3ab1029b 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.0.13-dev +version: 0.0.13 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 52bdc7e1442..5e42000c1d1 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.0.17.md b/shared/ssa/change-notes/released/0.0.17.md new file mode 100644 index 00000000000..62cc89030a6 --- /dev/null +++ b/shared/ssa/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a49f7be4cff..cbc3d3cd493 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 4bb3d04e800..2200a923da4 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.0.17-dev +version: 0.0.17 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1e8bd30fccd..02876619527 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.0.10.md b/shared/tutorial/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/tutorial/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 37c2fca38b4..dafd176c023 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.0.10-dev +version: 0.0.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 77af08547b4..c8729dc39f8 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.0.10.md b/shared/typetracking/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/typetracking/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 499f5cc4d34..697964c9078 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.0.10-dev +version: 0.0.10 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 600b6f93329..472d0ef41a5 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.0.17.md b/shared/typos/change-notes/released/0.0.17.md new file mode 100644 index 00000000000..62cc89030a6 --- /dev/null +++ b/shared/typos/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a49f7be4cff..cbc3d3cd493 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 6d0b76e1ce5..41595203b56 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.0.17-dev +version: 0.0.17 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index aad25b929dc..99aa576343d 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.10 + +No user-facing changes. + ## 0.0.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.0.10.md b/shared/util/change-notes/released/0.0.10.md new file mode 100644 index 00000000000..22391080fd4 --- /dev/null +++ b/shared/util/change-notes/released/0.0.10.md @@ -0,0 +1,3 @@ +## 0.0.10 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index ecdd64fbab8..b740014e5ae 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.10 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 8ff9a0efdb6..b6a5d413250 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.0.10-dev +version: 0.0.10 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 9e8194d5e01..9119d5fc839 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.2 + +No user-facing changes. + ## 0.0.1 ### Minor Analysis Improvements diff --git a/shared/yaml/change-notes/released/0.0.2.md b/shared/yaml/change-notes/released/0.0.2.md new file mode 100644 index 00000000000..5ab250998ed --- /dev/null +++ b/shared/yaml/change-notes/released/0.0.2.md @@ -0,0 +1,3 @@ +## 0.0.2 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index c6933410b71..55dc06fbd76 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.1 +lastReleaseVersion: 0.0.2 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 75a796f2ba3..5f61beb0f39 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.0.2-dev +version: 0.0.2 groups: shared library: true warnOnImplicitThis: true From c9c1f08de7601c00892ff865217fcca1a2729a61 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 08:36:49 +0200 Subject: [PATCH 067/210] Swift: mark downgrade as backwards compatible --- .../44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties index 2a0d022be0c..24d1f9b8e02 100644 --- a/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties +++ b/swift/downgrades/44e36e15e90bc1535964d9b86b3cd06a8b0d26e3/upgrade.properties @@ -1,2 +1,2 @@ description: Revert removing `getInterpolationCountExpr` and `getLiteralCapacityExpr` from `InterpolatedStringLiteralExpr` -compatibility: full +compatibility: backwards From d5d56cde5aac76d13baae120d0d1a2ce169694f5 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Tue, 23 May 2023 10:51:21 +0100 Subject: [PATCH 068/210] Dead store of field: count passing to a vararg function as escaping --- go/ql/src/RedundantCode/DeadStoreOfField.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/ql/src/RedundantCode/DeadStoreOfField.ql b/go/ql/src/RedundantCode/DeadStoreOfField.ql index 2060ac1f734..9dd2c4de65c 100644 --- a/go/ql/src/RedundantCode/DeadStoreOfField.ql +++ b/go/ql/src/RedundantCode/DeadStoreOfField.ql @@ -36,7 +36,7 @@ predicate escapes(DataFlow::Node nd) { exists(SendStmt s | nd.asExpr() = s.getValue()) or // if `nd` is passed to a function, then it escapes - nd instanceof DataFlow::ArgumentNode + nd = any(DataFlow::CallNode c).getASyntacticArgument() or // if `nd` has its address taken, then it escapes exists(AddressExpr ae | nd.asExpr() = ae.getOperand()) From 0574f2784f2db7639bad37fba8871b71c99cb3d2 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 12:32:28 +0200 Subject: [PATCH 069/210] Swift: trigger workflow on `codeql-cli-*` --- .github/workflows/swift.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/swift.yml b/.github/workflows/swift.yml index 806e04e6c68..075a5505f39 100644 --- a/.github/workflows/swift.yml +++ b/.github/workflows/swift.yml @@ -16,6 +16,7 @@ on: branches: - main - rc/* + - codeql-cli-* push: paths: - "swift/**" @@ -30,6 +31,7 @@ on: branches: - main - rc/* + - codeql-cli-* jobs: # not using a matrix as you cannot depend on a specific job in a matrix, and we want to start linux checks From 7dd18ff8010730866aedaec38ca3c1df24c412fd Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 09:02:44 +0200 Subject: [PATCH 070/210] Swift: add `@ql.hideable` to schema loading --- misc/codegen/lib/schema.py | 2 ++ misc/codegen/lib/schemadefs.py | 1 + misc/codegen/loaders/schemaloader.py | 2 ++ misc/codegen/test/test_schemaloader.py | 17 +++++++++++++++++ 4 files changed, 22 insertions(+) diff --git a/misc/codegen/lib/schema.py b/misc/codegen/lib/schema.py index 64a4720093b..d72fa46adf4 100644 --- a/misc/codegen/lib/schema.py +++ b/misc/codegen/lib/schema.py @@ -91,6 +91,8 @@ class Class: """^^^ filled with `True` for non-final classes with only synthesized final descendants """ doc: List[str] = field(default_factory=list) default_doc_name: Optional[str] = None + hideable_root: bool = False + hideable: bool = False @property def final(self): diff --git a/misc/codegen/lib/schemadefs.py b/misc/codegen/lib/schemadefs.py index f3bfd9840dc..3235ace42e7 100644 --- a/misc/codegen/lib/schemadefs.py +++ b/misc/codegen/lib/schemadefs.py @@ -145,6 +145,7 @@ _Pragma("qltest_collapse_hierarchy") _Pragma("qltest_uncollapse_hierarchy") ql.default_doc_name = lambda doc: _annotate(doc_name=doc) +ql.hideable = _annotate(hideable=True) _Pragma("ql_internal") _Pragma("cpp_skip") diff --git a/misc/codegen/loaders/schemaloader.py b/misc/codegen/loaders/schemaloader.py index 5fd392b112d..0202c98f439 100644 --- a/misc/codegen/loaders/schemaloader.py +++ b/misc/codegen/loaders/schemaloader.py @@ -37,7 +37,9 @@ def _get_class(cls: type) -> schema.Class: derived={d.__name__ for d in cls.__subclasses__()}, # getattr to inherit from bases group=getattr(cls, "_group", ""), + hideable=getattr(cls, "_hideable", False), # in the following we don't use `getattr` to avoid inheriting + hideable_root=cls.__dict__.get("_hideable", False), pragmas=cls.__dict__.get("_pragmas", []), ipa=cls.__dict__.get("_ipa", None), properties=[ diff --git a/misc/codegen/test/test_schemaloader.py b/misc/codegen/test/test_schemaloader.py index 9c9750818ea..2479fc08500 100644 --- a/misc/codegen/test/test_schemaloader.py +++ b/misc/codegen/test/test_schemaloader.py @@ -688,5 +688,22 @@ def test_uppercase_acronyms_are_rejected(): pass +def test_hideable(): + @load + class data: + class Root: + pass + + @defs.ql.hideable + class A(Root): + pass + + class B(A): + pass + + assert data.classes["A"] == schema.Class("A", bases=["Root"], derived={"B"}, hideable_root=True, hideable=True) + assert data.classes["B"] == schema.Class("B", bases=["A"], hideable=True) + + if __name__ == '__main__': sys.exit(pytest.main([__file__] + sys.argv[1:])) From a087fef33575aa7df945e93aebf6cee7d566f721 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 09:37:55 +0200 Subject: [PATCH 071/210] Swift: implement `@ql.hideable` --- misc/codegen/generators/qlgen.py | 15 +- misc/codegen/lib/ql.py | 3 + misc/codegen/templates/ql_class.mustache | 17 +-- misc/codegen/templates/ql_parent.mustache | 12 +- misc/codegen/test/test_qlgen.py | 128 ++++++++++-------- swift/ql/.generated.list | 4 +- .../codeql/swift/generated/ParentChild.qll | 6 +- swift/schema.py | 1 + 8 files changed, 112 insertions(+), 74 deletions(-) diff --git a/misc/codegen/generators/qlgen.py b/misc/codegen/generators/qlgen.py index 7affea51828..6e4017b81f6 100755 --- a/misc/codegen/generators/qlgen.py +++ b/misc/codegen/generators/qlgen.py @@ -102,7 +102,7 @@ def _get_doc(cls: schema.Class, prop: schema.Property, plural=None): return f"{prop_name} of this {class_name}" -def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = "") -> ql.Property: +def get_ql_property(cls: schema.Class, prop: schema.Property, lookup: typing.Dict[str, schema.Class], prev_child: str = "") -> ql.Property: args = dict( type=prop.type if not prop.is_predicate else "predicate", qltest_skip="qltest_skip" in prop.pragmas, @@ -110,7 +110,8 @@ def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = is_optional=prop.is_optional, is_predicate=prop.is_predicate, is_unordered=prop.is_unordered, - description=prop.description + description=prop.description, + type_is_hideable=lookup[prop.type].hideable if prop.type in lookup else False, ) if prop.is_single: args.update( @@ -147,12 +148,12 @@ def get_ql_property(cls: schema.Class, prop: schema.Property, prev_child: str = return ql.Property(**args) -def get_ql_class(cls: schema.Class) -> ql.Class: +def get_ql_class(cls: schema.Class, lookup: typing.Dict[str, schema.Class]) -> ql.Class: pragmas = {k: True for k in cls.pragmas if k.startswith("ql")} prev_child = "" properties = [] for p in cls.properties: - prop = get_ql_property(cls, p, prev_child) + prop = get_ql_property(cls, p, lookup, prev_child) if prop.is_child: prev_child = prop.singular properties.append(prop) @@ -164,6 +165,8 @@ def get_ql_class(cls: schema.Class) -> ql.Class: dir=pathlib.Path(cls.group or ""), ipa=bool(cls.ipa), doc=cls.doc, + hideable=cls.hideable, + hideable_root=cls.hideable_root, **pragmas, ) @@ -254,7 +257,7 @@ def _get_all_properties_to_be_tested(cls: schema.Class, lookup: typing.Dict[str, for c, p in _get_all_properties(cls, lookup): if not ("qltest_skip" in c.pragmas or "qltest_skip" in p.pragmas): # TODO here operations are duplicated, but should be better if we split ql and qltest generation - p = get_ql_property(c, p) + p = get_ql_property(c, p, lookup) yield ql.PropertyForTest(p.getter, is_total=p.is_single or p.is_predicate, type=p.type if not p.is_predicate else None, is_indexed=p.is_indexed) if p.is_repeated and not p.is_optional: @@ -329,7 +332,7 @@ def generate(opts, renderer): data = schemaloader.load_file(input) - classes = {name: get_ql_class(cls) for name, cls in data.classes.items()} + classes = {name: get_ql_class(cls, data.classes) for name, cls in data.classes.items()} if not classes: raise NoClasses root = next(iter(classes.values())) diff --git a/misc/codegen/lib/ql.py b/misc/codegen/lib/ql.py index 97165053fd0..508db816beb 100644 --- a/misc/codegen/lib/ql.py +++ b/misc/codegen/lib/ql.py @@ -42,6 +42,7 @@ class Property: description: List[str] = field(default_factory=list) doc: Optional[str] = None doc_plural: Optional[str] = None + type_is_hideable: bool = False def __post_init__(self): if self.tableparams: @@ -113,6 +114,8 @@ class Class: ql_internal: bool = False ipa: bool = False doc: List[str] = field(default_factory=list) + hideable_root: bool = False + hideable: bool = False def __post_init__(self): self.bases = [Base(str(b), str(prev)) for b, prev in zip(self.bases, itertools.chain([""], self.bases))] diff --git a/misc/codegen/templates/ql_class.mustache b/misc/codegen/templates/ql_class.mustache index 9f72caef392..63e4f0088fe 100644 --- a/misc/codegen/templates/ql_class.mustache +++ b/misc/codegen/templates/ql_class.mustache @@ -37,7 +37,8 @@ module Generated { * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs. */ final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } - + {{/root}} + {{#hideable_root}} /** * Gets the most immediate element that should substitute this element in the explicit AST, if any. * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved @@ -54,13 +55,13 @@ module Generated { or result = this.getResolveStep().resolve() } - {{/root}} + {{/hideable_root}} {{#final}} override string getAPrimaryQlClass() { result = "{{name}}" } {{/final}} {{#properties}} - {{#type_is_class}} + {{#type_is_hideable}} /** * {{>ql_property_doc}} * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the @@ -85,11 +86,11 @@ module Generated { */ final {{type}} {{getter}}({{#is_indexed}}int index{{/is_indexed}}) { exists({{type}} immediate | immediate = this.get{{#is_unordered}}An{{/is_unordered}}Immediate{{singular}}({{#is_indexed}}index{{/is_indexed}}) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve()) + {{#hideable}}if exists(this.getResolveStep()) then result = immediate else {{/hideable}}result = immediate.resolve()) } - {{/type_is_class}} - {{^type_is_class}} + {{/type_is_hideable}} + {{^type_is_hideable}} /** * {{>ql_property_doc}} * {{#has_description}} @@ -100,14 +101,14 @@ module Generated { */ {{type}} {{getter}}({{#is_indexed}}int index{{/is_indexed}}) { {{^ipa}} - {{^is_predicate}}result = {{/is_predicate}}Synth::convert{{name}}ToRaw(this){{^root}}.(Raw::{{name}}){{/root}}.{{getter}}({{#is_indexed}}index{{/is_indexed}}) + {{^is_predicate}}result = {{/is_predicate}}{{#type_is_class}}Synth::convert{{type}}FromRaw({{/type_is_class}}Synth::convert{{name}}ToRaw(this){{^root}}.(Raw::{{name}}){{/root}}.{{getter}}({{#is_indexed}}index{{/is_indexed}}){{#type_is_class}}){{/type_is_class}} {{/ipa}} {{#ipa}} none() {{/ipa}} } - {{/type_is_class}} + {{/type_is_hideable}} {{#is_optional}} /** * Holds if `{{getter}}({{#is_repeated}}index{{/is_repeated}})` exists. diff --git a/misc/codegen/templates/ql_parent.mustache b/misc/codegen/templates/ql_parent.mustache index 2c8d7dfc258..2dcac6c45dc 100644 --- a/misc/codegen/templates/ql_parent.mustache +++ b/misc/codegen/templates/ql_parent.mustache @@ -28,7 +28,7 @@ private module Impl { {{! for single and optional properties it adds 1 (regardless of whether the optional property exists) }} {{! for repeated it adds 1 + the maximum index (which works for repeated optional as well) }} and - n{{singular}} = n{{prev_child}} + 1{{#is_repeated}}+ max(int i | i = -1 or exists(e.getImmediate{{singular}}(i)) | i){{/is_repeated}} + n{{singular}} = n{{prev_child}} + 1{{#is_repeated}}+ max(int i | i = -1 or exists(e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}(i)) | i){{/is_repeated}} {{/is_child}} {{/properties}} and ( none() @@ -40,10 +40,10 @@ private module Impl { {{#is_child}} or {{#is_repeated}} - result = e.getImmediate{{singular}}(index - n{{prev_child}}) and partialPredicateCall = "{{singular}}(" + (index - n{{prev_child}}).toString() + ")" + result = e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}(index - n{{prev_child}}) and partialPredicateCall = "{{singular}}(" + (index - n{{prev_child}}).toString() + ")" {{/is_repeated}} {{^is_repeated}} - index = n{{prev_child}} and result = e.getImmediate{{singular}}() and partialPredicateCall = "{{singular}}()" + index = n{{prev_child}} and result = e.get{{#type_is_hideable}}Immediate{{/type_is_hideable}}{{singular}}() and partialPredicateCall = "{{singular}}()" {{/is_repeated}} {{/is_child}} {{/properties}} @@ -64,6 +64,10 @@ none() {{/final}} {{/classes}} } + +Element resolve(Element e) { + {{#classes}}{{#hideable_root}}if e instanceof {{name}} then result = e.({{name}}).resolve() else {{/hideable_root}}{{/classes}}result = e +} } /** @@ -87,5 +91,5 @@ exists(string partialAccessor | result = Impl::getImmediateChild(e, index, parti * Gets the child indexed at `index`. Indexes are not guaranteed to be contiguous, but are guaranteed to be distinct. `accessor` is bound the member predicate call resulting in the given child. */ Element getChildAndAccessor(Element e, int index, string accessor) { -exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and accessor = "get" + partialAccessor) +exists(string partialAccessor | result = Impl::resolve(Impl::getImmediateChild(e, index, partialAccessor)) and accessor = "get" + partialAccessor) } diff --git a/misc/codegen/test/test_qlgen.py b/misc/codegen/test/test_qlgen.py index 1cd85762315..32f65bbc851 100644 --- a/misc/codegen/test/test_qlgen.py +++ b/misc/codegen/test/test_qlgen.py @@ -139,15 +139,16 @@ def a_ql_class(**kwargs): return ql.Class(**kwargs, import_prefix=gen_import) -def a_ql_stub(**kwargs): - return ql.Stub(**kwargs, import_prefix=gen_import) +def a_ql_stub(*, name, import_prefix="", **kwargs): + return ql.Stub(name=name, **kwargs, import_prefix=gen_import, + base_import=f"{gen_import_prefix}{import_prefix}{name}") def test_one_empty_class(generate_classes): assert generate_classes([ schema.Class("A") ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A", final=True)), } @@ -159,15 +160,11 @@ def test_hierarchy(generate_classes): schema.Class("B", bases=["A"], derived={"D"}), schema.Class("A", derived={"B", "C"}), ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), - a_ql_class(name="A")), - "B.qll": (a_ql_stub(name="B", base_import=gen_import_prefix + "B"), - a_ql_class(name="B", bases=["A"], imports=[stub_import_prefix + "A"])), - "C.qll": (a_ql_stub(name="C", base_import=gen_import_prefix + "C"), - a_ql_class(name="C", bases=["A"], imports=[stub_import_prefix + "A"])), - "D.qll": (a_ql_stub(name="D", base_import=gen_import_prefix + "D"), - a_ql_class(name="D", final=True, bases=["B", "C"], - imports=[stub_import_prefix + cls for cls in "BC"])), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A")), + "B.qll": (a_ql_stub(name="B"), a_ql_class(name="B", bases=["A"], imports=[stub_import_prefix + "A"])), + "C.qll": (a_ql_stub(name="C"), a_ql_class(name="C", bases=["A"], imports=[stub_import_prefix + "A"])), + "D.qll": (a_ql_stub(name="D"), a_ql_class(name="D", final=True, bases=["B", "C"], + imports=[stub_import_prefix + cls for cls in "BC"])), } @@ -213,7 +210,7 @@ def test_single_property(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -236,9 +233,8 @@ def test_children(generate_classes): schema.RepeatedOptionalProperty("child_4", "int", is_child=True), ]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="A", type="int", tablename="my_objects", @@ -286,7 +282,7 @@ def test_single_properties(generate_classes): schema.SingleProperty("three", "z"), ]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="One", type="x", tablename="my_objects", @@ -309,9 +305,8 @@ def test_optional_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.OptionalProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_object_foos", tableparams=["this", "result"], @@ -327,9 +322,8 @@ def test_repeated_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.RepeatedProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "index", "result"], prev_child=prev_child, @@ -344,9 +338,8 @@ def test_repeated_unordered_property(generate_classes): schema.Class("MyObject", properties=[ schema.RepeatedUnorderedProperty("foo", "bar")]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "result"], is_unordered=True, @@ -363,9 +356,8 @@ def test_repeated_optional_property(generate_classes, is_child, prev_child): schema.RepeatedOptionalProperty("foo", "bar", is_child=is_child)]), ]) == { - "FakeRoot.qll": (a_ql_stub(name="FakeRoot", base_import=gen_import_prefix + "FakeRoot"), - a_ql_class(name="FakeRoot", final=True)), - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "FakeRoot.qll": (a_ql_stub(name="FakeRoot"), a_ql_class(name="FakeRoot", final=True)), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", plural="Foos", type="bar", tablename="my_object_foos", tableparams=["this", "index", "result"], is_optional=True, @@ -380,7 +372,7 @@ def test_predicate_property(generate_classes): schema.Class("MyObject", properties=[ schema.PredicateProperty("is_foo")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="isFoo", type="predicate", tablename="my_object_is_foo", tableparams=["this"], is_predicate=True, doc="this my object is foo"), @@ -395,7 +387,7 @@ def test_single_class_property(generate_classes, is_child, prev_child): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "Bar", is_child=is_child)]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class( name="MyObject", final=True, imports=[stub_import_prefix + "Bar"], properties=[ ql.Property(singular="Foo", type="Bar", tablename="my_objects", @@ -404,8 +396,7 @@ def test_single_class_property(generate_classes, is_child, prev_child): prev_child=prev_child, doc="foo of this my object"), ], )), - "Bar.qll": (a_ql_stub(name="Bar", base_import=gen_import_prefix + "Bar"), - a_ql_class(name="Bar", final=True)), + "Bar.qll": (a_ql_stub(name="Bar"), a_ql_class(name="Bar", final=True)), } @@ -414,8 +405,7 @@ def test_class_with_doc(generate_classes): assert generate_classes([ schema.Class("A", doc=doc), ]) == { - "A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "A"), - a_ql_class(name="A", final=True, doc=doc)), + "A.qll": (a_ql_stub(name="A"), a_ql_class(name="A", final=True, doc=doc)), } @@ -425,9 +415,8 @@ def test_class_dir(generate_classes): schema.Class("A", derived={"B"}, group=dir), schema.Class("B", bases=["A"]), ]) == { - f"{dir}/A.qll": (a_ql_stub(name="A", base_import=gen_import_prefix + "another.rel.path.A"), - a_ql_class(name="A", dir=pathlib.Path(dir))), - "B.qll": (a_ql_stub(name="B", base_import=gen_import_prefix + "B"), + f"{dir}/A.qll": (a_ql_stub(name="A", import_prefix="another.rel.path."), a_ql_class(name="A", dir=pathlib.Path(dir))), + "B.qll": (a_ql_stub(name="B"), a_ql_class(name="B", final=True, bases=["A"], imports=[stub_import_prefix + "another.rel.path.A"])), } @@ -586,11 +575,11 @@ def test_test_partial_properties(opts, generate_tests): type="bool")), "B/B_getZ.ql": a_ql_property_tester(class_name="B", property=ql.PropertyForTest(getter="getZ", is_total=False, - is_indexed=True, - type="int")), + is_indexed=True, + type="int")), "B/B_getAW.ql": a_ql_property_tester(class_name="B", property=ql.PropertyForTest(getter="getAW", is_total=False, - type="string")), + type="string")), } @@ -611,7 +600,7 @@ def test_test_properties_deduplicated(opts, generate_tests): ]), "Final/Final_getY.ql": a_ql_property_tester(class_name="Final", property=ql.PropertyForTest(getter="getY", is_total=False, - is_indexed=True, + is_indexed=True, type="bool")), } @@ -706,7 +695,7 @@ def test_property_description(generate_classes): schema.SingleProperty("foo", "bar", description=description), ]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -722,7 +711,7 @@ def test_property_doc_override(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar", doc="baz")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -737,7 +726,7 @@ def test_repeated_property_doc_override(generate_classes): schema.RepeatedProperty("x", "int", doc="children of this"), schema.RepeatedOptionalProperty("y", "int", doc="child of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -759,7 +748,7 @@ def test_property_doc_abbreviations(generate_classes, abbr, expected): schema.Class("Object", properties=[ schema.SingleProperty(f"foo_{abbr}_bar", "baz")]), ]) == { - "Object.qll": (a_ql_stub(name="Object", base_import=gen_import_prefix + "Object"), + "Object.qll": (a_ql_stub(name="Object"), a_ql_class(name="Object", final=True, properties=[ ql.Property(singular=f"Foo{abbr.capitalize()}Bar", type="baz", @@ -776,7 +765,7 @@ def test_property_doc_abbreviations_ignored_if_within_word(generate_classes, abb schema.Class("Object", properties=[ schema.SingleProperty(f"foo_{abbr}acadabra_bar", "baz")]), ]) == { - "Object.qll": (a_ql_stub(name="Object", base_import=gen_import_prefix + "Object"), + "Object.qll": (a_ql_stub(name="Object"), a_ql_class(name="Object", final=True, properties=[ ql.Property(singular=f"Foo{abbr.capitalize()}acadabraBar", type="baz", @@ -792,7 +781,7 @@ def test_repeated_property_doc_override_with_format(generate_classes): schema.RepeatedProperty("x", "int", doc="special {children} of this"), schema.RepeatedOptionalProperty("y", "int", doc="special {child} of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -815,7 +804,7 @@ def test_repeated_property_doc_override_with_multiple_formats(generate_classes): schema.RepeatedProperty("x", "int", doc="{cat} or {dog}"), schema.RepeatedOptionalProperty("y", "int", doc="{cats} or {dogs}")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="X", plural="Xes", type="int", @@ -835,7 +824,7 @@ def test_property_doc_override_with_format(generate_classes): schema.Class("MyObject", properties=[ schema.SingleProperty("foo", "bar", doc="special {baz} of this")]), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -850,7 +839,7 @@ def test_property_on_class_with_default_doc_name(generate_classes): schema.SingleProperty("foo", "bar")], default_doc_name="baz"), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject"), + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, properties=[ ql.Property(singular="Foo", type="bar", tablename="my_objects", @@ -863,7 +852,7 @@ def test_stub_on_class_with_ipa_from_class(generate_classes): assert generate_classes([ schema.Class("MyObject", ipa=schema.IpaInfo(from_class="A")), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject", ipa_accessors=[ + "MyObject.qll": (a_ql_stub(name="MyObject", ipa_accessors=[ ql.IpaUnderlyingAccessor(argument="Entity", type="Raw::A", constructorparams=["result"]), ]), a_ql_class(name="MyObject", final=True, ipa=True)), @@ -874,7 +863,7 @@ def test_stub_on_class_with_ipa_on_arguments(generate_classes): assert generate_classes([ schema.Class("MyObject", ipa=schema.IpaInfo(on_arguments={"base": "A", "index": "int", "label": "string"})), ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject", base_import=gen_import_prefix + "MyObject", ipa_accessors=[ + "MyObject.qll": (a_ql_stub(name="MyObject", ipa_accessors=[ ql.IpaUnderlyingAccessor(argument="Base", type="Raw::A", constructorparams=["result", "_", "_"]), ql.IpaUnderlyingAccessor(argument="Index", type="int", constructorparams=["_", "result", "_"]), ql.IpaUnderlyingAccessor(argument="Label", type="string", constructorparams=["_", "_", "result"]), @@ -883,5 +872,38 @@ def test_stub_on_class_with_ipa_on_arguments(generate_classes): } +def test_hideable_class(generate_classes): + assert generate_classes([ + schema.Class("MyObject", hideable=True), + ]) == { + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable=True)), + } + + +def test_hideable_root_class(generate_classes): + assert generate_classes([ + schema.Class("MyObject", hideable_root=True), + ]) == { + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable_root=True)), + } + + +def test_hideable_property(generate_classes): + assert generate_classes([ + schema.Class("MyObject", hideable=True), + schema.Class("Other", properties=[ + schema.SingleProperty("x", "MyObject"), + ]), + ]) == { + "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable=True)), + "Other.qll": (a_ql_stub(name="Other"), + a_ql_class(name="Other", imports=[stub_import_prefix + "MyObject"], + final=True, properties=[ + ql.Property(singular="X", type="MyObject", tablename="others", type_is_hideable=True, + tableparams=["this", "result"], doc="x of this other"), + ])), + } + + if __name__ == '__main__': sys.exit(pytest.main([__file__] + sys.argv[1:])) diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index a28e6ba533b..c6b98069ef7 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -374,14 +374,14 @@ lib/codeql/swift/generated/Comment.qll f58b49f6e68c21f87c51e2ff84c8a64b09286d733 lib/codeql/swift/generated/DbFile.qll a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc lib/codeql/swift/generated/DbLocation.qll b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 lib/codeql/swift/generated/Diagnostics.qll d2ee2db55e932dcaee95fcc1164a51ffbe1a78d86ee0f50aabb299b458462afe 566d554d579cadde26dc4d1d6b1750ca800511201b737b629f15b6f873af3733 -lib/codeql/swift/generated/Element.qll 81a01c1965cf8154596c753b20536ef8630b30567d8c077660ab2d11143f060b 74f5c76db5ec82a9c1675ec0282acd44f1a86ef447d1961c47aea3eed50f79cb +lib/codeql/swift/generated/Element.qll 5293995513d2461a0358ca73c723eddbe1c55c140531ba75d52b03b5e3137016 74f5c76db5ec82a9c1675ec0282acd44f1a86ef447d1961c47aea3eed50f79cb lib/codeql/swift/generated/ErrorElement.qll 4b032abe8ffb71376a29c63e470a52943ace2527bf7b433c97a8bf716f9ad102 4f2b1be162a5c275e3264dbc51bf98bce8846d251be8490a0d4b16cbc85f630f lib/codeql/swift/generated/File.qll f88c485883dd9b2b4a366080e098372912e03fb3177e5cae58aa4449c2b03399 0333c49e3a11c48e6146a7f492ee31ac022d80150fc3f8bfafc3c8f94d66ff76 lib/codeql/swift/generated/KeyPathComponent.qll 00b1e586b8532f0193b3f61111e70d4e595f3d45c7a25ff68114be1051882491 c556e85b21fc5a5aae12fb5599a96442431ef44ae92350eb7da9efe6a22efd53 lib/codeql/swift/generated/Locatable.qll bfdf2dafae2829cac8d1e863a93676228d131b5a7f3df87c40d2f3b1839962b8 af243098af0955a40862387edf7526826fde62a64e5e6ca28de9e9603a8622bf lib/codeql/swift/generated/Location.qll 921922352d39449067d9f2788309b5f3490091097ffe35e6aa98f9368626ce2c 0795c63565c4308e745400bc70ea73675160201590a95bb418de4e2ebca32764 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll f490202e849b9cbd550ee9d758644b85d43e60d81413e6c28df2850fb1e9a2d6 6b95aeab6b53a880b230ad0c96b6deb519a7368898c844632ae96090de59df99 +lib/codeql/swift/generated/ParentChild.qll 727205c3f85c042a9a33c6a33da3843493ec7273c5cc07b92e82b90b140828c7 2d34bb73116390a1386b47443f7fe8b7f013078398e1f3387dba1c8522000aaa lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 09c48606353..958f4ec60a3 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -5299,6 +5299,10 @@ private module Impl { or result = getImmediateChildOfVariadicSequenceType(e, index, partialAccessor) } + + Element resolve(Element e) { + if e instanceof Element then result = e.(Element).resolve() else result = e + } } /** @@ -5326,7 +5330,7 @@ Element getImmediateChildAndAccessor(Element e, int index, string accessor) { */ Element getChildAndAccessor(Element e, int index, string accessor) { exists(string partialAccessor | - result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and + result = Impl::resolve(Impl::getImmediateChild(e, index, partialAccessor)) and accessor = "get" + partialAccessor ) } diff --git a/swift/schema.py b/swift/schema.py index 8fc0941e171..f2d1283974f 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -14,6 +14,7 @@ from misc.codegen.lib.schemadefs import * include("prefix.dbscheme") @qltest.skip +@ql.hideable class Element: is_unknown: predicate | cpp.skip From b19194bd06794da7655f2e5eba032c8a14947ab1 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 10:30:09 +0200 Subject: [PATCH 072/210] Swift: make only `Expr`, `Pattern` and `Type` hideable --- swift/ql/.generated.list | 173 ++++++++--------- swift/ql/.gitattributes | 1 + .../swift/controlflow/internal/Completion.qll | 6 +- .../internal/ControlFlowGraphImpl.qll | 46 +++-- swift/ql/lib/codeql/swift/elements.qll | 1 + .../ql/lib/codeql/swift/elements/Element.qll | 11 -- .../codeql/swift/elements/HideableElement.qll | 14 ++ .../lib/codeql/swift/elements/Locatable.qll | 6 +- .../codeql/swift/elements/UnknownLocation.qll | 2 +- .../swift/elements/UnspecifiedElement.qll | 2 +- .../swift/elements/expr/MethodLookupExpr.qll | 2 +- .../swift/generated/AvailabilityInfo.qll | 15 +- .../lib/codeql/swift/generated/Callable.qll | 64 +------ .../ql/lib/codeql/swift/generated/Element.qll | 17 -- .../swift/generated/HideableElement.qll | 25 +++ .../swift/generated/KeyPathComponent.qll | 32 +--- .../lib/codeql/swift/generated/Locatable.qll | 15 +- .../lib/codeql/swift/generated/Location.qll | 15 +- .../codeql/swift/generated/ParentChild.qll | 178 ++++++++++-------- swift/ql/lib/codeql/swift/generated/Raw.qll | 11 +- swift/ql/lib/codeql/swift/generated/Synth.qll | 39 +++- .../swift/generated/UnspecifiedElement.qll | 15 +- .../generated/decl/AbstractStorageDecl.qll | 15 +- .../swift/generated/decl/CapturedDecl.qll | 15 +- .../lib/codeql/swift/generated/decl/Decl.qll | 30 +-- .../swift/generated/decl/EnumCaseDecl.qll | 15 +- .../swift/generated/decl/EnumElementDecl.qll | 15 +- .../swift/generated/decl/ExtensionDecl.qll | 30 +-- .../swift/generated/decl/GenericContext.qll | 15 +- .../swift/generated/decl/IfConfigDecl.qll | 15 +- .../swift/generated/decl/ImportDecl.qll | 30 +-- .../generated/decl/InfixOperatorDecl.qll | 15 +- .../swift/generated/decl/ModuleDecl.qll | 32 +--- .../swift/generated/decl/NominalTypeDecl.qll | 2 +- .../swift/generated/decl/OpaqueTypeDecl.qll | 17 +- .../codeql/swift/generated/decl/ParamDecl.qll | 38 +--- .../generated/decl/PatternBindingDecl.qll | 4 +- .../generated/decl/PoundDiagnosticDecl.qll | 2 +- .../swift/generated/decl/SubscriptDecl.qll | 17 +- .../swift/generated/decl/TopLevelCodeDecl.qll | 15 +- .../swift/generated/decl/TypeAliasDecl.qll | 2 +- .../codeql/swift/generated/decl/TypeDecl.qll | 2 +- .../codeql/swift/generated/decl/ValueDecl.qll | 2 +- .../codeql/swift/generated/decl/VarDecl.qll | 92 ++------- .../expr/AppliedPropertyWrapperExpr.qll | 15 +- .../codeql/swift/generated/expr/ApplyExpr.qll | 15 +- .../codeql/swift/generated/expr/Argument.qll | 2 +- .../swift/generated/expr/CaptureListExpr.qll | 15 +- .../swift/generated/expr/DeclRefExpr.qll | 15 +- .../generated/expr/DefaultArgumentExpr.qll | 15 +- .../swift/generated/expr/EnumIsCaseExpr.qll | 15 +- .../lib/codeql/swift/generated/expr/Expr.qll | 3 +- .../swift/generated/expr/KeyPathExpr.qll | 30 +-- .../swift/generated/expr/LookupExpr.qll | 15 +- .../swift/generated/expr/ObjCSelectorExpr.qll | 15 +- .../generated/expr/ObjectLiteralExpr.qll | 15 +- .../expr/OtherInitializerRefExpr.qll | 15 +- .../generated/expr/OverloadedDeclRefExpr.qll | 15 +- .../expr/RebindSelfInInitializerExpr.qll | 15 +- .../swift/generated/expr/SubscriptExpr.qll | 15 +- .../swift/generated/expr/SuperRefExpr.qll | 15 +- .../codeql/swift/generated/expr/TapExpr.qll | 30 +-- .../codeql/swift/generated/expr/TypeExpr.qll | 15 +- .../generated/pattern/EnumElementPattern.qll | 15 +- .../swift/generated/pattern/IsPattern.qll | 15 +- .../swift/generated/pattern/Pattern.qll | 3 +- .../swift/generated/pattern/TypedPattern.qll | 15 +- .../codeql/swift/generated/stmt/BraceStmt.qll | 15 +- .../codeql/swift/generated/stmt/BreakStmt.qll | 15 +- .../swift/generated/stmt/CaseLabelItem.qll | 4 +- .../codeql/swift/generated/stmt/CaseStmt.qll | 45 +---- .../swift/generated/stmt/ConditionElement.qll | 21 +-- .../swift/generated/stmt/ContinueStmt.qll | 15 +- .../codeql/swift/generated/stmt/DeferStmt.qll | 15 +- .../swift/generated/stmt/DoCatchStmt.qll | 30 +-- .../codeql/swift/generated/stmt/DoStmt.qll | 15 +- .../swift/generated/stmt/FallthroughStmt.qll | 30 +-- .../swift/generated/stmt/ForEachStmt.qll | 21 +-- .../codeql/swift/generated/stmt/GuardStmt.qll | 15 +- .../codeql/swift/generated/stmt/IfStmt.qll | 30 +-- .../generated/stmt/LabeledConditionalStmt.qll | 15 +- .../swift/generated/stmt/PoundAssertStmt.qll | 2 +- .../swift/generated/stmt/RepeatWhileStmt.qll | 17 +- .../swift/generated/stmt/ReturnStmt.qll | 2 +- .../swift/generated/stmt/StmtCondition.qll | 15 +- .../swift/generated/stmt/SwitchStmt.qll | 17 +- .../codeql/swift/generated/stmt/ThrowStmt.qll | 2 +- .../codeql/swift/generated/stmt/WhileStmt.qll | 15 +- .../codeql/swift/generated/stmt/YieldStmt.qll | 2 +- .../swift/generated/type/AnyGenericType.qll | 15 +- .../swift/generated/type/ArchetypeType.qll | 15 +- .../generated/type/DependentMemberType.qll | 15 +- .../swift/generated/type/ModuleType.qll | 15 +- .../type/OpaqueTypeArchetypeType.qll | 15 +- .../lib/codeql/swift/generated/type/Type.qll | 4 +- .../swift/generated/type/TypeAliasType.qll | 15 +- .../codeql/swift/generated/type/TypeRepr.qll | 2 +- .../codeql/swift/printast/PrintAstNode.qll | 4 +- swift/ql/lib/swift.dbscheme | 8 +- swift/schema.py | 11 +- 100 files changed, 454 insertions(+), 1471 deletions(-) create mode 100644 swift/ql/lib/codeql/swift/elements/HideableElement.qll create mode 100644 swift/ql/lib/codeql/swift/generated/HideableElement.qll diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index c6b98069ef7..3de24cd5c71 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -365,80 +365,81 @@ lib/codeql/swift/elements/type/VariadicSequenceType.qll 325e4c4481e9ac07acdc6aeb lib/codeql/swift/elements/type/VariadicSequenceTypeConstructor.qll 0d1d2328a3b5e503a883e7e6d7efd0ca5e7f2633abead9e4c94a9f98ed3cb223 69bff81c1b9413949eacb9298d2efb718ea808e68364569a1090c9878c4af856 lib/codeql/swift/elements/type/WeakStorageType.qll 7c07739cfc1459f068f24fef74838428128054adf611504d22532e4a156073e7 9c968414d7cc8d672f3754bced5d4f83f43a6d7872d0d263d79ff60483e1f996 lib/codeql/swift/elements/type/WeakStorageTypeConstructor.qll d88b031ef44d6de14b3ddcff2eb47b53dbd11550c37250ff2edb42e5d21ec3e9 26d855c33492cf7a118e439f7baeed0e5425cfaf058b1dcc007eca7ed765c897 -lib/codeql/swift/elements.qll 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd +lib/codeql/swift/elements.qll cba02ae777269061af0713f6b003c97679434ddc8b2e871fc00c5d17c5265d2a cba02ae777269061af0713f6b003c97679434ddc8b2e871fc00c5d17c5265d2a lib/codeql/swift/generated/AstNode.qll 02ca56d82801f942ae6265c6079d92ccafdf6b532f6bcebd98a04029ddf696e4 6216fda240e45bd4302fa0cf0f08f5f945418b144659264cdda84622b0420aa2 -lib/codeql/swift/generated/AvailabilityInfo.qll c648a66cf45414c85cf9cc69aa05b765a49d0c18cd9c101c34f99a9adc38a1ee 54ba7b07b4177d35e85d19363aa7adcda29cda185a5818e5fcb7c678c093e0ba +lib/codeql/swift/generated/AvailabilityInfo.qll 1e38e7f52ccbcecd4dd088eae15c482d87911682dabb426332cc0e207fc6bf2f 7c6640530cdbece90d4172e8d6cfd119656860da08bb61ed4ef3a6757723994f lib/codeql/swift/generated/AvailabilitySpec.qll fb1255f91bb5e41ad4e9c675a2efbc50d0fb366ea2de68ab7eebd177b0795309 144e0c2e7d6c62ecee43325f7f26dcf437881edf0b75cc1bc898c6c4b61fdeaf -lib/codeql/swift/generated/Callable.qll 9dcf09a2f227dd6f569f007a07fb368d6b928ffd002535bb97118361430d948c 5c203f5f6b4f8b6748e61e09bb46c55442a2fb36f2d1fa950e6f81bdda562709 +lib/codeql/swift/generated/Callable.qll c1f214f5ea4da567d3cf2ac4915630ae1e19c939d2aa64cdd5ab06e76de059dc c43fd17a89d016a31584de10e4d4988f3ea10dc26d6b59b3151bb3196e9f0689 lib/codeql/swift/generated/Comment.qll f58b49f6e68c21f87c51e2ff84c8a64b09286d733e86f70d67d3a98fe6260bd6 975bbb599a2a7adc35179f6ae06d9cbc56ea8a03b972ef2ee87604834bc6deb1 lib/codeql/swift/generated/DbFile.qll a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc lib/codeql/swift/generated/DbLocation.qll b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 lib/codeql/swift/generated/Diagnostics.qll d2ee2db55e932dcaee95fcc1164a51ffbe1a78d86ee0f50aabb299b458462afe 566d554d579cadde26dc4d1d6b1750ca800511201b737b629f15b6f873af3733 -lib/codeql/swift/generated/Element.qll 5293995513d2461a0358ca73c723eddbe1c55c140531ba75d52b03b5e3137016 74f5c76db5ec82a9c1675ec0282acd44f1a86ef447d1961c47aea3eed50f79cb +lib/codeql/swift/generated/Element.qll 1c6a757f3c1218b02a98f075b2cfb5bd0cc31dff31bd1d04acdf4d4f040dee45 a3221cd9250706e6313a82450466326e5a1e6ffa5ae0b308e943d0979d03919e lib/codeql/swift/generated/ErrorElement.qll 4b032abe8ffb71376a29c63e470a52943ace2527bf7b433c97a8bf716f9ad102 4f2b1be162a5c275e3264dbc51bf98bce8846d251be8490a0d4b16cbc85f630f lib/codeql/swift/generated/File.qll f88c485883dd9b2b4a366080e098372912e03fb3177e5cae58aa4449c2b03399 0333c49e3a11c48e6146a7f492ee31ac022d80150fc3f8bfafc3c8f94d66ff76 -lib/codeql/swift/generated/KeyPathComponent.qll 00b1e586b8532f0193b3f61111e70d4e595f3d45c7a25ff68114be1051882491 c556e85b21fc5a5aae12fb5599a96442431ef44ae92350eb7da9efe6a22efd53 -lib/codeql/swift/generated/Locatable.qll bfdf2dafae2829cac8d1e863a93676228d131b5a7f3df87c40d2f3b1839962b8 af243098af0955a40862387edf7526826fde62a64e5e6ca28de9e9603a8622bf -lib/codeql/swift/generated/Location.qll 921922352d39449067d9f2788309b5f3490091097ffe35e6aa98f9368626ce2c 0795c63565c4308e745400bc70ea73675160201590a95bb418de4e2ebca32764 +lib/codeql/swift/generated/HideableElement.qll 0eb3bb2fd9fb2b5ba444f4cd1aa4f91c87926618dcfa0051b048cf9d63f9602e 0eb3bb2fd9fb2b5ba444f4cd1aa4f91c87926618dcfa0051b048cf9d63f9602e +lib/codeql/swift/generated/KeyPathComponent.qll c79c7bc04fc1426992ab472eedc1a20a7aa496ff3f43305400022f1a02ba44f4 a9935b68b511329d157bcd7a7d27aa4803d2163306db8b41808a2b736f80f4d8 +lib/codeql/swift/generated/Locatable.qll be20967d48a34cdba126fe298606e0adc11697831f097acba9c52a0b7ce9983e 8aa01bc376614abbc3209e25785c72f86c9b4e94bb5f471a4a0677fedaec4f61 +lib/codeql/swift/generated/Location.qll c5793987e77812059a28254dadee29bfe9b38153c0399fbb1bf6a2f5c237fdab 6e6d8802b021e36bbaad81845657769dd48a798ea33080ada05e9818a20b38f7 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll 727205c3f85c042a9a33c6a33da3843493ec7273c5cc07b92e82b90b140828c7 2d34bb73116390a1386b47443f7fe8b7f013078398e1f3387dba1c8522000aaa +lib/codeql/swift/generated/ParentChild.qll ffec94e3ee076ff73dd7b4e6561c8d8c1f9a198547085baa40a1e5e28adc5827 a28adf13137431f55ce218ade6848bf5b853d3f27315765e9e6c45032c02ddd3 lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 -lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 +lib/codeql/swift/generated/Raw.qll 56e12381886fe9eb6aef74968cb542e179116ad6722640a21bda37f1d9d26e77 ae93d0caebecf3ce593c95887b44cd1686b5c7e989d5cce4bb39d97312c3cb68 +lib/codeql/swift/generated/Synth.qll 14dbc93375bcde4d792c1ec6157ee9c825119dcc9de31bcfeea56b3636f32d27 e84970ed295aa0af59135ee09b9cddbd6a26dcbce3baaf0e2a958b0552aac6d1 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 lib/codeql/swift/generated/UnknownLocation.qll e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 -lib/codeql/swift/generated/UnspecifiedElement.qll e121c84a2990fe314ab0756832776fe98fbc41f295d532b6e154aca1c5513b13 ee70eedad752175dbeee83c07fdb2ae7f4fa080fec7ba2be408469dfa11a0b4a -lib/codeql/swift/generated/decl/AbstractStorageDecl.qll 8ed642e35b066cc65b3d8ad16cf6c726cf0b3802330b0c3d3ba87b34451005d1 3474ad1468f09bf63f3582468ed97e9ed3b3ee61db90a4d31966cc97d9ca1b18 +lib/codeql/swift/generated/UnspecifiedElement.qll 2b66070944ad36316476b6bf8a811131ca6d4232591353b2b23e881b547463cc c9bff46bcb6f6d106eb57ab8bb04584d9a0b2513abdc1be6e98c0bd227c5f1e0 +lib/codeql/swift/generated/decl/AbstractStorageDecl.qll 4e827d05b3b98c043f925a3bd9c00622da3dc6e3d3406f5a18b2c3a684e3774f 47e5767a6f9a87f848cccce651d8c40af8aa3e0e727fc147cbf4d5a2a3e483d9 lib/codeql/swift/generated/decl/AbstractTypeParamDecl.qll 1e268b00d0f2dbbd85aa70ac206c5e4a4612f06ba0091e5253483635f486ccf9 5479e13e99f68f1f347283535f8098964f7fd4a34326ff36ad5711b2de1ab0d0 lib/codeql/swift/generated/decl/Accessor.qll c93cdf7dbb87e6c9b09b5fcf469b952041f753914a892addeb24bb46eaa51d29 1e8104da2da146d3e4d8f5f96b87872e63162e53b46f9c7038c75db51a676599 lib/codeql/swift/generated/decl/AccessorOrNamedFunction.qll b78aaef06cdaa172dce3e1dcd6394566b10ce445906e3cf67f6bef951b1662a4 a30d9c2ff79a313c7d0209d72080fdc0fabf10379f8caed5ff2d72dc518f8ad3 lib/codeql/swift/generated/decl/AssociatedTypeDecl.qll 4169d083104f9c089223ed3c5968f757b8cd6c726887bbb6fbaf21f5ed7ee144 4169d083104f9c089223ed3c5968f757b8cd6c726887bbb6fbaf21f5ed7ee144 -lib/codeql/swift/generated/decl/CapturedDecl.qll f8b69887acb35cc8de572984fef83eb08649845b49179b68d3afef36b526bddb 94ab461ef9ab5983dece5e2b1865b6056e381e5c06f2a3ec4dfde634a9368e59 +lib/codeql/swift/generated/decl/CapturedDecl.qll bdc7479fd577a8830cf0672763656e0269f02681f40890c64ae3f413655589ef 4380339650dfbed9c4846691f0c4bc0aea51a8e11112add54e0add2222dff8a0 lib/codeql/swift/generated/decl/ClassDecl.qll a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 a60e8af2fdbcd20cfa2049660c8bcbbc00508fbd3dde72b4778317dfc23c5ae4 lib/codeql/swift/generated/decl/ConcreteVarDecl.qll 4801ccc477480c4bc4fc117976fbab152e081064e064c97fbb0f37199cb1d0a8 4d7cfbf5b39b307dd673781adc220fdef04213f2e3d080004fa658ba6d3acb8d -lib/codeql/swift/generated/decl/Decl.qll 1d620c8e43df3cb46e5446dc9f6592205040c4d2b03c2ce1e491d7628f8904d0 b02514d7548a5a1dca39a148974a1b4dfeb681ebf81ad80f78d53ea48bab6133 +lib/codeql/swift/generated/decl/Decl.qll f3ab9f78b789ad2b47c473e0c8949507841d4f0e675af5f361ec274ad5230be6 fed6509f9267cc7663b5a5ceb0f27e368c662b98a0367b2efdac20eef80cbc0a lib/codeql/swift/generated/decl/Deinitializer.qll 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe 816ecd92552915d06952517606a6e4c67bc53d7e7d9f5c09b7276e70612627fe -lib/codeql/swift/generated/decl/EnumCaseDecl.qll 564718862a9fd5b99427591a83921bf57aac2074041b5b335577599e8eefda16 90899d7d7a9c695576ae4b24d19deb05e45e0e85c954ab41de154d5cc521019e +lib/codeql/swift/generated/decl/EnumCaseDecl.qll 7370ff068f6650c74f324fbcad8782067fa42ff12d57cc5f6320df6d55357c97 9044207eb9592c68c8d36af570e45b7dbb5af00e00ded65793d08cea3ee6410b lib/codeql/swift/generated/decl/EnumDecl.qll fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 -lib/codeql/swift/generated/decl/EnumElementDecl.qll 41cad9be29b7afd56ba312ce00650ed89bffec2e2aaeed7bf26cd3dc0edb502e 33ac9ee5b205d32e5cf6a31f3f4bfd0f60b49fb0265200fd9e4dbbd5426fff02 -lib/codeql/swift/generated/decl/ExtensionDecl.qll 5472aa7cea119b68571065143fb4b2e335df003184efe8b8f28a98fd3ca3691e f65c8b078d1c34047cc66f5eb75dae8243e7aa42a7f3f2c21ea1ccf76eb9e7b9 +lib/codeql/swift/generated/decl/EnumElementDecl.qll 53074d5ae6249ca07c44879f4662b4d0478418cd8bd60c5511db52cf00942cc2 c38469c60df7c14d9d9c426600d1648dc1db177bd27ba1116649c48337b95358 +lib/codeql/swift/generated/decl/ExtensionDecl.qll 51cdf6227526fc769d4361b821d01e20a2b508ad8289af1002a0a947d8df295f 6a13f93179222f8d0e7e6b5a08dd8583fa0381644847b56509a85e6f008936e6 lib/codeql/swift/generated/decl/Function.qll 92d1fbceb9e96afd00a1dfbfd15cec0063b3cba32be1c593702887acc00a388a 0cbae132d593b0313a2d75a4e428c7f1f07a88c1f0491a4b6fa237bb0da71df3 -lib/codeql/swift/generated/decl/GenericContext.qll 5bbed6687f985dc8e812e48ae6ac17ec98d6cfccc6a72bee82afde58ccad07f7 ef7a2fa2646dd619af8f49ed1a12ce880a345dfc36b44e67868d733fc3b309e6 +lib/codeql/swift/generated/decl/GenericContext.qll 9f7e17d11bf898429a921ba7726b07aab382c97f8326bd186f2bded3d090852c 14d558b6e498d49b850f862d85091a11954dad13f16c60f700cf2c66fa37c473 lib/codeql/swift/generated/decl/GenericTypeDecl.qll 71f5c9c6078567dda0a3ac17e2d2d590454776b2459267e31fed975724f84aec 669c5dbd8fad8daf007598e719ac0b2dbcb4f9fad698bffb6f1d0bcd2cee9102 lib/codeql/swift/generated/decl/GenericTypeParamDecl.qll bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 -lib/codeql/swift/generated/decl/IfConfigDecl.qll 07ae599c23c75d4a1fc7f188dce70cf1ded749368274f071b5b9639b5e54f69a ef8dc3f91edf40b9f8e84672060cea0de1a9c6545fd7aadb80225d3ca8f883e9 -lib/codeql/swift/generated/decl/ImportDecl.qll 1adafa6660d0b3968d1ee8cbcb4632d3b3baaa8a72874d3c9c0f6185eac4bc3e 8e68a538da2bac088001427cbdf6234cfe33071f82193aa52dc99cb9be893f2d -lib/codeql/swift/generated/decl/InfixOperatorDecl.qll 3d94018c33422b6fbe18348d0d47c0747358777501155d49abd3c8f5012c8a5d 855b73306f510828ad30555d6bba98cd9eab918de9e78696921ccac584828fd6 +lib/codeql/swift/generated/decl/IfConfigDecl.qll 085e2c70d3e158b7f3d3d3ade94593f1331d681d07da8a968c537830a67a62fe 19bb842314e8edb6a8dce4d78ec8043a527f13569da8be4ad03ba876a09998a5 +lib/codeql/swift/generated/decl/ImportDecl.qll 542405d7a75659d048d1ff8894a0cc0d357802c2936407ec39b7e4f69d2dd864 41ee9a9f1fc8068db587ac786145cf50f74f74161555ca94b502a57cca23288a +lib/codeql/swift/generated/decl/InfixOperatorDecl.qll 3da133c325380fbc10448b731d5826959056ca861d3a0661e7c37694e5ccb208 bb81c8e1597a1fb7e791e3c4c4ed28a73c442591bff2b12d13a7a327a7b6db08 lib/codeql/swift/generated/decl/Initializer.qll a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 lib/codeql/swift/generated/decl/MissingMemberDecl.qll eaf8989eda461ec886a2e25c1e5e80fc4a409f079c8d28671e6e2127e3167479 d74b31b5dfa54ca5411cd5d41c58f1f76cfccc1e12b4f1fdeed398b4faae5355 -lib/codeql/swift/generated/decl/ModuleDecl.qll dd7bef7f19a5d2f57f0168eda80796ed8a74c7a136b3dc0cb289c3f750ef9a25 652d44d1ac5e31e4ccf4c5d29f2c5b985c68c4254458c3bfce09c2a821631f8f +lib/codeql/swift/generated/decl/ModuleDecl.qll b080281f68ef9943f6b0a808a151375fa8bc7539baaa55689abc16aa9024ff13 f948fd2545b9535335f857d7303a0b7c77ccf62ec49ed066726c6a77b273e5f8 lib/codeql/swift/generated/decl/NamedFunction.qll e8c23d8344768fb7ffe31a6146952fb45f66e25c2dd32c91a6161aaa612e602f e8c23d8344768fb7ffe31a6146952fb45f66e25c2dd32c91a6161aaa612e602f -lib/codeql/swift/generated/decl/NominalTypeDecl.qll 64914282b062364d81b013922069404d49b8c8830cc23944281d023779a9925c 72d45c5b6073cb32e6df6b62c2c919be50314d9380b955035cfadf500b3dbccf -lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll 4dc0fc09fe314cdc6788adb4a93e87a7c8121e3fecaada19a436321d248d377a 4e20e1820ddf7b23268707a2b98bbafc400219533f357189a267f8e35b89226e +lib/codeql/swift/generated/decl/NominalTypeDecl.qll 3c935fff267db6b6339cadfec9c28764db105a2f1391a28de3d95a3fd156b2ab 14cb4f115b4c09dcdb5d276be4b3b60406486e0acca9d11458d25d0f467ef0ed +lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll b07bcb944d6adff06dad06f8b77729044399e9a2747354e71e55605fb850c705 7e415f4d88f313e52fe6fb908cfac39066ec1302bcbb4ae07ad05b46a86d6b91 lib/codeql/swift/generated/decl/OperatorDecl.qll 3ffdc7ab780ee94a975f0ce3ae4252b52762ca8dbea6f0eb95f951e404c36a5b 25e39ccd868fa2d1fbce0eb7cbf8e9c2aca67d6fd42f76e247fb0fa74a51b230 -lib/codeql/swift/generated/decl/ParamDecl.qll f5d2c9e40aa8a1a77793a6d66fc6b55ded11295ee996b883117ffd6ee2523441 e0137535d7eac959ed10b06ad769b8225c0fadeea03030c7b30191884234e9b9 -lib/codeql/swift/generated/decl/PatternBindingDecl.qll e598dc0ed9373b4ca9646cc7c408f65db6b40d4281c8cfcecd09524df81bfac8 2ff3fe7fd32004649a0d41a0bf6857ac48d3a7b2dd87f5c1ffd9d5eea0673551 +lib/codeql/swift/generated/decl/ParamDecl.qll 21c8c035eaaa0fccc184ac073cea09fb39ee6f72b7d69a7119e38fc88f7ed997 486c55bd555569bae1fb4869745e83910a9635b2ad7d62652889562fcf98a42b +lib/codeql/swift/generated/decl/PatternBindingDecl.qll d59f2b05bfd78faefeabf0ab63e135f74e9731f22dec8c9dd65beabf9bc0956b e453d5033a788781320d60eca09d4b044f505720cb23f12ba2ade59203d24f81 lib/codeql/swift/generated/decl/PostfixOperatorDecl.qll 5aa85fa325020b39769fdb18ef97ef63bd28e0d46f26c1383138221a63065083 5aa85fa325020b39769fdb18ef97ef63bd28e0d46f26c1383138221a63065083 -lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll dc867f12579cec4f9fe95b59dfc31ef0df60cccccaf41abc171a86b7fafaf3f2 4474a913c4bf4e8d60f100bf5a0d57cc042c1362b09dd3c9493cc23a75c32e84 +lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll 2cd5dbd6707fd3920d5f402a3b169c4eac4189f4bebb33eb279de6e038e7329b 183f41a3b5ef928ad733d19225c7212633a3ac4752976c19bd8f821ec8553c0e lib/codeql/swift/generated/decl/PrecedenceGroupDecl.qll d0918f238484052a0af902624b671c04eb8d018ee71ef4931c2fdbb74fa5c5d4 d0918f238484052a0af902624b671c04eb8d018ee71ef4931c2fdbb74fa5c5d4 lib/codeql/swift/generated/decl/PrefixOperatorDecl.qll 18f2a1f83ea880775344fbc57ed332e17edba97a56594da64580baeb45e95a5d 18f2a1f83ea880775344fbc57ed332e17edba97a56594da64580baeb45e95a5d lib/codeql/swift/generated/decl/ProtocolDecl.qll 4b03e3c2a7af66e66e8abc40bd2ea35e71959f471669e551f4c42af7f0fd4566 4b03e3c2a7af66e66e8abc40bd2ea35e71959f471669e551f4c42af7f0fd4566 lib/codeql/swift/generated/decl/StructDecl.qll 9343b001dfeec83a6b41e88dc1ec75744d39c397e8e48441aa4d01493f10026a 9343b001dfeec83a6b41e88dc1ec75744d39c397e8e48441aa4d01493f10026a -lib/codeql/swift/generated/decl/SubscriptDecl.qll d08d46ddff0816541b28e231ba83c41cb51b40d7ccf2e0e7465e62e17078c000 0a1f1741bea4d2a7ebde7cbaf1cd0f7730a9845a8fd45d3457dc1b2b63eab900 -lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll e90cc73d62ad6037f1ec200bf8356292fa48b6890762b68e3fba6a129c888fcd d9152cbdfbc8cfb66695ed10a5729abca1b58275616d16d19aae27fb745bf3aa -lib/codeql/swift/generated/decl/TypeAliasDecl.qll 2058a0699ddffabd7d1d554615bd7e9ce26810ef1c6c68601df46e071eb9a10c 94ba93ef3cc1028a3018831e336316e566b6028eee1d81bf4d754dbdbd401ea8 -lib/codeql/swift/generated/decl/TypeDecl.qll cc40d3a105654461a60f982b6bdb21c7e689e695d314eead245bfeeda92a4572 03d89aa4c77dacdc57cd867b4869b26cdb55a06e2ba6faf3dbb9fce8f881786b -lib/codeql/swift/generated/decl/ValueDecl.qll 7b297ed98f5e985b93c9de6be000d67f71796892599ae8274048d8ad6b6183b9 462c983d4163011b2232b684c9a6c3f01114096c4bb7f862d950380f527e3926 -lib/codeql/swift/generated/decl/VarDecl.qll c648a5432d63a547cd381646f9586b4fc72edb2cff8462533449761b1ec57a56 7f2c157975bc1de7a8b6ff980bed790d864a08f1d6c0de39c106d84d2b49b883 +lib/codeql/swift/generated/decl/SubscriptDecl.qll c0bb8fd0d9d363c253251ea4b6cdceebd316708ce61f49e321318f7ce80ea153 dda76edc25ce4b3c31bcd7cc707143e22c3f887658e8071c646668f445b9f601 +lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll f9b4f8b413e5fd3c0d48910013fe2443143d2ee237084cf3e4eb668d5bc8f460 5c85641375f5b9e658c9467f5c4913e50d4228718aad950e94f55a28edbe28c7 +lib/codeql/swift/generated/decl/TypeAliasDecl.qll b9c4baf4a2eb67d21535da5cbb9894945d66b8aecf8bd91cb8aa8c964188c82f a69db19c25da7232a9139400578cb7eda8b56eb55c7c45d38aa50cc0c063947f +lib/codeql/swift/generated/decl/TypeDecl.qll 21d075b1fb55ce2e89ad73e62edbe1ad3ca429ea5a1c6096ca7aca7eaeea9772 c099f32a24d1be26b7b6e7478b481f8086c74f67cc840a843466715afc069784 +lib/codeql/swift/generated/decl/ValueDecl.qll f34e3414f8700150ccd221aed26e58f64ed43d708a3ccb3c50eff5c12f083303 c2926bebba6bfb997f8a610f7bfd13114b21e92ba0243247543984d6ea71a33e +lib/codeql/swift/generated/decl/VarDecl.qll d326cd9d4e892e6ad2f02847e476218d0f1f1ca012c1bfeca7d656af34c870b4 a2cac56e67fdc32d6f33eac180ca4831cd355343280e2d69cd5a8e17a77a89ce lib/codeql/swift/generated/expr/AbiSafeConversionExpr.qll f4c913df3f1c139a0533f9a3a2f2e07aee96ab723c957fc7153d68564e4fdd6d f4c913df3f1c139a0533f9a3a2f2e07aee96ab723c957fc7153d68564e4fdd6d lib/codeql/swift/generated/expr/AnyHashableErasureExpr.qll f450ac8e316def1cd64dcb61411bae191144079df7f313a5973e59dc89fe367f f450ac8e316def1cd64dcb61411bae191144079df7f313a5973e59dc89fe367f lib/codeql/swift/generated/expr/AnyTryExpr.qll e4759465411c215262909d10d729642779340698165aff0a66986c7dfc822832 83ec7fb0f11e2ffe15f3a0c97318121443936733f1adef17e5baa020bca2de29 -lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll de01c3b68c2a37e9f5dee0729838923cc615d436092e78b608b6f6c23e1b4965 612f72046aa2e49b9d494cad590bfae133bd5c00908ed4c8df82730294d21fb8 -lib/codeql/swift/generated/expr/ApplyExpr.qll 798b999f3da5d6b917ff57a0dc1fde149b906ffd72c6df5bc511f6e2d20a7e8b 8bce7f52c4bce1aad5c0b8a195dd1ab6f1d82289e5eb56fca4b7543be7943d15 +lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll b441c3cad6d462ae0736d5e65742d49b280b907e8e250badb0248f501e1e9144 34a691143585fb9b9d7e3ef0b8d3c7250a73da0d323de6ac632472652bc86a1a +lib/codeql/swift/generated/expr/ApplyExpr.qll d97bce0ce47c42feda140c677c204f9d1c92fe1889760034fe8f1cb330f411d3 f7956f6bff4164adacce06ce2134bc6bf2d0e0261c9b5f7b882e04c0df5c8e0c lib/codeql/swift/generated/expr/ArchetypeToSuperExpr.qll e0b665b7389e5d0cb736426b9fd56abfec3b52f57178a12d55073f0776d8e5b7 e0b665b7389e5d0cb736426b9fd56abfec3b52f57178a12d55073f0776d8e5b7 -lib/codeql/swift/generated/expr/Argument.qll 97991761563d806ff0199e69f4c9eda93e324bb40bd41ddec98388c2146cbd6b c231f4e0320700fe64ce43123027516088b877fddde3be18565e01890f6b10ce +lib/codeql/swift/generated/expr/Argument.qll 441daab359d20018113344d026c1ace38a0acff35e68155a69a887a6fdb90684 43106272cfc5d19d60ca07b9bc4e22ff97b2b2451b67ec8884909c574634a337 lib/codeql/swift/generated/expr/ArrayExpr.qll 9894f7838b23c84c4c0ba442b790ada0231c2dc3508fd30735577397a87d9683 90ed566a71551f3549106bd60b972aca0ba52e8a2b787b58a3161634e26e773e lib/codeql/swift/generated/expr/ArrayToPointerExpr.qll afa9d62eb0f2044d8b2f5768c728558fe7d8f7be26de48261086752f57c70539 afa9d62eb0f2044d8b2f5768c728558fe7d8f7be26de48261086752f57c70539 lib/codeql/swift/generated/expr/AssignExpr.qll 97d41626dfe4e474c5e80aaee433641847a91f5c483f6da6cfc016b454545802 4ca02b4a878f0783f7d7788c85ffbb89c8ed6027c7e6d391ea9892256215358a @@ -451,7 +452,7 @@ lib/codeql/swift/generated/expr/BridgeFromObjCExpr.qll b9a6520d01613dfb8c7606177 lib/codeql/swift/generated/expr/BridgeToObjCExpr.qll 31ca13762aee9a6a17746f40ec4e1e929811c81fdadb27c48e0e7ce6a3a6222d 31ca13762aee9a6a17746f40ec4e1e929811c81fdadb27c48e0e7ce6a3a6222d lib/codeql/swift/generated/expr/BuiltinLiteralExpr.qll 052f8d0e9109a0d4496da1ae2b461417951614c88dbc9d80220908734b3f70c6 536fa290bb75deae0517d53528237eab74664958bf7fdbf8041283415dda2142 lib/codeql/swift/generated/expr/CallExpr.qll c7dc105fcb6c0956e20d40f736db35bd7f38f41c3d872858972c2ca120110d36 c7dc105fcb6c0956e20d40f736db35bd7f38f41c3d872858972c2ca120110d36 -lib/codeql/swift/generated/expr/CaptureListExpr.qll 4e94c2c66020f95af615d98756d7c1843c2744b3c1d83f73f24f6153d9d0592b e35e8190904415e2a1fe12857127c90cfaecde4f6f173d16399f45c0264d207c +lib/codeql/swift/generated/expr/CaptureListExpr.qll 671234408ead93c0d6abc453f774a88f0888956e6ad08d5a1c22aec72b2eec46 601e23e0356341fd6287fb9775f0e86bca6a0de46383e0912854e045e501d42c lib/codeql/swift/generated/expr/CheckedCastExpr.qll 146c24e72cda519676321d3bdb89d1953dfe1810d2710f04cfdc4210ace24c40 91093e0ba88ec3621b538d98454573b5eea6d43075a2ab0a08f80f9b9be336d3 lib/codeql/swift/generated/expr/ClassMetatypeToObjectExpr.qll 076c0f7369af3fffc8860429bd8e290962bf7fc8cf53bbba061de534e99cc8bf 076c0f7369af3fffc8860429bd8e290962bf7fc8cf53bbba061de534e99cc8bf lib/codeql/swift/generated/expr/ClosureExpr.qll f194fc8c5f67fcf0219e8e2de93ee2b820c27a609b2986b68d57a54445f66b61 3cae87f6c6eefb32195f06bc4c95ff6634446ecf346d3a3c94dc05c1539f3de2 @@ -462,8 +463,8 @@ lib/codeql/swift/generated/expr/ConditionalBridgeFromObjCExpr.qll 4a21e63cc54702 lib/codeql/swift/generated/expr/ConditionalCheckedCastExpr.qll 92a999dd1dcc1f498ed2e28b4d65ac697788960a66452a66b5281c287596d42b 92a999dd1dcc1f498ed2e28b4d65ac697788960a66452a66b5281c287596d42b lib/codeql/swift/generated/expr/CovariantFunctionConversionExpr.qll b749118590163eafbd538e71e4c903668451f52ae0dabbb13e504e7b1fefa9e1 abaf3f10d35bab1cf6ab44cb2e2eb1768938985ce00af4877d6043560a6b48ec lib/codeql/swift/generated/expr/CovariantReturnConversionExpr.qll f1b409f0bf54b149deb1a40fbe337579a0f6eb2498ef176ef5f64bc53e94e2fe 532d6cb2ebbb1e6da4b26df439214a5a64ec1eb8a222917ba2913f4ee8d73bd8 -lib/codeql/swift/generated/expr/DeclRefExpr.qll dda3034aba0170fb91ae62e5c8b02af27f3ac682c856af6eba2f8c57c186befe 338e7cfbea450e555191518dfa6b7b43cef3a0a029c4c0adb5101a2471c24c5e -lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll ca9f228742acf990a81308f68a66dc55b35c75f23d5f0cabfdff30a1b99064d7 a97de64329149db8ca6d25635bdda63df0a2bdb600cfe0c71017e2eb3fdecb15 +lib/codeql/swift/generated/expr/DeclRefExpr.qll 06149b37933848032fb6cc4692ff63ee54347cccb79e1fa150129a081afbf5d2 580392ea470c21a58021245f1d7fa08232a2f5314786ba8476282a5fbe403ffe +lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll 77468697fd5cafb05ca166a77e94ce9998c28624e235b626b9afbe1da9a93d4e d813ea7d5973945355a2941ccd3ca72e01745ab6320da429f3694e2465af96d3 lib/codeql/swift/generated/expr/DerivedToBaseExpr.qll 5f371b5b82262efb416af1a54073079dcf857f7a744010294f79a631c76c0e68 5f371b5b82262efb416af1a54073079dcf857f7a744010294f79a631c76c0e68 lib/codeql/swift/generated/expr/DestructureTupleExpr.qll 1214d25d0fa6a7c2f183d9b12c97c679e9b92420ca1970d802ea1fe84b42ccc8 1214d25d0fa6a7c2f183d9b12c97c679e9b92420ca1970d802ea1fe84b42ccc8 lib/codeql/swift/generated/expr/DictionaryExpr.qll f8bab2bdf683f4974be102faea2f8ff48ede5937a9112a1fa149180143052b0a 152ae4811c5282c68b9f2eb7b123631fbe461af7a7947434abf7e523b35b27e2 @@ -477,13 +478,13 @@ lib/codeql/swift/generated/expr/DynamicLookupExpr.qll 0f0d745085364bca3b67f67e34 lib/codeql/swift/generated/expr/DynamicMemberRefExpr.qll 2eab0e58a191624a9bf81a25f5ddad841f04001b7e9412a91e49b9d015259bbe 2eab0e58a191624a9bf81a25f5ddad841f04001b7e9412a91e49b9d015259bbe lib/codeql/swift/generated/expr/DynamicSubscriptExpr.qll f9d7d2fc89f1b724cab837be23188604cefa2c368fa07e942c7a408c9e824f3d f9d7d2fc89f1b724cab837be23188604cefa2c368fa07e942c7a408c9e824f3d lib/codeql/swift/generated/expr/DynamicTypeExpr.qll c29baea6ec5b0b7186b675e3322cd1cee9db8d647e16ac0f716990c22df17074 de9118fdb3778ef76de284992791d3f0f9978876f5799eda39da92c1242e603e -lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll edea1f464dc24ad8d300c547698699704cf7d9232782c2b6a536af6e058d440c 7d860abba668ac5fb078ac7b72d455824331d753751bbfbe7044a85a8365b6a7 +lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll 8df7cf11dff39ec1a8498d4df4cda2ab0fb49a88aaca671c8e4fd6d53bbf2af9 e5b064938c60634eb1060d39b435913286591e1e8d506bbb19ee8faace7105c5 lib/codeql/swift/generated/expr/ErasureExpr.qll c232bc7b612429b97dbd4bb2383c2601c7d12f63312f2c49e695c7a8a87fa72a c232bc7b612429b97dbd4bb2383c2601c7d12f63312f2c49e695c7a8a87fa72a lib/codeql/swift/generated/expr/ErrorExpr.qll 8e354eed5655e7261d939f3831eb6fa2961cdd2cebe41e3e3e7f54475e8a6083 8e354eed5655e7261d939f3831eb6fa2961cdd2cebe41e3e3e7f54475e8a6083 lib/codeql/swift/generated/expr/ExistentialMetatypeToObjectExpr.qll eb0d42aac3f6331011a0e26cf5581c5e0a1b5523d2da94672abdebe70000d65b efe2bc0424e551454acc919abe4dac7fd246b84f1ae0e5d2e31a49cbcf84ce40 lib/codeql/swift/generated/expr/ExplicitCastExpr.qll 162f94461d41cf10a81567e13d5141d7aca417cc92d4ef55de97c7909681882e c8e7d1f569265a9bc2ae6a82e33783ec3ac077c3ae6e582edcb49a4eb816f7b5 lib/codeql/swift/generated/expr/ExplicitClosureExpr.qll c5291fb91e04a99133d1b4caf25f8bd6e7f2e7b9d5d99558143899f4dc9a7861 c5291fb91e04a99133d1b4caf25f8bd6e7f2e7b9d5d99558143899f4dc9a7861 -lib/codeql/swift/generated/expr/Expr.qll b09ddd296693ad78a2b0e7dc17d2b746357ae88645b046a026861eafeba616cb 498c628f904fbf48be10f32b146168b71f8f7d9f829614e422020701ccc0f8e4 +lib/codeql/swift/generated/expr/Expr.qll 91b45df8d77ece59147e330b1a93515ad791e1da84128a079be2160ee5f87796 4a57263c533d9d5a9e1cacc997d09434fe7ebbabff9ac1a49602b618b828839b lib/codeql/swift/generated/expr/FloatLiteralExpr.qll ae851773886b3d33ab5535572a4d6f771d4b11d6c93e802f01348edb2d80c454 35f103436fc2d1b2cec67b5fbae07b28c054c9687d57cbd3245c38c55d8bde0b lib/codeql/swift/generated/expr/ForceTryExpr.qll 062997b5e9a9e993de703856ae6af60fe1950951cf77cdab11b972fb0a5a4ed3 062997b5e9a9e993de703856ae6af60fe1950951cf77cdab11b972fb0a5a4ed3 lib/codeql/swift/generated/expr/ForceValueExpr.qll cd7ee5fa4a6f7094c7fbb9c5831f60d5ce18b123fe7beea3dcb26ca78e387118 7cdef6e9b501f9e9cb0d48828e68b349b25e4e5f312e5bcee91868ae8b196e7d @@ -502,14 +503,14 @@ lib/codeql/swift/generated/expr/InterpolatedStringLiteralExpr.qll e2c1aadf140c80 lib/codeql/swift/generated/expr/IsExpr.qll b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 b5ca50490cae8ac590b68a1a51b7039a54280d606b42c444808a04fa26c7e1b6 lib/codeql/swift/generated/expr/KeyPathApplicationExpr.qll 157a9c2fcf229b76d104abfa49f74337e20ac4d1fa1be2eaed1290cbd9bd1232 70ec0e7ee2e2c716ba510916fdf6d1d6dd6fd93b740a46c909ddb9e877427fe1 lib/codeql/swift/generated/expr/KeyPathDotExpr.qll ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 ea73a462801fbe5e27b2f47bca4b39f6936d326d15d6de3f18b7afa6ace35878 -lib/codeql/swift/generated/expr/KeyPathExpr.qll 654b32a92ff8015cb4b8d64c83abed601a884f4181613a7d428e975a945afff5 4c82c7b9d9232e84dd898cb7d3d79c1365481cd9d37444318a776ae509eb023a +lib/codeql/swift/generated/expr/KeyPathExpr.qll 7d088ae6d74193f06b2c121dfde182a228d5ab1498a70fd3ad7bc5cab8e76dcd 5596774318c8eed672ab360c0a1515493176d9edae64f09917ec789514928355 lib/codeql/swift/generated/expr/LazyInitializationExpr.qll b81b831893b0f1c2bcbf48a708267cd54a86dfc6af6dde8b8b57a03e045abff2 b28cf1f4017edee09278a23f403932f91fb1a21ea83778cccf7683b5a57f6480 lib/codeql/swift/generated/expr/LinearFunctionExpr.qll cd4c31bed9d0beb09fdfc57069d28adb3a661c064d9c6f52bb250011d8e212a7 cd4c31bed9d0beb09fdfc57069d28adb3a661c064d9c6f52bb250011d8e212a7 lib/codeql/swift/generated/expr/LinearFunctionExtractOriginalExpr.qll ee7d3e025815b5af392ffc006ec91e3150130f2bd708ab92dbe80f2efa9e6792 bcf9ed64cca2dcf5bb544f6347de3d6faa059a1900042a36555e11dfbe0a6013 lib/codeql/swift/generated/expr/LinearToDifferentiableFunctionExpr.qll f7aa178bff083d8e2822fda63de201d9d7f56f7f59f797ec92826001fca98143 c3ef32483f6da294c066c66b1d40159bc51366d817cf64a364f375f5e5dfa8b0 lib/codeql/swift/generated/expr/LiteralExpr.qll b501f426fa4e638b24d772c2ce4a4e0d40fce25b083a3eee361a66983683ee9d 068208879c86fbd5bed8290ce5962868af6c294a53ad1548cf89cf5a7f8e1781 lib/codeql/swift/generated/expr/LoadExpr.qll 90b9ba4c96c26c476c3692b1200c31071aa10199d3e21ef386ff48b9f0b6d33a 90b9ba4c96c26c476c3692b1200c31071aa10199d3e21ef386ff48b9f0b6d33a -lib/codeql/swift/generated/expr/LookupExpr.qll 12844a93ff8244c9a9c7091b32c56e80a1196dee5fbdd67dafa5329e8d424ed9 da9ba34043930d541751ba3bc828cfcf86cc0fcf3b58bf2a2a0b8d9ad7d73153 +lib/codeql/swift/generated/expr/LookupExpr.qll 612265f7ca68f1f62ea8ceaa74e1a876195c6c3062807b310f834aa04acfaa80 160fbb1efe0c1fb48698d786bb7f76be70b4cd96568557f90c062773fb0dff6e lib/codeql/swift/generated/expr/MagicIdentifierLiteralExpr.qll 16f0050128caf916506b1f7372dc225a12809a60b5b00f108705fcdfce3344a8 c064778526a5854bdf8cdbf4b64ad680b60df9fe71ec7a2d9aa6c36a7c4e5b31 lib/codeql/swift/generated/expr/MakeTemporarilyEscapableExpr.qll c63cd023a5c2662e2beee8dba5f9cb0012103424a245df5fde0d4a08a13a87ea 78729409bc0e387ad2ed7cd84b074dbf190f378a6c8794f4a6596ddfa1b1ad85 lib/codeql/swift/generated/expr/MemberRefExpr.qll e7db805b904d9b5d1e2bc2c171656e9da58f02a585127c45f52f7f8e691dc2e5 b44b5208e0b72060527a6fdb24b17b208f2263d78690d13548fba937fe0db3cd @@ -517,34 +518,34 @@ lib/codeql/swift/generated/expr/MetatypeConversionExpr.qll 714ecbc8ac51fdaaa4075 lib/codeql/swift/generated/expr/MethodLookupExpr.qll 526c9001c311a890db2409a46180a7fedbb11b6dcd8ee23dda4d4644e65bed3a 4b287235a19b85880136ac3485a85742aad7217021c9f6729bf2a39be5ebd1a1 lib/codeql/swift/generated/expr/NilLiteralExpr.qll 6f44106bc5396c87681676fc3e1239fe052d1a481d0a854afa8b66369668b058 6f44106bc5396c87681676fc3e1239fe052d1a481d0a854afa8b66369668b058 lib/codeql/swift/generated/expr/NumberLiteralExpr.qll 8acc7df8fe83b7d36d66b2feed0b8859bfde873c6a88dd676c9ebed32f39bd04 4bbafc8996b2e95522d8167417668b536b2651817f732554de3083c4857af96a -lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll efc72580627467dce30ab784bfb963bd21297440bd6287600d0b3f2c5836c340 29a7974a65bde8f434de159e9a6ea0f6f48609d4d3332a216261f3c64cf3a070 -lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll 199b3a5196bff35681ba2e4bdb546cfbe0a2e265f535d05cfdb89af9c382c1a6 7c6b962565841a634c850d088fd404a3e6f3045e05ff555e1cde0ec02ba8dc8d +lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll 94a8344bff75033a3aae101c103419bd2201aa6992393d3450e4531ec33d4c83 78870c097692943f2eefb3ee86ccc86579411f35a4fa6e8753bf307009f85dba +lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll f609e898670d4fc7937e9f5024dbf9d82c98bdfcef140cee6e13998046fbe044 cd8647e0b186ce74d27ac0fcfe037972f7e12a326a0ef53c51305cb7db783a0c lib/codeql/swift/generated/expr/OneWayExpr.qll 8464649694b671a8462476fcd3827b07f8448069c7caa9e9efce44d7ce87aee0 c3e143ecd28238342a1d911a468087cc58a751106385f01cbe5a44e19c862d0e lib/codeql/swift/generated/expr/OpaqueValueExpr.qll 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 lib/codeql/swift/generated/expr/OpenExistentialExpr.qll 55ff1b4fdf23b787538f8b8cdc5f382d874221cec230f8fa35189ebf6de09b58 8235fe3387753a0ac389e297bf67b416991117587a98a566620ac9b328887dd6 lib/codeql/swift/generated/expr/OptionalEvaluationExpr.qll 76a3a789b3a4f17dd494f973f099766aa1db97c38cbbd93542e664a7cd7e1680 f56ce693b59cee6713a7cfdb2937a8a4e791d6e80c241ecd333ab197482a2d1b lib/codeql/swift/generated/expr/OptionalTryExpr.qll f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 -lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll 9e695cca00e162beadad513d6833f117cee0f364da6f16c7ed3809573c1fbfe2 ff29f1f265e22eefc9166f77fa8adca7f89d3f769591149e21c58c0789577a88 -lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll fee0ef58103e48b9238f1dd94d530a54e8ffaea95924cdbb38057701360a849d 2e851c3aee89aa3cbc3b67846a723b98708233e74e872641988c3200476d2da2 +lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll 94b793be9a37626fe0b1b7c93ac37b2a00e4fb93ab96e4a230aaba66ef1721de 136ac6a349db23144fc71f3aa1383fb68370b13a8615eb6ad398b29a55f2cae3 +lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll f2ef6518501e4bf7c51d009cb996dc88d56374a4dc572ce8514993591896deba e8519550ec34428715452f6716160e580cbbc894c2b78dd34c33835e11728f19 lib/codeql/swift/generated/expr/ParenExpr.qll f3fb35017423ee7360cab737249c01623cafc5affe8845f3898697d3bd2ef9d7 f3fb35017423ee7360cab737249c01623cafc5affe8845f3898697d3bd2ef9d7 lib/codeql/swift/generated/expr/PointerToPointerExpr.qll 7d6fa806bba09804705f9cef5be66e09cbbbbda9a4c5eae75d4380f1527bb1bd 7d6fa806bba09804705f9cef5be66e09cbbbbda9a4c5eae75d4380f1527bb1bd lib/codeql/swift/generated/expr/PostfixUnaryExpr.qll d1094c42aa03158bf89bace09b0a92b3056d560ebf69ddbf286accce7940d3ab d1094c42aa03158bf89bace09b0a92b3056d560ebf69ddbf286accce7940d3ab lib/codeql/swift/generated/expr/PrefixUnaryExpr.qll f66dee3c70ed257914de4dd4e8501bb49c9fe6c156ddad86cdcc636cf49b5f62 f66dee3c70ed257914de4dd4e8501bb49c9fe6c156ddad86cdcc636cf49b5f62 lib/codeql/swift/generated/expr/PropertyWrapperValuePlaceholderExpr.qll 0d604764ca2e77a51b7e7062a1f57c6f46dd007717bdebf765eb7b737ef5062d cff734718467dfd4abc12dcf7e72c5745fe4e917204cdd22e42973f30eb06df7 lib/codeql/swift/generated/expr/ProtocolMetatypeToObjectExpr.qll b692be6e5b249c095b77f4adcad5760f48bc07f6f53767ee3d236025ee4a2a51 efa47435cde494f3477164c540ac1ce0b036cb9c60f5f8ec7bfca82a88e208fb -lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll 87984796ee7bb5f8f474563d03e667b09ff36ccba5e084504e24ab3d9e90d4f2 b4885cb5a72edad07011e3e576ff3ce08ef6399320786ce1cf9d7a0a6350eb6f +lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll 66d4cbf211cae63a443d85f83a2799cb6ac66c061e691d0531ff5edeec9af6f3 7be66e5be4c6671abcb03af92d00ce5f5ba46797941ffbb98675f6cd15db59c7 lib/codeql/swift/generated/expr/RegexLiteralExpr.qll a11eb6f6ce7cebb35ab9ff51eae85f272980140814d7e6bded454069457a1312 bdb4bb65c9f4e187cf743ed13c0213bb7e55db9cc3adeae2169df5e32b003940 lib/codeql/swift/generated/expr/SelfApplyExpr.qll c0815a4d6d4f08bd0c7bc170fa817ebcb2328c937c8ef16391fb0da71aff17ae 0979f035e8d4b54e93f17163a4df3c2aa65f23d56c491fa72376887e3e5c10ac lib/codeql/swift/generated/expr/SequenceExpr.qll 62301b2e4c76de4820c6deef0ee95c8b328ed14ba8eac70aa10cc8fb0f3c5ace feb960c796ea517abc9587bd76f7ae9aabfd9a6b0984fe2d8380e803b002eede lib/codeql/swift/generated/expr/StringLiteralExpr.qll f420c5cd51a223b6f98177147967266e0094a5718ba2d57ae2d3acbb64bbb4b6 30d6dab2a93fd95e652a700902c4d106fecfce13880c2ece565de29f2504bedf lib/codeql/swift/generated/expr/StringToPointerExpr.qll ef69b570aa90697d438f5787a86797955b4b2f985960b5859a7bd13b9ecb9cd3 ef69b570aa90697d438f5787a86797955b4b2f985960b5859a7bd13b9ecb9cd3 -lib/codeql/swift/generated/expr/SubscriptExpr.qll 70ca2812ac4018c062fcb099e20433c7960325e68cfc544599d1860793b1464f d01d4b4ed833cb0390c3e96e75ef51150721245b0277946d75daca32d4085d9b -lib/codeql/swift/generated/expr/SuperRefExpr.qll f550961b912bdcaf159d4729b0a3f6911e97365e6d429717d4a9770a2a83a184 e5735644d755ac2ee56f6c3ab13ca6657c21cd00a366665ea858d405d32cb112 -lib/codeql/swift/generated/expr/TapExpr.qll 8556465559ed243c16396a1b426b666362c1bab1535a12faf9c1050e1b06c668 ea1c30b90d3620e580294d7d7010a720be688e10a9469405cd58b3da55070dc6 +lib/codeql/swift/generated/expr/SubscriptExpr.qll 8a2bf1f0ded1888546791e0e59b969267f0352223e2abeb38e91dfa2144a38ae 009566ef61689d14844730235b0e0c31ee01e95e2002cf7272cbabc97539dce9 +lib/codeql/swift/generated/expr/SuperRefExpr.qll 4fe3e827cff256d304bc73f0d44b6091dbea68d8176ff3af36dec80ab349f7dc 7e1c3975515db1aacdd8f5c90ff38cfc568e2c9e79495bb7832d72f856add2e8 +lib/codeql/swift/generated/expr/TapExpr.qll 6583473139cc6c93838e802d8e229ad90d90a2ef960600d95db6d12831402ff3 a7478c0c9e9a9899c1840838150e127e3bd192bb340249642efede3dd51d260a lib/codeql/swift/generated/expr/TryExpr.qll e6619905d9b2e06708c3bf41dace8c4e6332903f7111b3a59609d2bb7a6483ee e6619905d9b2e06708c3bf41dace8c4e6332903f7111b3a59609d2bb7a6483ee lib/codeql/swift/generated/expr/TupleElementExpr.qll e0050f30b31c58bcfbaaa61137484f9463aab435cbe1fd0dddd7a4b9d3a8ae46 0192eb79f1b1bff6185dddbc8ed37865cb669a670ffb9f5b63c34c1bf53a73c2 lib/codeql/swift/generated/expr/TupleExpr.qll b834c6347ec355f1135274f65bd7ca3768be42ea173225227a6b543c2fb2243b fddb421e1cdc8ae24afb6b72c0636b3341c5b039a4277fc99f00bbb077645cf8 -lib/codeql/swift/generated/expr/TypeExpr.qll accffc2dbe4a1f1ebdaeb4ca6a130faf139288a7470740213d5379ddc94dad18 e4595beff0e7b7cd698e2bb708ea10586cc2f2de5d6f9dcf3da3c3d9b43d33eb +lib/codeql/swift/generated/expr/TypeExpr.qll 0ebb5040199b71ea2f8922848b6d7ad2d4ac585b763485195e4180a118839dfa fb991cb078cecdfd0ec0d19d896635e7b834481c30970bd83fdd4e9792548416 lib/codeql/swift/generated/expr/UnderlyingToOpaqueExpr.qll 13d6c7a16ec0c4c92d12e052437dfa84274394ee8a4ca9b2c9e59514564dc683 13d6c7a16ec0c4c92d12e052437dfa84274394ee8a4ca9b2c9e59514564dc683 lib/codeql/swift/generated/expr/UnevaluatedInstanceExpr.qll 21dedc617838eed25a8d3a011296fda78f99aee0e8ae2c06789484da6886cfea 21dedc617838eed25a8d3a011296fda78f99aee0e8ae2c06789484da6886cfea lib/codeql/swift/generated/expr/UnresolvedDeclRefExpr.qll 17e83f6418f39cfd3b7768ba694dafce2807f97239d3ac0939fc0c3761ae3571 910e9440cae403b13b6dd501a3dbbda564a1d7d61a532e99a1825590c2d9a4ab @@ -558,45 +559,45 @@ lib/codeql/swift/generated/expr/VarargExpansionExpr.qll ac50264811fc0303220f7825 lib/codeql/swift/generated/pattern/AnyPattern.qll ce091e368da281381539d17e3bac59497ad51bb9c167d8991b661db11c482775 ce091e368da281381539d17e3bac59497ad51bb9c167d8991b661db11c482775 lib/codeql/swift/generated/pattern/BindingPattern.qll 61ae8b380b43c80710cf7d33c718c45b06cfa3680990e38e4191b3732236595c 1ff0450958cce5a5bfd00942d4846e3b2652499c738bd2790255632c883af0dd lib/codeql/swift/generated/pattern/BoolPattern.qll 118300aa665defa688a7c28f82deb73fa76adce1429d19aa082c71cfcbeb0903 0cd6db87e925e89f8ad6d464762d01d63ddfd34b05a31d5e80eb41aec37480b4 -lib/codeql/swift/generated/pattern/EnumElementPattern.qll 4aad6e1db45b8d39f61827e44335b2d7c1b9346538933bea82e4cec4b0993e3a 645edf97eb83f077f82c5f08cec912b845c826c2067f38f050b6e78031fe3a2e +lib/codeql/swift/generated/pattern/EnumElementPattern.qll 2d92a861316d46190e11880b0c383651e4ea15ea8fb81f55c08c4ce733bee2c7 c5915d7a3b62f7c009daac2e7d87c7d435a81a128bdfcc1db9ad281600acfb67 lib/codeql/swift/generated/pattern/ExprPattern.qll 169cef487e499a21d0d2cc4eda7268eb29cb6b1081fa6a0bc4e8571677f063f3 b7f3160f0812cf565873b607a247e184f17cc0289758f9a46748e90e783abd4f -lib/codeql/swift/generated/pattern/IsPattern.qll 864c38251026a523f91f0c097899cbc0c281f29d5c11142d5434cd182e8d70b8 be03f3a3aacbd44dc8e6a03f88d241d1247a3686c0d7d8eb4b50fa57c675aac9 +lib/codeql/swift/generated/pattern/IsPattern.qll c809159dff26b86d44f560742d66e75b3cf143cdfc0f3933b959864412770248 7375cb8140da3c1531b55b084c4b6aa8009495dd40697a13f05b258d3f5677cc lib/codeql/swift/generated/pattern/NamedPattern.qll 5d25e51eb83e86363b95a6531ffb164e5a6070b4a577f3900140edbef0e83c71 9e88b2b2b90a547b402d4782e8d494bc555d4200763c094dd985fe3b7ebc1ec8 lib/codeql/swift/generated/pattern/OptionalSomePattern.qll 5b9c7032584619d4921d1a1324e3ce4bd7207f0d4daa703e1e059f983bf1b132 e6d44514cd123a7ad27f657a2b83d46277a961a849139380ece886430a862920 lib/codeql/swift/generated/pattern/ParenPattern.qll 337cb03dcb7384f7ef13e35d843b3498c0ae391374f5e870d1e52c2d1baacd95 cba288ee99726f5bbf15cf61971e000a835cf6e8b7507dcf6f6c6dea91ec287a -lib/codeql/swift/generated/pattern/Pattern.qll 0e96528a8dd87185f4fb23ba33ea418932762127e99739d7e56e5c8988e024d1 ba1e010c9f7f891048fb8c4ff8ea5a6c664c09e43d74b860d559f6459f82554a +lib/codeql/swift/generated/pattern/Pattern.qll abdb00ae9ee55061de85fa77ecff6f3df9ddf395f45a38dde94983ac423d861a 67ffece7bd83150bb0981b2fda86468c2df7c4d2015526b90ca40c71eec6b542 lib/codeql/swift/generated/pattern/TuplePattern.qll b3a138b0942f7e3eecb52ad2f095584a6cd5f555e9487c6eaad6a5527ae99f0c d6ff67ecc7395571acef4b82da514cb737c72d97ea557d89da534469feda340c -lib/codeql/swift/generated/pattern/TypedPattern.qll 95185ae7acddb74ac68f2d2e31d83e64e3bac3fdbd7a8301a6dc8bb1d89d7918 5d6edf73b4ac2f81843fda26894f5dbf8aa2a7c129af5e1a3256370683fa619c -lib/codeql/swift/generated/stmt/BraceStmt.qll 15461198f638b8995687ad8a20ef47c8fac24445a8c28ea5113bbaabe43e4be3 72fa14dbb9cd31032a5f35754991beb6183c2ef37f942707dbfc8911687d8c6e -lib/codeql/swift/generated/stmt/BreakStmt.qll 7dca1ed723117cc245636c7ec5f31a69dbbb228eae2f6423ffa1f327f964d1c8 43052e648b31c6edf88c28fc8aa0ec440601c06776d5a32e7ef1efbb59f64cf2 -lib/codeql/swift/generated/stmt/CaseLabelItem.qll d04772471f1651c0f3c15cb7fa003431b2a51bbffa945a14ae85bb3e58015249 406b2d411a1aa3a513f93e9602ce34138bd47d84a8c5b9fc226ed3e0c972ae08 -lib/codeql/swift/generated/stmt/CaseStmt.qll 01b7cb7fe5839c02fec5af4ddc9d6c7646583305e17543f1e5a6993b8467c3cd 62ab05c856c1a567aa7aaa04390fee9cd65d44ad3e244a1f781e97710b89653d -lib/codeql/swift/generated/stmt/ConditionElement.qll 2f60c9326681613939b411d9c5e53e0e0e5cf756b551af4e150b8be964d8e05d 4155edf57ccc61b87f5d51684e57c06cd0bc6733579275f089de51975546eab1 -lib/codeql/swift/generated/stmt/ContinueStmt.qll 572747312c2a7c4e6ad1c82c58f8ac55ce05d5e1f828160fe139c3d2c100eb61 a54d57cc434f7d04412bf130391e9c571f8f11f90be501d736e96f341b0c1de9 -lib/codeql/swift/generated/stmt/DeferStmt.qll 099b98183d770608f63ee09b290e71042e4cbbbc6a83b0f0fa10614af418c712 d5504347c08ab2b4764d5cb03a3b590a97144240d68f626db0778697ef9638c1 -lib/codeql/swift/generated/stmt/DoCatchStmt.qll 4a05ba358b289c052f1e7d6b86dae206e91a8033687c3fabddac1556173a8140 8743746aeb98f28e7786233db4a9eacfcf73aea3f602be9e1f8c0d956d22aeb1 -lib/codeql/swift/generated/stmt/DoStmt.qll b22efabd7431e703ae33dd1df69a9e3ceb49f512ab2c46be9c7eba2d53a1e37f 8d7796e2b4676da59aa8425014a16b82ef47d4ac22af60a10c5076a691af17d1 +lib/codeql/swift/generated/pattern/TypedPattern.qll 6a9fd2815755eddc6918d6be8221c7afb90e4fba4fcb8eb54ff42754269bb481 f198c3b09553a5f5f3d97f8088ef82c00552b9635560750c56d801b09dbd9e26 +lib/codeql/swift/generated/stmt/BraceStmt.qll 72557bdbde907042a936b55039e6032afd5eb92b21a6bb3d669437f3141a7e76 a2fb52f3d77444880edcafec6d107f27cf8c528c21241b1222823136fd4cfbb9 +lib/codeql/swift/generated/stmt/BreakStmt.qll 879cf66911cc7f53e7e8f4ae8244681018fb17d6501b269fb7cf9d8481f0b539 c78fc1b0e3e76321fc1653aa8b0aabaaacf082e01a003b78f693b106cc05faa0 +lib/codeql/swift/generated/stmt/CaseLabelItem.qll 9536d2909a274c3a969eec25f8e5966adfaa9b0d6451ea6319d9f7bb2fd6fe07 02e25f036db50e9a6e9a7ceab6002dd605b73afb55fa1dee6f22e7af33a40913 +lib/codeql/swift/generated/stmt/CaseStmt.qll c180478c6161439bc76bd39edfab343faba7450900ffedcadd3ccea12dc3a08c b537eb517db76113cfbc91c59e6bdfbf16ff83d639dfe6fd6892171f71a97090 +lib/codeql/swift/generated/stmt/ConditionElement.qll 29c1f9ab045cceac466836c8c6b9b158395351a76d4c4f8725d98663ea75b9de 09342a6d9632a1af973ef21fd03d30ca85b94ebb7d51991b4b573ce9096f97f4 +lib/codeql/swift/generated/stmt/ContinueStmt.qll bf300c9655f750db8e71eb530d8972eca1ac9bf022023c8d99e299de8f5b3a44 746a2432752743e18e2b5fa4b46407e5d4c0e6ee38635c6de0846452cbc5eec5 +lib/codeql/swift/generated/stmt/DeferStmt.qll 230f8c8f53c86afd3169b36214c03c54ac3e5240b1c1c1ade4446b45c4c3c32a d0d9e728be7506aa07904c53087eb1273a82762139866767abb0b851f3e559ee +lib/codeql/swift/generated/stmt/DoCatchStmt.qll b418fdb6d48c2c0d30d11c0b256692af879846113c89ccdd21a84cd27ccfddec 5aea94c795e300ee1d99119c86d201228537b24a1e281abb79a14b2edbb498af +lib/codeql/swift/generated/stmt/DoStmt.qll 582f56113ecc384ee80610ae80e2a040fbe58c56b72c76b6c7da3daaeee739bd 3778445dc2f6173d4182cbda47ca0d0e066d931379ed7da89bb3afd1fda1e81b lib/codeql/swift/generated/stmt/FailStmt.qll d8f5816c51c5027fd6dacc8d9f5ddd21f691c138dfc80c6c79e250402a1fe165 d8f5816c51c5027fd6dacc8d9f5ddd21f691c138dfc80c6c79e250402a1fe165 -lib/codeql/swift/generated/stmt/FallthroughStmt.qll 0f5caceabd3f683914cd598c60e78f0c225a06b017784182e9bf1525ebf4eff8 fe328559e580ebcd38aac3b6402f1a40cd1c922e92b52456b18e79e6e241d7b4 -lib/codeql/swift/generated/stmt/ForEachStmt.qll 105f4905d2c9b832b01dabfc87a90294886ed867be119c83b1af779b61cca8c3 8aeae81570d9444f16e0335ac2d1b8645dc37e2b6b30ccdfeeda77b0d3c8af14 -lib/codeql/swift/generated/stmt/GuardStmt.qll 135faa385310d9398db6630c799ee57da6e5546e8ae09190b0aab8397c330c57 eb98434209466449d82dd75049850aa3d550f2c0d2b6e0a70f2ee8d2dae4d830 -lib/codeql/swift/generated/stmt/IfStmt.qll a01212a13060f36b0c5ff29a18aa64a450662b284d37d8cff10ce648507684b2 05e9617901b871d59fa9f08f3397aac7ebe7026ae482e316e591c2622ba64a2f -lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll 2865e39a960ec4f610cccc6cb93ecf2b3ef457fb4c3acb961ffcf84ed9c1f33e cb8b7f16520ead1299d898ccd22efb89a74e9b3d658fdb613af0797b60d80bb7 +lib/codeql/swift/generated/stmt/FallthroughStmt.qll aa400a95593395d97b196a78462fb5ab7cad0497b395cdd98885e1593271614d 4df6bfa7d2f4e2b5e5155351e445bb6c710e7c20c82fa3321564b11ef60b086a +lib/codeql/swift/generated/stmt/ForEachStmt.qll 0c4b3c9540aaf89c135de6618dc7f07680a44bb6e874d8b12b2457ecad7d766d 52fbec89382d3b207f379e126654008393be560c8efe4a490fda1e2c48914235 +lib/codeql/swift/generated/stmt/GuardStmt.qll f31660bbe32231e310ff3d33dfece761ee7ec888fe74683359f86a3766e7c378 ce1f8279839e0b6311107ea9473871cbcfdc7c12d2368ac55b989f9bff2c5e7c +lib/codeql/swift/generated/stmt/IfStmt.qll 80f1caba3a477e589b6aa3543ec1787005ab1ffab91a77832512c79dffce48c7 2126cf386e917a230175ba7e07450e390b4bd65da6fce1af8395e5ffd3f79dca +lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll 057c6c556ecd836ca7f40d208c04e43039dde53e41eb27cc27f5f502a38a86fa 2ee979a35e0e9fa72253ab21d57c18b7268b7acc1edb4ec514b73b99b0aa2c6c lib/codeql/swift/generated/stmt/LabeledStmt.qll 734f0bb5b40d72c3c949a08af15c01b3ae3a3e315f3196f75da27e03a2635d63 f1fbea28c7eef71135e60e144714b1027d71f07ccfabbb65d6a98aa89523720e -lib/codeql/swift/generated/stmt/PoundAssertStmt.qll d672d599679838fb9fcc7e9e3b4641a7d514ee35d94f9eaa9d56f1e893d57863 7ca6f2571015c105887b4c045c2305a05ad86813cf5fcf28b577efcc3d483717 -lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll e9a4ac23dafb18a2bc23a045eb7ed8a96193600071d46351474ae899f7e24f7d 8bdfd1e1c75b95ba156dc0c90b5fcc185b0bee84feb144c7dc1b5f159703c79a -lib/codeql/swift/generated/stmt/ReturnStmt.qll c27a59f427f39d6eaebc96c6d975480be535945572e5a88ab961c34ef166df1a 269912d84e69f97348ea2cf46ab38d08cf92b7fc6bf6255e649a64580bf171ad +lib/codeql/swift/generated/stmt/PoundAssertStmt.qll c7a2effdfde66cf6308815affa966d63a9a251ddc27d492320733f1b2398ecdb 83b886c58dbdd845e4be08309c2be1e8954cd0aa1a8ce079d429f96beaef02bf +lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll 5edf21c6f6a9ec95f1f4ada10a47f46e38550c307cae8b74dad4c26275e24ace 6a2c1cdc99ef31c9a8f49cc4cb207b832bb90d55f69ef3196948105daeaf8d45 +lib/codeql/swift/generated/stmt/ReturnStmt.qll bed521194ae4f9a60d3ea0a9ea46dd7dbbc62799272d752871524a8eedbefc46 eb28b591ad77d842211a0df931fd693581c0e792b93421679b64a38de637d836 lib/codeql/swift/generated/stmt/Stmt.qll b2a4f3712e3575321a4bc65d31b9eb8ddcd2d20af9863f3b9240e78e4b32ccff e0fc13b3af867aa53b21f58a5be1b7d1333b3e8543a4d214a346468f783dbf40 -lib/codeql/swift/generated/stmt/StmtCondition.qll 3a9b82fc0776c1693c620fd96b3dbf94052ca0a2134ea4c9c83e51a1df6accad d2f809dd6820aa05c1630cd09ca12f22f94698155661aecd5d3837e340354ff2 -lib/codeql/swift/generated/stmt/SwitchStmt.qll 2e43f3eb536bb8924311d2fe84b2b21f712875caeaa8c4b13047b782c06ae453 ff72f4a01c3d7d227a28481d5a95b0858c15619067dd159332693af05fd0f146 -lib/codeql/swift/generated/stmt/ThrowStmt.qll c6f419f7d7021061a913fd70e64e43d55efe4350f73a21921cbd0654fabfa928 b76d221ad122710050651a62efb92b318d48109ec5326971c66cf9876dde9e14 -lib/codeql/swift/generated/stmt/WhileStmt.qll 550fef68aa3e81fcc615a296fabeacacef7648fe8e0316daef8a2767654f3020 5a60c959f042ebd9142b26432ad905cc2079664568d1b0bdf22085d4a24a92b9 -lib/codeql/swift/generated/stmt/YieldStmt.qll 5b0a6e0a656f9db4095d128c3e7d6bf1265ff218045ad91bd0699097c6c3cce7 45f54dbd94af7c2ab7e53858a7c3389636726d3d5fb45b876b5daad1896d1305 +lib/codeql/swift/generated/stmt/StmtCondition.qll b8dabf10de10f7c21abe0c7911084a41beb6e7125016a9bc2e15a6ace6d31837 d3ad8923495c273b83d80c4c9f64665798273c843f4cd1862b0300a93c2ac2d6 +lib/codeql/swift/generated/stmt/SwitchStmt.qll e303f93ba166044326071368b8c3ef74c2a87c1c586b1d05cf645150f8958b1a 4a8e919ba35423b49d4400d0d0730a0372d5f75a741f49776654bae773250561 +lib/codeql/swift/generated/stmt/ThrowStmt.qll d486c63f0f224e088cd67deb296d47266c8cfa2212853f950f6d0457941a0ca2 c4315440944ccb312af7ee8ee18b5eb2b98909ba9655e4729ea0e0d6a87ff014 +lib/codeql/swift/generated/stmt/WhileStmt.qll ee2661a76fdb516095bfcfb3210b4e24fc0f9619e985c9916fc0f5150736dbb1 b6c95a8e410f79c8d0a7bc994f92bf34b51400a2ba49b67af28a5256687855a9 +lib/codeql/swift/generated/stmt/YieldStmt.qll 81e2e31455da36b08f21f905d3e5b87e9f5c10ba50990fa5722a2d9488378da4 21d9e9523ba28bd291753b331379945c621241ccadb0cb444755ee5947cb24d1 lib/codeql/swift/generated/type/AnyBuiltinIntegerType.qll a263451163e027c4c4223ec288e090b7e0d399cc46eb962013342bfeac5f6b86 d850ec1ee1902945b172ddd0ecd8884e399e963f939c04bc8bfaadacebdf55a9 lib/codeql/swift/generated/type/AnyFunctionType.qll ecd701702fc4f5a2205208faad7598f3083028914e72aacdaa6311f522468352 342e2265f0593c3f388a7f293b589f332c977d7863d697901445d68f0b93a222 -lib/codeql/swift/generated/type/AnyGenericType.qll a6da9ae1024bdafa244f3f5843fe16efe06f5d8e7305c5712f6b9ff409347427 11694abc90753c3f1a27e4745919f851334e0b79eb576831403c7866014b64aa +lib/codeql/swift/generated/type/AnyGenericType.qll 8b64a517c57c6c7e46eca923a5611c28c626c920818b5b9060f1772c10d1a636 151ce25c5b86e51d4e0f4a11c058eb1555a8d3f286029b37732b47b3b23e3667 lib/codeql/swift/generated/type/AnyMetatypeType.qll 6805a6895e748e02502105d844b66fab5111dbb0d727534d305a0396dacc9465 58e0794b8d6dccd9809f5b83bf64b162e69f3f84b5f3161b88aed10f16a8ede8 -lib/codeql/swift/generated/type/ArchetypeType.qll 2642f841dac57a4c2447ceb5c3a42bf9e59bdb426556307dae863bd4009950e0 e7136d1929951d7dc928d0ebab99aca84eee8bf71aad86f480c4820da26adec0 +lib/codeql/swift/generated/type/ArchetypeType.qll 49560392daec2e41846dba8254a1ce420ca17a0e6d45c6a6b670f3f9e44e2c18 6865b7359c413602d7de11aec850811a012cad846a5839817c4d5644c6138d8a lib/codeql/swift/generated/type/ArraySliceType.qll 72d0409e2704e89ebca364ae28d55c874152f55dd1deaac6c954617f6566f3c2 72d0409e2704e89ebca364ae28d55c874152f55dd1deaac6c954617f6566f3c2 lib/codeql/swift/generated/type/BoundGenericClassType.qll c82971dcd306a4cbc6bb885ae300556717eb2d068066b7752a36480e5eb14b5f c82971dcd306a4cbc6bb885ae300556717eb2d068066b7752a36480e5eb14b5f lib/codeql/swift/generated/type/BoundGenericEnumType.qll 89fcee52adbe6c9b130eae45cf43b2a2c302e8812f8519ea885e5d41dec3ec56 89fcee52adbe6c9b130eae45cf43b2a2c302e8812f8519ea885e5d41dec3ec56 @@ -616,7 +617,7 @@ lib/codeql/swift/generated/type/BuiltinType.qll 0f90f2fd18b67edf20712ff51484afd5 lib/codeql/swift/generated/type/BuiltinUnsafeValueBufferType.qll d569e7c255de5e87bb0eb68ae5e7fea011121e01b2868007485af91da7417cd6 d569e7c255de5e87bb0eb68ae5e7fea011121e01b2868007485af91da7417cd6 lib/codeql/swift/generated/type/BuiltinVectorType.qll f51ce577abec2a1de3ae77a5cd9719aa4a1a6f3f5ec492c7444e410fb1de802a f51ce577abec2a1de3ae77a5cd9719aa4a1a6f3f5ec492c7444e410fb1de802a lib/codeql/swift/generated/type/ClassType.qll b52f0383d3dcbf7cf56d0b143cbb63783cb5fa319bcbfc4754e362d935e0fb53 b52f0383d3dcbf7cf56d0b143cbb63783cb5fa319bcbfc4754e362d935e0fb53 -lib/codeql/swift/generated/type/DependentMemberType.qll 0596086099ef55db0647b436e4d4ad6482496e8d491b6497e31b6f4ecdafe5d0 2de600fd4ac4739afdf4cd84822da467d195c7cc6d7099fe7ac446eae147979d +lib/codeql/swift/generated/type/DependentMemberType.qll 348f4b1eb1ed6e311212c1565716c814f9f4198ec4be7e748fbd10cef1f98ce4 a17c65acda68c87b7148047372a9779ce9eda53dbaa81208f0b9b57262001791 lib/codeql/swift/generated/type/DictionaryType.qll 1a30cd9815e9162cbf07d193a35d834837f8b8aa8ab936ea8c4400ea66181937 d4100b99422db8b81632cd86144c316ed8504616df742223cb6cde1211704d14 lib/codeql/swift/generated/type/DynamicSelfType.qll 331e731ce6ebf8e4b152efcbfbebe35d506c03633dab75483ae660f967259c58 4066ab0cd3c768fe25aba0d2ddaa4e394070f97dbe77b375c6fd39447eef8fd9 lib/codeql/swift/generated/type/EnumType.qll dcf653c7ee2e76882d9f415fbbc208905b8d8ed68cc32e36c0439a9205e65b35 dcf653c7ee2e76882d9f415fbbc208905b8d8ed68cc32e36c0439a9205e65b35 @@ -629,10 +630,10 @@ lib/codeql/swift/generated/type/GenericTypeParamType.qll f515debe8b21f3ea6551e4f lib/codeql/swift/generated/type/InOutType.qll 93906f54e2e109a8e83bf10665a9cfb518b96c6f8d8ea50e8d994a2802082e61 1cdf37ee0a2785e1a3298022f0d9aa8e9bce38e8d7268d631bb6544bdf07e636 lib/codeql/swift/generated/type/LValueType.qll ed2c9347139582c311b6ae58a26fd4462cdcd4ec1f1d0ea3c9967d0bec54683c d027432cc73850731f33b1aaf7e2aa57d97ed7e3171de3dc53902e6ed7e38b46 lib/codeql/swift/generated/type/MetatypeType.qll cd752f81257820f74c1f5c016e19bdc9b0f8ff8ddcc231daa68061a85c4b38e2 cd752f81257820f74c1f5c016e19bdc9b0f8ff8ddcc231daa68061a85c4b38e2 -lib/codeql/swift/generated/type/ModuleType.qll 46178692ceeda03ded0af1ab96af9e3ef4ba426e7345a0e2abfc6b35eebd9fc1 135549ca669d27c737159cc8327963879c11e32177a3b72d2076decb0927c475 +lib/codeql/swift/generated/type/ModuleType.qll 77fc9ea296b5be29aa8eded4cdfdbc7ca09a4c443f6720f31f9728a6e5bf115d c551af9fa41b1da433f52c89e3d126ac11caad8ab6a59baeda7bdbd7b11487cf lib/codeql/swift/generated/type/NominalOrBoundGenericNominalType.qll 27d87dc4792b7f46fa1b708aadecef742ab2a78b23d4eb28ce392da49766122f 380b827d026202cbfcd825e975ebbdf8f53784a0426ce5454cb1b43cc42dfe16 lib/codeql/swift/generated/type/NominalType.qll f7e85d544eaaa259c727b8b4ba691578861d15612a134d19936a20943270b629 87472017a129921d2af9d380f69c293f4deba788e7660b0fe085a455e76562e8 -lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll 2126dd1e66b3b8fb4a2ac1808674f1c502cabe7cce11ecde407e78bbb1a1546e e78d3b63cc551a0dd284969c8ba6294466b1ddbcd17a0fdb745237a3793313ac +lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll 54f267ce066c2bc3c1a4ef93154a2b99c1c6a7253c9d75f5d215a4e8fe036c1d f2d397bc48875d7c47e239d859a40ee191dad8340c7f2861d461c8a4f339fa49 lib/codeql/swift/generated/type/OpenedArchetypeType.qll ed97d3fb8810424643953a0d5ebd93e58d1b2e397ea01ccde0dcd8e68c41adb2 ed97d3fb8810424643953a0d5ebd93e58d1b2e397ea01ccde0dcd8e68c41adb2 lib/codeql/swift/generated/type/OptionalType.qll d99dd5ec5636cc6c3e0e52bf27d0d8bf8dfcff25739cd7e1b845f5d96b1a5ac9 d99dd5ec5636cc6c3e0e52bf27d0d8bf8dfcff25739cd7e1b845f5d96b1a5ac9 lib/codeql/swift/generated/type/ParameterizedProtocolType.qll 5ec7f5d9412f071099a75e920dce686e3a3b3697d94f2b03d4456858060d31d1 9d8f3ae67ebe290102f6c3fc4bda14d66865b13a782fe9e80e3e2464da14f18e @@ -646,9 +647,9 @@ lib/codeql/swift/generated/type/SubstitutableType.qll 9e74ec2d281cd3dedbc5791d66 lib/codeql/swift/generated/type/SugarType.qll 4ea82201ae20e769c0c3e6e158bae86493e1b16bbd3ef6495e2a3760baa1fc6b 6c78df86db6f9c70398484819a9b9ecc8ee337b0a4ac2d84e17294951a6fd788 lib/codeql/swift/generated/type/SyntaxSugarType.qll 253e036452e0ba8ae3bb60d6ed22f4efb8436f4ef19f158f1114a6f9a14df42c 743fe4dede40ca173b19d5757d14e0f606fe36f51119445503e8eea7cf6df3b0 lib/codeql/swift/generated/type/TupleType.qll af224031c3bea6dfca6138903cca940a4f00ba6494ad7b591b9f017d69ee9a6c f59ad1bb4994196ec49836ae169e550a70dbb25a359ff889ed6456882fe2d9a0 -lib/codeql/swift/generated/type/Type.qll c08acc943c9b52662a465d77fcd39d12f869c42b24a3755225b3bddbb1cf72f5 6d82c5bddded75fd5598bb559ecfa07360ad802d5e9541af2c334dc9d0159335 -lib/codeql/swift/generated/type/TypeAliasType.qll 1c7b7d66f277907d04462712ff5271b84987656351da8e486d718b8d138ef545 2dc20e1fd98bee6a8e5b35cf7a048716b2b6d2e5ba6610ecc4f7f667da930885 -lib/codeql/swift/generated/type/TypeRepr.qll bb78cc2265734d8ecbd32ca85e38c853e9f35569aaf4dc8353d20471b3559c3d c2abc1d161590cbdc4cac7e147e114f8a28ba5f6405dba7ead51abe85991505d +lib/codeql/swift/generated/type/Type.qll ada3973ed840643fa9f015d721d1f3c58994cda46b169e875b77473281d9122f 6a43dc43be0ac6f315b58ca4dc9b015769281eb5011220f28b5e9b6ed9436207 +lib/codeql/swift/generated/type/TypeAliasType.qll 7c1397c4a145d3265e8d1b4dac4ae6a58a2c4026145cfb2d8d28c01309b0ea26 0e3c3a2c166285f4ac1b417b8cc74a5095c8a8e1a102d7b5ca2829a06b61de23 +lib/codeql/swift/generated/type/TypeRepr.qll 25a412f029bf2d4b283ea07f0f0ff5713b1b4f369f8cb06991328fdee030e14a 2a39717f2e023c96015b797b59812b0e0bef1ea2780ee83869b68da549abbf2f lib/codeql/swift/generated/type/UnarySyntaxSugarType.qll 6f3822691d04531cc1dd6a78fb184f3e18d42ee324123dc4338fdd368fbd0bd6 d489aac77955de0d71fd5c271fddccd40050db4ef8ce8d817320ca9554057c3a lib/codeql/swift/generated/type/UnboundGenericType.qll 43549cbdaaa05c3c6e3d6757aca7c549b67f3c1f7d7f0a987121de0c80567a78 43549cbdaaa05c3c6e3d6757aca7c549b67f3c1f7d7f0a987121de0c80567a78 lib/codeql/swift/generated/type/UnmanagedStorageType.qll 198727a7c9557a0a92c6d833768086f0a0a18c546b4bfd486d7ff7ad5677a6aa 198727a7c9557a0a92c6d833768086f0a0a18c546b4bfd486d7ff7ad5677a6aa diff --git a/swift/ql/.gitattributes b/swift/ql/.gitattributes index 71cc5c58ecf..c1bcfc90e69 100644 --- a/swift/ql/.gitattributes +++ b/swift/ql/.gitattributes @@ -379,6 +379,7 @@ /lib/codeql/swift/generated/Element.qll linguist-generated /lib/codeql/swift/generated/ErrorElement.qll linguist-generated /lib/codeql/swift/generated/File.qll linguist-generated +/lib/codeql/swift/generated/HideableElement.qll linguist-generated /lib/codeql/swift/generated/KeyPathComponent.qll linguist-generated /lib/codeql/swift/generated/Locatable.qll linguist-generated /lib/codeql/swift/generated/Location.qll linguist-generated diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll b/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll index 9e7975890e6..ad96fcb12de 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll @@ -98,7 +98,7 @@ private predicate isBooleanConstant(ControlFlowElement n, boolean value) { // Boolean constants hidden inside conversions are also // constants that resolve to the same value. exists(ControlFlowElement parent | - parent.asAstNode() = n.asAstNode().getResolveStep() and + parent.asAstNode() = n.asAstNode().(HideableElement).getResolveStep() and isBooleanConstant(parent, value) ) } @@ -122,9 +122,9 @@ private predicate inBooleanContext(ControlFlowElement n) { private predicate astInBooleanContext(AstNode n) { n = any(ConditionElement condElem).getBoolean().getFullyUnresolved() or - n = any(ConditionElement condElem).getAvailability().getFullyUnresolved() + n = any(ConditionElement condElem).getAvailability() or - n = any(StmtCondition stmtCond).getFullyUnresolved() + n = any(StmtCondition stmtCond) or exists(RepeatWhileStmt repeat | n = repeat.getCondition().getFullyConverted()) or diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll index d3eb3aaa244..3efa0dd8bc3 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll @@ -264,7 +264,7 @@ module Stmts { or child.asAstNode() = ast.getAnElement().getBoolean().getFullyConverted() or - child.asAstNode() = ast.getAnElement().getAvailability().getFullyUnresolved() + child.asAstNode() = ast.getAnElement().getAvailability() } predicate firstElement(int i, ControlFlowElement first) { @@ -278,7 +278,7 @@ module Stmts { astFirst(ast.getElement(i).getBoolean().getFullyConverted(), first) or // ... or an availability check. - astFirst(ast.getElement(i).getAvailability().getFullyUnresolved(), first) + astFirst(ast.getElement(i).getAvailability(), first) ) } @@ -296,7 +296,7 @@ module Stmts { astLast(ast.getElement(i).getBoolean().getFullyConverted(), pred, c) or // ... or the availability check ... - astLast(ast.getElement(i).getAvailability().getFullyUnresolved(), pred, c) + astLast(ast.getElement(i).getAvailability(), pred, c) ) and // We evaluate the next element c instanceof NormalCompletion and @@ -313,7 +313,7 @@ module Stmts { not c.(MatchingCompletion).isMatch() or // Stop if an availability check failed - astLast(ast.getAnElement().getAvailability().getFullyUnresolved(), last, c) and + astLast(ast.getAnElement().getAvailability(), last, c) and c instanceof FalseCompletion or // Stop if we successfully evaluated all the conditionals @@ -322,7 +322,7 @@ module Stmts { or astLast(ast.getLastElement().getPattern().getFullyUnresolved(), last, c) or - astLast(ast.getLastElement().getAvailability().getFullyUnresolved(), last, c) + astLast(ast.getLastElement().getAvailability(), last, c) ) and c instanceof NormalCompletion } @@ -342,14 +342,14 @@ module Stmts { override IfStmt ast; final override predicate propagatesAbnormal(ControlFlowElement child) { - child.asAstNode() = ast.getCondition().getFullyUnresolved() or + child.asAstNode() = ast.getCondition() or child.asAstNode() = ast.getThen() or child.asAstNode() = ast.getElse() } final override predicate last(ControlFlowElement last, Completion c) { // Condition exits with a false completion and there is no `else` branch - astLast(ast.getCondition().getFullyUnresolved(), last, c) and + astLast(ast.getCondition(), last, c) and c instanceof FalseOrNonMatchCompletion and not exists(ast.getElse()) or @@ -360,10 +360,10 @@ module Stmts { final override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: flow from statement itself to first element of condition pred.asAstNode() = ast and - astFirst(ast.getCondition().getFullyUnresolved(), succ) and + astFirst(ast.getCondition(), succ) and c instanceof SimpleCompletion or - astLast(ast.getCondition().getFullyUnresolved(), pred, c) and + astLast(ast.getCondition(), pred, c) and ( // Flow from last element of condition to first element of then branch c instanceof TrueOrMatchCompletion and @@ -380,7 +380,7 @@ module Stmts { override GuardStmt ast; final override predicate propagatesAbnormal(ControlFlowElement child) { - child.asAstNode() = ast.getCondition().getFullyUnresolved() or + child.asAstNode() = ast.getCondition() or child.asAstNode() = ast.getBody() } @@ -390,18 +390,18 @@ module Stmts { c instanceof NormalCompletion or // Exit when a condition is true - astLast(ast.getCondition().getFullyUnresolved(), last, c) and + astLast(ast.getCondition(), last, c) and c instanceof TrueOrMatchCompletion } final override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: flow from statement itself to first element of condition pred.asAstNode() = ast and - astFirst(ast.getCondition().getFullyUnresolved(), succ) and + astFirst(ast.getCondition(), succ) and c instanceof SimpleCompletion or // Flow to the body when the condition is false - astLast(ast.getCondition().getFullyUnresolved(), pred, c) and + astLast(ast.getCondition(), pred, c) and c instanceof FalseOrNonMatchCompletion and astFirst(ast.getBody(), succ) } @@ -458,9 +458,7 @@ module Stmts { private class WhileTree extends LoopTree { override WhileStmt ast; - final override ControlFlowElement getCondition() { - result.asAstNode() = ast.getCondition().getFullyUnresolved() - } + final override ControlFlowElement getCondition() { result.asAstNode() = ast.getCondition() } final override ControlFlowElement getBody() { result.asAstNode() = ast.getBody() } @@ -674,7 +672,7 @@ module Stmts { final override predicate last(ControlFlowElement last, Completion c) { // Case pattern exits with a non-match - astLast(ast.getLastLabel().getFullyUnresolved(), last, c) and + astLast(ast.getLastLabel(), last, c) and not c.(MatchingCompletion).isMatch() or // Case body exits with any completion @@ -684,18 +682,18 @@ module Stmts { override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: Flow from the case statement itself to the first label pred.asAstNode() = ast and - astFirst(ast.getFirstLabel().getFullyUnresolved(), succ) and + astFirst(ast.getFirstLabel(), succ) and c instanceof SimpleCompletion or // Left-to-right evaluation of labels until we find a match exists(int i | - astLast(ast.getLabel(i).getFullyUnresolved(), pred, c) and - astFirst(ast.getLabel(i + 1).getFullyUnresolved(), succ) and + astLast(ast.getLabel(i), pred, c) and + astFirst(ast.getLabel(i + 1), succ) and c.(MatchingCompletion).isNonMatch() ) or // Flow from last element of pattern to first element of body - astLast(ast.getALabel().getFullyUnresolved(), pred, c) and + astLast(ast.getALabel(), pred, c) and astFirst(ast.getBody(), succ) and c.(MatchingCompletion).isMatch() } @@ -1164,7 +1162,7 @@ module Exprs { override CaptureListExpr ast; final override ControlFlowElement getChildElement(int i) { - result.asAstNode() = ast.getBindingDecl(i).getFullyUnresolved() + result.asAstNode() = ast.getBindingDecl(i) or i = ast.getNumberOfBindingDecls() and result.asAstNode() = ast.getClosureBody().getFullyConverted() @@ -1796,9 +1794,7 @@ module AvailabilityInfo { private class AvailabilityInfoTree extends AstStandardPostOrderTree { override AvailabilityInfo ast; - final override ControlFlowElement getChildElement(int i) { - result.asAstNode() = ast.getSpec(i).getFullyUnresolved() - } + final override ControlFlowElement getChildElement(int i) { result.asAstNode() = ast.getSpec(i) } } private class AvailabilitySpecTree extends AstLeafTree { diff --git a/swift/ql/lib/codeql/swift/elements.qll b/swift/ql/lib/codeql/swift/elements.qll index 7c75c11c976..486b2aa6cd0 100644 --- a/swift/ql/lib/codeql/swift/elements.qll +++ b/swift/ql/lib/codeql/swift/elements.qll @@ -10,6 +10,7 @@ import codeql.swift.elements.Diagnostics import codeql.swift.elements.Element import codeql.swift.elements.ErrorElement import codeql.swift.elements.File +import codeql.swift.elements.HideableElement import codeql.swift.elements.KeyPathComponent import codeql.swift.elements.Locatable import codeql.swift.elements.Location diff --git a/swift/ql/lib/codeql/swift/elements/Element.qll b/swift/ql/lib/codeql/swift/elements/Element.qll index 394d1caab3b..b7bdd621eaf 100644 --- a/swift/ql/lib/codeql/swift/elements/Element.qll +++ b/swift/ql/lib/codeql/swift/elements/Element.qll @@ -1,18 +1,7 @@ private import codeql.swift.generated.Element class Element extends Generated::Element { - private predicate resolvesFrom(Element e) { e.getResolveStep() = this } - override string toString() { result = this.getPrimaryQlClasses() } - - Element getFullyUnresolved() { - not this.resolvesFrom(_) and result = this - or - exists(Element e | - this.resolvesFrom(e) and - result = e.getFullyUnresolved() - ) - } } class UnknownElement extends Element { diff --git a/swift/ql/lib/codeql/swift/elements/HideableElement.qll b/swift/ql/lib/codeql/swift/elements/HideableElement.qll new file mode 100644 index 00000000000..fdc392817dd --- /dev/null +++ b/swift/ql/lib/codeql/swift/elements/HideableElement.qll @@ -0,0 +1,14 @@ +private import codeql.swift.generated.HideableElement + +class HideableElement extends Generated::HideableElement { + private predicate resolvesFrom(HideableElement e) { e.getResolveStep() = this } + + HideableElement getFullyUnresolved() { + not this.resolvesFrom(_) and result = this + or + exists(HideableElement e | + this.resolvesFrom(e) and + result = e.getFullyUnresolved() + ) + } +} diff --git a/swift/ql/lib/codeql/swift/elements/Locatable.qll b/swift/ql/lib/codeql/swift/elements/Locatable.qll index 80afa75c1de..25877d7f074 100644 --- a/swift/ql/lib/codeql/swift/elements/Locatable.qll +++ b/swift/ql/lib/codeql/swift/elements/Locatable.qll @@ -4,10 +4,10 @@ private import codeql.swift.elements.UnknownLocation class Locatable extends Generated::Locatable { pragma[nomagic] - override Location getImmediateLocation() { - result = Generated::Locatable.super.getImmediateLocation() + override Location getLocation() { + result = Generated::Locatable.super.getLocation() or - not exists(Generated::Locatable.super.getImmediateLocation()) and + not exists(Generated::Locatable.super.getLocation()) and result instanceof UnknownLocation } diff --git a/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll b/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll index b97ef6e4e8f..df8823fe028 100644 --- a/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll +++ b/swift/ql/lib/codeql/swift/elements/UnknownLocation.qll @@ -6,7 +6,7 @@ private import codeql.swift.elements.File * A `Location` that is given to something that is not associated with any position in the source code. */ class UnknownLocation extends Generated::UnknownLocation { - override File getImmediateFile() { result instanceof UnknownFile } + override File getFile() { result instanceof UnknownFile } override int getStartLine() { result = 0 } diff --git a/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll b/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll index cbafea24532..b062beeb197 100644 --- a/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll +++ b/swift/ql/lib/codeql/swift/elements/UnspecifiedElement.qll @@ -19,5 +19,5 @@ class UnspecifiedElement extends Generated::UnspecifiedElement { ) } - override Location getImmediateLocation() { result = this.getParent().(Locatable).getLocation() } + override Location getLocation() { result = this.getParent().(Locatable).getLocation() } } diff --git a/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll index 4dbdff505b4..ba036ddafcf 100644 --- a/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll +++ b/swift/ql/lib/codeql/swift/elements/expr/MethodLookupExpr.qll @@ -14,7 +14,7 @@ class MethodLookupExpr extends Generated::MethodLookupExpr { result = Synth::convertExprFromRaw(this.getUnderlying().getBase()) } - override Decl getImmediateMember() { + override Decl getMember() { result = this.getMethodRef().(DeclRefExpr).getDecl() or result = this.getMethodRef().(OtherInitializerRefExpr).getInitializer() diff --git a/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll b/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll index c0c7ec1ad00..3659bf7f16f 100644 --- a/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll +++ b/swift/ql/lib/codeql/swift/generated/AvailabilityInfo.qll @@ -32,27 +32,14 @@ module Generated { /** * Gets the `index`th spec of this availability info (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AvailabilitySpec getImmediateSpec(int index) { + AvailabilitySpec getSpec(int index) { result = Synth::convertAvailabilitySpecFromRaw(Synth::convertAvailabilityInfoToRaw(this) .(Raw::AvailabilityInfo) .getSpec(index)) } - /** - * Gets the `index`th spec of this availability info (0-based). - */ - final AvailabilitySpec getSpec(int index) { - exists(AvailabilitySpec immediate | - immediate = this.getImmediateSpec(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the specs of this availability info. */ diff --git a/swift/ql/lib/codeql/swift/generated/Callable.qll b/swift/ql/lib/codeql/swift/generated/Callable.qll index db03af1dbd0..124828a8e0d 100644 --- a/swift/ql/lib/codeql/swift/generated/Callable.qll +++ b/swift/ql/lib/codeql/swift/generated/Callable.qll @@ -20,27 +20,14 @@ module Generated { /** * Gets the self parameter of this callable, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateSelfParam() { + ParamDecl getSelfParam() { result = Synth::convertParamDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getSelfParam()) } - /** - * Gets the self parameter of this callable, if it exists. - */ - final ParamDecl getSelfParam() { - exists(ParamDecl immediate | - immediate = this.getImmediateSelfParam() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getSelfParam()` exists. */ @@ -48,27 +35,14 @@ module Generated { /** * Gets the `index`th parameter of this callable (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getParam(index)) } - /** - * Gets the `index`th parameter of this callable (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this callable. */ @@ -79,27 +53,14 @@ module Generated { */ final int getNumberOfParams() { result = count(int i | exists(this.getParam(i))) } - /** - * Gets the body of this callable, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - BraceStmt getImmediateBody() { - result = - Synth::convertBraceStmtFromRaw(Synth::convertCallableToRaw(this).(Raw::Callable).getBody()) - } - /** * Gets the body of this callable, if it exists. * * The body is absent within protocol declarations. */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + BraceStmt getBody() { + result = + Synth::convertBraceStmtFromRaw(Synth::convertCallableToRaw(this).(Raw::Callable).getBody()) } /** @@ -109,27 +70,14 @@ module Generated { /** * Gets the `index`th capture of this callable (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CapturedDecl getImmediateCapture(int index) { + CapturedDecl getCapture(int index) { result = Synth::convertCapturedDeclFromRaw(Synth::convertCallableToRaw(this) .(Raw::Callable) .getCapture(index)) } - /** - * Gets the `index`th capture of this callable (0-based). - */ - final CapturedDecl getCapture(int index) { - exists(CapturedDecl immediate | - immediate = this.getImmediateCapture(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the captures of this callable. */ diff --git a/swift/ql/lib/codeql/swift/generated/Element.qll b/swift/ql/lib/codeql/swift/generated/Element.qll index 0fa588e0667..88e9b4cdd34 100644 --- a/swift/ql/lib/codeql/swift/generated/Element.qll +++ b/swift/ql/lib/codeql/swift/generated/Element.qll @@ -24,23 +24,6 @@ module Generated { */ final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } - /** - * Gets the most immediate element that should substitute this element in the explicit AST, if any. - * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved - * for conversions and syntactic sugar nodes like parentheses. - */ - Element getResolveStep() { none() } // overridden by subclasses - - /** - * Gets the element that should substitute this element in the explicit AST, applying `getResolveStep` - * transitively. - */ - final Element resolve() { - not exists(this.getResolveStep()) and result = this - or - result = this.getResolveStep().resolve() - } - /** * Holds if this element is unknown. */ diff --git a/swift/ql/lib/codeql/swift/generated/HideableElement.qll b/swift/ql/lib/codeql/swift/generated/HideableElement.qll new file mode 100644 index 00000000000..9d8b323313c --- /dev/null +++ b/swift/ql/lib/codeql/swift/generated/HideableElement.qll @@ -0,0 +1,25 @@ +// generated by codegen/codegen.py +private import codeql.swift.generated.Synth +private import codeql.swift.generated.Raw +import codeql.swift.elements.Element + +module Generated { + class HideableElement extends Synth::THideableElement, Element { + /** + * Gets the most immediate element that should substitute this element in the explicit AST, if any. + * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved + * for conversions and syntactic sugar nodes like parentheses. + */ + HideableElement getResolveStep() { none() } // overridden by subclasses + + /** + * Gets the element that should substitute this element in the explicit AST, applying `getResolveStep` + * transitively. + */ + final HideableElement resolve() { + not exists(this.getResolveStep()) and result = this + or + result = this.getResolveStep().resolve() + } + } +} diff --git a/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll b/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll index a6b48cc2e0c..564e0397357 100644 --- a/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll +++ b/swift/ql/lib/codeql/swift/generated/KeyPathComponent.qll @@ -32,27 +32,14 @@ module Generated { /** * Gets the `index`th argument to an array or dictionary subscript expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateSubscriptArgument(int index) { + Argument getSubscriptArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertKeyPathComponentToRaw(this) .(Raw::KeyPathComponent) .getSubscriptArgument(index)) } - /** - * Gets the `index`th argument to an array or dictionary subscript expression (0-based). - */ - final Argument getSubscriptArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateSubscriptArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments to an array or dictionary subscript expression. */ @@ -79,27 +66,14 @@ module Generated { /** * Gets the property or subscript operator, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDeclRef() { + ValueDecl getDeclRef() { result = Synth::convertValueDeclFromRaw(Synth::convertKeyPathComponentToRaw(this) .(Raw::KeyPathComponent) .getDeclRef()) } - /** - * Gets the property or subscript operator, if it exists. - */ - final ValueDecl getDeclRef() { - exists(ValueDecl immediate | - immediate = this.getImmediateDeclRef() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getDeclRef()` exists. */ @@ -128,7 +102,7 @@ module Generated { final Type getComponentType() { exists(Type immediate | immediate = this.getImmediateComponentType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/Locatable.qll b/swift/ql/lib/codeql/swift/generated/Locatable.qll index bb8b832a6af..9696d5d23ad 100644 --- a/swift/ql/lib/codeql/swift/generated/Locatable.qll +++ b/swift/ql/lib/codeql/swift/generated/Locatable.qll @@ -8,27 +8,14 @@ module Generated { class Locatable extends Synth::TLocatable, Element { /** * Gets the location associated with this element in the code, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Location getImmediateLocation() { + Location getLocation() { result = Synth::convertLocationFromRaw(Synth::convertLocatableToRaw(this) .(Raw::Locatable) .getLocation()) } - /** - * Gets the location associated with this element in the code, if it exists. - */ - final Location getLocation() { - exists(Location immediate | - immediate = this.getImmediateLocation() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getLocation()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/Location.qll b/swift/ql/lib/codeql/swift/generated/Location.qll index 9cdbd95fe8d..a95b34a9afa 100644 --- a/swift/ql/lib/codeql/swift/generated/Location.qll +++ b/swift/ql/lib/codeql/swift/generated/Location.qll @@ -8,25 +8,12 @@ module Generated { class Location extends Synth::TLocation, Element { /** * Gets the file of this location. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - File getImmediateFile() { + File getFile() { result = Synth::convertFileFromRaw(Synth::convertLocationToRaw(this).(Raw::Location).getFile()) } - /** - * Gets the file of this location. - */ - final File getFile() { - exists(File immediate | - immediate = this.getImmediateFile() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the start line of this location. */ diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 958f4ec60a3..61b61ab0459 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -16,22 +16,22 @@ private module Impl { bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and n = bElement and nSelfParam = n + 1 and - nParam = nSelfParam + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = nSelfParam + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and nBody = nParam + 1 and - nCapture = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateCapture(i)) | i) and + nCapture = nBody + 1 + max(int i | i = -1 or exists(e.getCapture(i)) | i) and ( none() or result = getImmediateChildOfElement(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateSelfParam() and partialPredicateCall = "SelfParam()" + index = n and result = e.getSelfParam() and partialPredicateCall = "SelfParam()" or - result = e.getImmediateParam(index - nSelfParam) and + result = e.getParam(index - nSelfParam) and partialPredicateCall = "Param(" + (index - nSelfParam).toString() + ")" or - index = nParam and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nParam and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateCapture(index - nBody) and + result = e.getCapture(index - nBody) and partialPredicateCall = "Capture(" + (index - nBody).toString() + ")" ) ) @@ -50,6 +50,21 @@ private module Impl { ) } + private Element getImmediateChildOfHideableElement( + HideableElement e, int index, string partialPredicateCall + ) { + exists(int b, int bElement, int n | + b = 0 and + bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and + n = bElement and + ( + none() + or + result = getImmediateChildOfElement(e, index - b, partialPredicateCall) + ) + ) + } + private Element getImmediateChildOfLocatable(Locatable e, int index, string partialPredicateCall) { exists(int b, int bElement, int n | b = 0 and @@ -195,13 +210,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nSpec = n + 1 + max(int i | i = -1 or exists(e.getImmediateSpec(i)) | i) and + nSpec = n + 1 + max(int i | i = -1 or exists(e.getSpec(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateSpec(index - n) and + result = e.getSpec(index - n) and partialPredicateCall = "Spec(" + (index - n).toString() + ")" ) ) @@ -229,14 +244,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nSubscriptArgument = - n + 1 + max(int i | i = -1 or exists(e.getImmediateSubscriptArgument(i)) | i) and + nSubscriptArgument = n + 1 + max(int i | i = -1 or exists(e.getSubscriptArgument(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateSubscriptArgument(index - n) and + result = e.getSubscriptArgument(index - n) and partialPredicateCall = "SubscriptArgument(" + (index - n).toString() + ")" ) ) @@ -295,13 +309,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nMember = n + 1 + max(int i | i = -1 or exists(e.getImmediateMember(i)) | i) and + nMember = n + 1 + max(int i | i = -1 or exists(e.getMember(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateMember(index - n) and + result = e.getMember(index - n) and partialPredicateCall = "Member(" + (index - n).toString() + ")" ) ) @@ -314,14 +328,13 @@ private module Impl { b = 0 and bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and n = bElement and - nGenericTypeParam = - n + 1 + max(int i | i = -1 or exists(e.getImmediateGenericTypeParam(i)) | i) and + nGenericTypeParam = n + 1 + max(int i | i = -1 or exists(e.getGenericTypeParam(i)) | i) and ( none() or result = getImmediateChildOfElement(e, index - b, partialPredicateCall) or - result = e.getImmediateGenericTypeParam(index - n) and + result = e.getGenericTypeParam(index - n) and partialPredicateCall = "GenericTypeParam(" + (index - n).toString() + ")" ) ) @@ -504,7 +517,7 @@ private module Impl { or result = getImmediateChildOfDecl(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -529,13 +542,13 @@ private module Impl { b = 0 and bValueDecl = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfValueDecl(e, i, _)) | i) and n = bValueDecl and - nAccessor = n + 1 + max(int i | i = -1 or exists(e.getImmediateAccessor(i)) | i) and + nAccessor = n + 1 + max(int i | i = -1 or exists(e.getAccessor(i)) | i) and ( none() or result = getImmediateChildOfValueDecl(e, index - b, partialPredicateCall) or - result = e.getImmediateAccessor(index - n) and + result = e.getAccessor(index - n) and partialPredicateCall = "Accessor(" + (index - n).toString() + ")" ) ) @@ -548,13 +561,13 @@ private module Impl { b = 0 and bValueDecl = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfValueDecl(e, i, _)) | i) and n = bValueDecl and - nParam = n + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = n + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and ( none() or result = getImmediateChildOfValueDecl(e, index - b, partialPredicateCall) or - result = e.getImmediateParam(index - n) and + result = e.getParam(index - n) and partialPredicateCall = "Param(" + (index - n).toString() + ")" ) ) @@ -749,7 +762,7 @@ private module Impl { bAbstractStorageDecl + 1 + max(int i | i = -1 or exists(getImmediateChildOfGenericContext(e, i, _)) | i) and n = bGenericContext and - nParam = n + 1 + max(int i | i = -1 or exists(e.getImmediateParam(i)) | i) and + nParam = n + 1 + max(int i | i = -1 or exists(e.getParam(i)) | i) and ( none() or @@ -758,7 +771,7 @@ private module Impl { result = getImmediateChildOfGenericContext(e, index - bAbstractStorageDecl, partialPredicateCall) or - result = e.getImmediateParam(index - n) and + result = e.getParam(index - n) and partialPredicateCall = "Param(" + (index - n).toString() + ")" ) ) @@ -784,19 +797,19 @@ private module Impl { result = getImmediateChildOfAbstractStorageDecl(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediatePropertyWrapperBackingVarBinding() and + result = e.getPropertyWrapperBackingVarBinding() and partialPredicateCall = "PropertyWrapperBackingVarBinding()" or index = nPropertyWrapperBackingVarBinding and - result = e.getImmediatePropertyWrapperBackingVar() and + result = e.getPropertyWrapperBackingVar() and partialPredicateCall = "PropertyWrapperBackingVar()" or index = nPropertyWrapperBackingVar and - result = e.getImmediatePropertyWrapperProjectionVarBinding() and + result = e.getPropertyWrapperProjectionVarBinding() and partialPredicateCall = "PropertyWrapperProjectionVarBinding()" or index = nPropertyWrapperProjectionVarBinding and - result = e.getImmediatePropertyWrapperProjectionVar() and + result = e.getPropertyWrapperProjectionVar() and partialPredicateCall = "PropertyWrapperProjectionVar()" ) ) @@ -929,11 +942,11 @@ private module Impl { result = getImmediateChildOfVarDecl(e, index - b, partialPredicateCall) or index = n and - result = e.getImmediatePropertyWrapperLocalWrappedVarBinding() and + result = e.getPropertyWrapperLocalWrappedVarBinding() and partialPredicateCall = "PropertyWrapperLocalWrappedVarBinding()" or index = nPropertyWrapperLocalWrappedVarBinding and - result = e.getImmediatePropertyWrapperLocalWrappedVar() and + result = e.getPropertyWrapperLocalWrappedVar() and partialPredicateCall = "PropertyWrapperLocalWrappedVar()" ) ) @@ -1030,14 +1043,19 @@ private module Impl { } private Element getImmediateChildOfExpr(Expr e, int index, string partialPredicateCall) { - exists(int b, int bAstNode, int n | + exists(int b, int bAstNode, int bHideableElement, int n | b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and - n = bAstNode and + bHideableElement = + bAstNode + 1 + + max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and + n = bHideableElement and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) + or + result = getImmediateChildOfHideableElement(e, index - bAstNode, partialPredicateCall) ) ) } @@ -1082,7 +1100,7 @@ private module Impl { bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nFunction = n + 1 and - nArgument = nFunction + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = nFunction + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or @@ -1090,7 +1108,7 @@ private module Impl { or index = n and result = e.getImmediateFunction() and partialPredicateCall = "Function()" or - result = e.getImmediateArgument(index - nFunction) and + result = e.getArgument(index - nFunction) and partialPredicateCall = "Argument(" + (index - nFunction).toString() + ")" ) ) @@ -1140,14 +1158,14 @@ private module Impl { b = 0 and bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and - nBindingDecl = n + 1 + max(int i | i = -1 or exists(e.getImmediateBindingDecl(i)) | i) and + nBindingDecl = n + 1 + max(int i | i = -1 or exists(e.getBindingDecl(i)) | i) and nClosureBody = nBindingDecl + 1 and ( none() or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateBindingDecl(index - n) and + result = e.getBindingDecl(index - n) and partialPredicateCall = "BindingDecl(" + (index - n).toString() + ")" or index = nBindingDecl and @@ -1470,15 +1488,15 @@ private module Impl { bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nRoot = n + 1 and - nComponent = nRoot + 1 + max(int i | i = -1 or exists(e.getImmediateComponent(i)) | i) and + nComponent = nRoot + 1 + max(int i | i = -1 or exists(e.getComponent(i)) | i) and ( none() or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateRoot() and partialPredicateCall = "Root()" + index = n and result = e.getRoot() and partialPredicateCall = "Root()" or - result = e.getImmediateComponent(index - nRoot) and + result = e.getComponent(index - nRoot) and partialPredicateCall = "Component(" + (index - nRoot).toString() + ")" ) ) @@ -1773,7 +1791,7 @@ private module Impl { or index = n and result = e.getImmediateSubExpr() and partialPredicateCall = "SubExpr()" or - index = nSubExpr and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nSubExpr and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -1824,7 +1842,7 @@ private module Impl { or result = getImmediateChildOfExpr(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateTypeRepr() and partialPredicateCall = "TypeRepr()" + index = n and result = e.getTypeRepr() and partialPredicateCall = "TypeRepr()" ) ) } @@ -2688,13 +2706,13 @@ private module Impl { bLiteralExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLiteralExpr(e, i, _)) | i) and n = bLiteralExpr and - nArgument = n + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = n + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or result = getImmediateChildOfLiteralExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateArgument(index - n) and + result = e.getArgument(index - n) and partialPredicateCall = "Argument(" + (index - n).toString() + ")" ) ) @@ -2850,13 +2868,13 @@ private module Impl { bLookupExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLookupExpr(e, i, _)) | i) and n = bLookupExpr and - nArgument = n + 1 + max(int i | i = -1 or exists(e.getImmediateArgument(i)) | i) and + nArgument = n + 1 + max(int i | i = -1 or exists(e.getArgument(i)) | i) and ( none() or result = getImmediateChildOfLookupExpr(e, index - b, partialPredicateCall) or - result = e.getImmediateArgument(index - n) and + result = e.getArgument(index - n) and partialPredicateCall = "Argument(" + (index - n).toString() + ")" ) ) @@ -3161,14 +3179,19 @@ private module Impl { } private Element getImmediateChildOfPattern(Pattern e, int index, string partialPredicateCall) { - exists(int b, int bAstNode, int n | + exists(int b, int bAstNode, int bHideableElement, int n | b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and - n = bAstNode and + bHideableElement = + bAstNode + 1 + + max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and + n = bHideableElement and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) + or + result = getImmediateChildOfHideableElement(e, index - bAstNode, partialPredicateCall) ) ) } @@ -3267,9 +3290,7 @@ private module Impl { or result = getImmediateChildOfPattern(e, index - b, partialPredicateCall) or - index = n and - result = e.getImmediateCastTypeRepr() and - partialPredicateCall = "CastTypeRepr()" + index = n and result = e.getCastTypeRepr() and partialPredicateCall = "CastTypeRepr()" or index = nCastTypeRepr and result = e.getImmediateSubPattern() and @@ -3364,9 +3385,7 @@ private module Impl { or index = n and result = e.getImmediateSubPattern() and partialPredicateCall = "SubPattern()" or - index = nSubPattern and - result = e.getImmediateTypeRepr() and - partialPredicateCall = "TypeRepr()" + index = nSubPattern and result = e.getTypeRepr() and partialPredicateCall = "TypeRepr()" ) ) } @@ -3419,7 +3438,7 @@ private module Impl { partialPredicateCall = "Initializer()" or index = nInitializer and - result = e.getImmediateAvailability() and + result = e.getAvailability() and partialPredicateCall = "Availability()" ) ) @@ -3445,13 +3464,13 @@ private module Impl { b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and n = bAstNode and - nElement = n + 1 + max(int i | i = -1 or exists(e.getImmediateElement(i)) | i) and + nElement = n + 1 + max(int i | i = -1 or exists(e.getElement(i)) | i) and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) or - result = e.getImmediateElement(index - n) and + result = e.getElement(index - n) and partialPredicateCall = "Element(" + (index - n).toString() + ")" ) ) @@ -3462,13 +3481,13 @@ private module Impl { b = 0 and bStmt = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfStmt(e, i, _)) | i) and n = bStmt and - nElement = n + 1 + max(int i | i = -1 or exists(e.getImmediateElement(i)) | i) and + nElement = n + 1 + max(int i | i = -1 or exists(e.getElement(i)) | i) and ( none() or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - result = e.getImmediateElement(index - n) and + result = e.getElement(index - n) and partialPredicateCall = "Element(" + (index - n).toString() + ")" ) ) @@ -3493,15 +3512,15 @@ private module Impl { bStmt = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfStmt(e, i, _)) | i) and n = bStmt and nBody = n + 1 and - nLabel = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateLabel(i)) | i) and + nLabel = nBody + 1 + max(int i | i = -1 or exists(e.getLabel(i)) | i) and ( none() or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateLabel(index - nBody) and + result = e.getLabel(index - nBody) and partialPredicateCall = "Label(" + (index - nBody).toString() + ")" ) ) @@ -3533,7 +3552,7 @@ private module Impl { or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3654,15 +3673,15 @@ private module Impl { b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLabeledStmt(e, i, _)) | i) and n = bLabeledStmt and nBody = n + 1 and - nCatch = nBody + 1 + max(int i | i = -1 or exists(e.getImmediateCatch(i)) | i) and + nCatch = nBody + 1 + max(int i | i = -1 or exists(e.getCatch(i)) | i) and ( none() or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" or - result = e.getImmediateCatch(index - nBody) and + result = e.getCatch(index - nBody) and partialPredicateCall = "Catch(" + (index - nBody).toString() + ")" ) ) @@ -3680,7 +3699,7 @@ private module Impl { or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3710,7 +3729,7 @@ private module Impl { or index = nSequence and result = e.getImmediateWhere() and partialPredicateCall = "Where()" or - index = nWhere and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nWhere and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3729,7 +3748,7 @@ private module Impl { or result = getImmediateChildOfLabeledStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateCondition() and partialPredicateCall = "Condition()" + index = n and result = e.getCondition() and partialPredicateCall = "Condition()" ) ) } @@ -3751,7 +3770,7 @@ private module Impl { or index = n and result = e.getImmediateCondition() and partialPredicateCall = "Condition()" or - index = nCondition and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = nCondition and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3763,7 +3782,7 @@ private module Impl { b + 1 + max(int i | i = -1 or exists(getImmediateChildOfLabeledStmt(e, i, _)) | i) and n = bLabeledStmt and nExpr = n + 1 and - nCase = nExpr + 1 + max(int i | i = -1 or exists(e.getImmediateCase(i)) | i) and + nCase = nExpr + 1 + max(int i | i = -1 or exists(e.getCase(i)) | i) and ( none() or @@ -3771,7 +3790,7 @@ private module Impl { or index = n and result = e.getImmediateExpr() and partialPredicateCall = "Expr()" or - result = e.getImmediateCase(index - nExpr) and + result = e.getCase(index - nExpr) and partialPredicateCall = "Case(" + (index - nExpr).toString() + ")" ) ) @@ -3790,7 +3809,7 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } @@ -3809,9 +3828,9 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateThen() and partialPredicateCall = "Then()" + index = n and result = e.getThen() and partialPredicateCall = "Then()" or - index = nThen and result = e.getImmediateElse() and partialPredicateCall = "Else()" + index = nThen and result = e.getElse() and partialPredicateCall = "Else()" ) ) } @@ -3829,20 +3848,21 @@ private module Impl { or result = getImmediateChildOfLabeledConditionalStmt(e, index - b, partialPredicateCall) or - index = n and result = e.getImmediateBody() and partialPredicateCall = "Body()" + index = n and result = e.getBody() and partialPredicateCall = "Body()" ) ) } private Element getImmediateChildOfType(Type e, int index, string partialPredicateCall) { - exists(int b, int bElement, int n | + exists(int b, int bHideableElement, int n | b = 0 and - bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and - n = bElement and + bHideableElement = + b + 1 + max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and + n = bHideableElement and ( none() or - result = getImmediateChildOfElement(e, index - b, partialPredicateCall) + result = getImmediateChildOfHideableElement(e, index - b, partialPredicateCall) ) ) } @@ -5301,7 +5321,7 @@ private module Impl { } Element resolve(Element e) { - if e instanceof Element then result = e.(Element).resolve() else result = e + if e instanceof HideableElement then result = e.(HideableElement).resolve() else result = e } } diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index dc5ddeed979..f7c127818d7 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -62,6 +62,11 @@ module Raw { predicate isSuccessfullyExtracted() { file_is_successfully_extracted(this) } } + /** + * INTERNAL: Do not use. + */ + class HideableElement extends @hideable_element, Element { } + /** * INTERNAL: Do not use. */ @@ -986,7 +991,7 @@ module Raw { * INTERNAL: Do not use. * The base class for all expressions in Swift. */ - class Expr extends @expr, AstNode { + class Expr extends @expr, AstNode, HideableElement { /** * Gets the type of this expression, if it exists. */ @@ -2353,7 +2358,7 @@ module Raw { /** * INTERNAL: Do not use. */ - class Pattern extends @pattern, AstNode { } + class Pattern extends @pattern, AstNode, HideableElement { } /** * INTERNAL: Do not use. @@ -2869,7 +2874,7 @@ module Raw { /** * INTERNAL: Do not use. */ - class Type extends @type, Element { + class Type extends @type, HideableElement { /** * Gets the name of this type. */ diff --git a/swift/ql/lib/codeql/swift/generated/Synth.qll b/swift/ql/lib/codeql/swift/generated/Synth.qll index fdbadffcd33..f79d71f84a3 100644 --- a/swift/ql/lib/codeql/swift/generated/Synth.qll +++ b/swift/ql/lib/codeql/swift/generated/Synth.qll @@ -1043,6 +1043,11 @@ module Synth { */ class TFile = TDbFile or TUnknownFile; + /** + * INTERNAL: Do not use. + */ + class THideableElement = TExpr or TPattern or TType; + /** * INTERNAL: Do not use. */ @@ -3223,11 +3228,11 @@ module Synth { or result = convertGenericContextFromRaw(e) or + result = convertHideableElementFromRaw(e) + or result = convertLocatableFromRaw(e) or result = convertLocationFromRaw(e) - or - result = convertTypeFromRaw(e) } /** @@ -3272,6 +3277,19 @@ module Synth { result = convertUnknownFileFromRaw(e) } + /** + * INTERNAL: Do not use. + * Converts a raw DB element to a synthesized `THideableElement`, if possible. + */ + cached + THideableElement convertHideableElementFromRaw(Raw::Element e) { + result = convertExprFromRaw(e) + or + result = convertPatternFromRaw(e) + or + result = convertTypeFromRaw(e) + } + /** * INTERNAL: Do not use. * Converts a raw DB element to a synthesized `TLocatable`, if possible. @@ -6028,11 +6046,11 @@ module Synth { or result = convertGenericContextToRaw(e) or + result = convertHideableElementToRaw(e) + or result = convertLocatableToRaw(e) or result = convertLocationToRaw(e) - or - result = convertTypeToRaw(e) } /** @@ -6077,6 +6095,19 @@ module Synth { result = convertUnknownFileToRaw(e) } + /** + * INTERNAL: Do not use. + * Converts a synthesized `THideableElement` to a raw DB element, if possible. + */ + cached + Raw::Element convertHideableElementToRaw(THideableElement e) { + result = convertExprToRaw(e) + or + result = convertPatternToRaw(e) + or + result = convertTypeToRaw(e) + } + /** * INTERNAL: Do not use. * Converts a synthesized `TLocatable` to a raw DB element, if possible. diff --git a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll index f2f78d9cafc..af422cbd10d 100644 --- a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll +++ b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the parent of this unspecified element, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Element getImmediateParent() { + Element getParent() { result = Synth::convertElementFromRaw(Synth::convertUnspecifiedElementToRaw(this) .(Raw::UnspecifiedElement) .getParent()) } - /** - * Gets the parent of this unspecified element, if it exists. - */ - final Element getParent() { - exists(Element immediate | - immediate = this.getImmediateParent() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getParent()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll index 0ecb0836313..b60203d43b4 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/AbstractStorageDecl.qll @@ -8,27 +8,14 @@ module Generated { class AbstractStorageDecl extends Synth::TAbstractStorageDecl, ValueDecl { /** * Gets the `index`th accessor of this abstract storage declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Accessor getImmediateAccessor(int index) { + Accessor getAccessor(int index) { result = Synth::convertAccessorFromRaw(Synth::convertAbstractStorageDeclToRaw(this) .(Raw::AbstractStorageDecl) .getAccessor(index)) } - /** - * Gets the `index`th accessor of this abstract storage declaration (0-based). - */ - final Accessor getAccessor(int index) { - exists(Accessor immediate | - immediate = this.getImmediateAccessor(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the accessors of this abstract storage declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll index 9749202fec3..d2c54edfde9 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/CapturedDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the the declaration captured by the parent closure. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDecl() { + ValueDecl getDecl() { result = Synth::convertValueDeclFromRaw(Synth::convertCapturedDeclToRaw(this) .(Raw::CapturedDecl) .getDecl()) } - /** - * Gets the the declaration captured by the parent closure. - */ - final ValueDecl getDecl() { - exists(ValueDecl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if this captured declaration is direct. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll index 33cb4ec46ca..568f9297c99 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll @@ -8,45 +8,19 @@ module Generated { class Decl extends Synth::TDecl, AstNode { /** * Gets the module of this declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateModule() { + ModuleDecl getModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertDeclToRaw(this).(Raw::Decl).getModule()) } - /** - * Gets the module of this declaration. - */ - final ModuleDecl getModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th member of this declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Decl getImmediateMember(int index) { + Decl getMember(int index) { result = Synth::convertDeclFromRaw(Synth::convertDeclToRaw(this).(Raw::Decl).getMember(index)) } - /** - * Gets the `index`th member of this declaration (0-based). - */ - final Decl getMember(int index) { - exists(Decl immediate | - immediate = this.getImmediateMember(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the members of this declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll index 59834181269..68966a3a7d3 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th element of this enum case declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement(int index) { + EnumElementDecl getElement(int index) { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumCaseDeclToRaw(this) .(Raw::EnumCaseDecl) .getElement(index)) } - /** - * Gets the `index`th element of this enum case declaration (0-based). - */ - final EnumElementDecl getElement(int index) { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the elements of this enum case declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll index 148124d0f8f..e8c68320053 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll @@ -17,27 +17,14 @@ module Generated { /** * Gets the `index`th parameter of this enum element declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertEnumElementDeclToRaw(this) .(Raw::EnumElementDecl) .getParam(index)) } - /** - * Gets the `index`th parameter of this enum element declaration (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this enum element declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll index 2863c3aca52..5fa3dd2bc3a 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll @@ -12,50 +12,24 @@ module Generated { /** * Gets the extended type declaration of this extension declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - NominalTypeDecl getImmediateExtendedTypeDecl() { + NominalTypeDecl getExtendedTypeDecl() { result = Synth::convertNominalTypeDeclFromRaw(Synth::convertExtensionDeclToRaw(this) .(Raw::ExtensionDecl) .getExtendedTypeDecl()) } - /** - * Gets the extended type declaration of this extension declaration. - */ - final NominalTypeDecl getExtendedTypeDecl() { - exists(NominalTypeDecl immediate | - immediate = this.getImmediateExtendedTypeDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th protocol of this extension declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ProtocolDecl getImmediateProtocol(int index) { + ProtocolDecl getProtocol(int index) { result = Synth::convertProtocolDeclFromRaw(Synth::convertExtensionDeclToRaw(this) .(Raw::ExtensionDecl) .getProtocol(index)) } - /** - * Gets the `index`th protocol of this extension declaration (0-based). - */ - final ProtocolDecl getProtocol(int index) { - exists(ProtocolDecl immediate | - immediate = this.getImmediateProtocol(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the protocols of this extension declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll b/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll index 4855a60fa10..ade061da641 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/GenericContext.qll @@ -8,27 +8,14 @@ module Generated { class GenericContext extends Synth::TGenericContext, Element { /** * Gets the `index`th generic type parameter of this generic context (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - GenericTypeParamDecl getImmediateGenericTypeParam(int index) { + GenericTypeParamDecl getGenericTypeParam(int index) { result = Synth::convertGenericTypeParamDeclFromRaw(Synth::convertGenericContextToRaw(this) .(Raw::GenericContext) .getGenericTypeParam(index)) } - /** - * Gets the `index`th generic type parameter of this generic context (0-based). - */ - final GenericTypeParamDecl getGenericTypeParam(int index) { - exists(GenericTypeParamDecl immediate | - immediate = this.getImmediateGenericTypeParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the generic type parameters of this generic context. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll index 23c42ea9c6c..9a93bce7540 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th active element of this if config declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AstNode getImmediateActiveElement(int index) { + AstNode getActiveElement(int index) { result = Synth::convertAstNodeFromRaw(Synth::convertIfConfigDeclToRaw(this) .(Raw::IfConfigDecl) .getActiveElement(index)) } - /** - * Gets the `index`th active element of this if config declaration (0-based). - */ - final AstNode getActiveElement(int index) { - exists(AstNode immediate | - immediate = this.getImmediateActiveElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the active elements of this if config declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll index df928494a73..8686d55c405 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ImportDecl.qll @@ -16,27 +16,14 @@ module Generated { /** * Gets the imported module of this import declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateImportedModule() { + ModuleDecl getImportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertImportDeclToRaw(this) .(Raw::ImportDecl) .getImportedModule()) } - /** - * Gets the imported module of this import declaration, if it exists. - */ - final ModuleDecl getImportedModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateImportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getImportedModule()` exists. */ @@ -44,27 +31,14 @@ module Generated { /** * Gets the `index`th declaration of this import declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateDeclaration(int index) { + ValueDecl getDeclaration(int index) { result = Synth::convertValueDeclFromRaw(Synth::convertImportDeclToRaw(this) .(Raw::ImportDecl) .getDeclaration(index)) } - /** - * Gets the `index`th declaration of this import declaration (0-based). - */ - final ValueDecl getDeclaration(int index) { - exists(ValueDecl immediate | - immediate = this.getImmediateDeclaration(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the declarations of this import declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll index e9749c13355..30649ed8ec6 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the precedence group of this infix operator declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - PrecedenceGroupDecl getImmediatePrecedenceGroup() { + PrecedenceGroupDecl getPrecedenceGroup() { result = Synth::convertPrecedenceGroupDeclFromRaw(Synth::convertInfixOperatorDeclToRaw(this) .(Raw::InfixOperatorDecl) .getPrecedenceGroup()) } - /** - * Gets the precedence group of this infix operator declaration, if it exists. - */ - final PrecedenceGroupDecl getPrecedenceGroup() { - exists(PrecedenceGroupDecl immediate | - immediate = this.getImmediatePrecedenceGroup() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPrecedenceGroup()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll index 3fc71350932..6654dfd4e49 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ModuleDecl.qll @@ -24,28 +24,14 @@ module Generated { /** * Gets the `index`th imported module of this module declaration (0-based). *Gets any of the imported modules of this module declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getAnImmediateImportedModule() { + ModuleDecl getAnImportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleDeclToRaw(this) .(Raw::ModuleDecl) .getAnImportedModule()) } - /** - * Gets the `index`th imported module of this module declaration (0-based). - *Gets any of the imported modules of this module declaration. - */ - final ModuleDecl getAnImportedModule() { - exists(ModuleDecl immediate | - immediate = this.getAnImmediateImportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the number of imported modules of this module declaration. */ @@ -54,28 +40,14 @@ module Generated { /** * Gets the `index`th exported module of this module declaration (0-based). *Gets any of the exported modules of this module declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getAnImmediateExportedModule() { + ModuleDecl getAnExportedModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleDeclToRaw(this) .(Raw::ModuleDecl) .getAnExportedModule()) } - /** - * Gets the `index`th exported module of this module declaration (0-based). - *Gets any of the exported modules of this module declaration. - */ - final ModuleDecl getAnExportedModule() { - exists(ModuleDecl immediate | - immediate = this.getAnImmediateExportedModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the number of exported modules of this module declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll index b007e2b1b52..5f9543d3ab7 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll @@ -25,7 +25,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll index 33eaec9bc2e..e815fe5561a 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll @@ -22,27 +22,14 @@ module Generated { /** * Gets the naming declaration of this opaque type declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediateNamingDeclaration() { + ValueDecl getNamingDeclaration() { result = Synth::convertValueDeclFromRaw(Synth::convertOpaqueTypeDeclToRaw(this) .(Raw::OpaqueTypeDecl) .getNamingDeclaration()) } - /** - * Gets the naming declaration of this opaque type declaration. - */ - final ValueDecl getNamingDeclaration() { - exists(ValueDecl immediate | - immediate = this.getImmediateNamingDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th opaque generic parameter of this opaque type declaration (0-based). * @@ -62,7 +49,7 @@ module Generated { final GenericTypeParamType getOpaqueGenericParam(int index) { exists(GenericTypeParamType immediate | immediate = this.getImmediateOpaqueGenericParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll index 99f80d18772..da45ffbeb2e 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ParamDecl.qll @@ -16,29 +16,16 @@ module Generated { /** * Gets the property wrapper local wrapped variable binding of this parameter declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper local wrapped projection + * variable for this variable, if any. */ - PatternBindingDecl getImmediatePropertyWrapperLocalWrappedVarBinding() { + PatternBindingDecl getPropertyWrapperLocalWrappedVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertParamDeclToRaw(this) .(Raw::ParamDecl) .getPropertyWrapperLocalWrappedVarBinding()) } - /** - * Gets the property wrapper local wrapped variable binding of this parameter declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper local wrapped projection - * variable for this variable, if any. - */ - final PatternBindingDecl getPropertyWrapperLocalWrappedVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperLocalWrappedVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperLocalWrappedVarBinding()` exists. */ @@ -49,29 +36,16 @@ module Generated { /** * Gets the property wrapper local wrapped variable of this parameter declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized local wrapped value, shadowing this parameter declaration in case it + * has a property wrapper. */ - VarDecl getImmediatePropertyWrapperLocalWrappedVar() { + VarDecl getPropertyWrapperLocalWrappedVar() { result = Synth::convertVarDeclFromRaw(Synth::convertParamDeclToRaw(this) .(Raw::ParamDecl) .getPropertyWrapperLocalWrappedVar()) } - /** - * Gets the property wrapper local wrapped variable of this parameter declaration, if it exists. - * - * This is the synthesized local wrapped value, shadowing this parameter declaration in case it - * has a property wrapper. - */ - final VarDecl getPropertyWrapperLocalWrappedVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperLocalWrappedVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperLocalWrappedVar()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll index 00ca18b1185..290803257bd 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/PatternBindingDecl.qll @@ -28,7 +28,7 @@ module Generated { final Expr getInit(int index) { exists(Expr immediate | immediate = this.getImmediateInit(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -61,7 +61,7 @@ module Generated { final Pattern getPattern(int index) { exists(Pattern immediate | immediate = this.getImmediatePattern(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll index fe7cfaf701f..3c5a663ce72 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/PoundDiagnosticDecl.qll @@ -39,7 +39,7 @@ module Generated { final StringLiteralExpr getMessage() { exists(StringLiteralExpr immediate | immediate = this.getImmediateMessage() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll index a6fe783be42..b6e7f963d6d 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/SubscriptDecl.qll @@ -12,27 +12,14 @@ module Generated { /** * Gets the `index`th parameter of this subscript declaration (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam(int index) { + ParamDecl getParam(int index) { result = Synth::convertParamDeclFromRaw(Synth::convertSubscriptDeclToRaw(this) .(Raw::SubscriptDecl) .getParam(index)) } - /** - * Gets the `index`th parameter of this subscript declaration (0-based). - */ - final ParamDecl getParam(int index) { - exists(ParamDecl immediate | - immediate = this.getImmediateParam(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the parameters of this subscript declaration. */ @@ -62,7 +49,7 @@ module Generated { final Type getElementType() { exists(Type immediate | immediate = this.getImmediateElementType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll index d53c5ec5e3f..9af4944bd3d 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TopLevelCodeDecl.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the body of this top level code declaration. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertTopLevelCodeDeclToRaw(this) .(Raw::TopLevelCodeDecl) .getBody()) } - - /** - * Gets the body of this top level code declaration. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll index d0e7fa1164d..e35b6895874 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TypeAliasDecl.qll @@ -38,7 +38,7 @@ module Generated { final Type getAliasedType() { exists(Type immediate | immediate = this.getImmediateAliasedType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll index 7a70183bac1..bae701326d2 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll @@ -30,7 +30,7 @@ module Generated { final Type getBaseType(int index) { exists(Type immediate | immediate = this.getImmediateBaseType(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll index 237d668eade..026e410b569 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/ValueDecl.qll @@ -25,7 +25,7 @@ module Generated { final Type getInterfaceType() { exists(Type immediate | immediate = this.getImmediateInterfaceType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll index 86f91c9d128..6d72f5bd4ed 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/VarDecl.qll @@ -48,7 +48,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -71,7 +71,7 @@ module Generated { final Type getAttachedPropertyWrapperType() { exists(Type immediate | immediate = this.getImmediateAttachedPropertyWrapperType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -101,7 +101,7 @@ module Generated { final Pattern getParentPattern() { exists(Pattern immediate | immediate = this.getImmediateParentPattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -129,7 +129,7 @@ module Generated { final Expr getParentInitializer() { exists(Expr immediate | immediate = this.getImmediateParentInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -141,29 +141,16 @@ module Generated { /** * Gets the property wrapper backing variable binding of this variable declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper backing variable for this + * variable, if any. See `getPropertyWrapperBackingVar`. */ - PatternBindingDecl getImmediatePropertyWrapperBackingVarBinding() { + PatternBindingDecl getPropertyWrapperBackingVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertVarDeclToRaw(this) .(Raw::VarDecl) .getPropertyWrapperBackingVarBinding()) } - /** - * Gets the property wrapper backing variable binding of this variable declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper backing variable for this - * variable, if any. See `getPropertyWrapperBackingVar`. - */ - final PatternBindingDecl getPropertyWrapperBackingVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperBackingVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperBackingVarBinding()` exists. */ @@ -171,19 +158,6 @@ module Generated { exists(this.getPropertyWrapperBackingVarBinding()) } - /** - * Gets the property wrapper backing variable of this variable declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - VarDecl getImmediatePropertyWrapperBackingVar() { - result = - Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) - .(Raw::VarDecl) - .getPropertyWrapperBackingVar()) - } - /** * Gets the property wrapper backing variable of this variable declaration, if it exists. * @@ -203,11 +177,11 @@ module Generated { * ``` * This predicate returns such variable declaration. */ - final VarDecl getPropertyWrapperBackingVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperBackingVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + VarDecl getPropertyWrapperBackingVar() { + result = + Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) + .(Raw::VarDecl) + .getPropertyWrapperBackingVar()) } /** @@ -218,29 +192,16 @@ module Generated { /** * Gets the property wrapper projection variable binding of this variable declaration, if it exists. * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. + * This is the synthesized binding introducing the property wrapper projection variable for this + * variable, if any. See `getPropertyWrapperProjectionVar`. */ - PatternBindingDecl getImmediatePropertyWrapperProjectionVarBinding() { + PatternBindingDecl getPropertyWrapperProjectionVarBinding() { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertVarDeclToRaw(this) .(Raw::VarDecl) .getPropertyWrapperProjectionVarBinding()) } - /** - * Gets the property wrapper projection variable binding of this variable declaration, if it exists. - * - * This is the synthesized binding introducing the property wrapper projection variable for this - * variable, if any. See `getPropertyWrapperProjectionVar`. - */ - final PatternBindingDecl getPropertyWrapperProjectionVarBinding() { - exists(PatternBindingDecl immediate | - immediate = this.getImmediatePropertyWrapperProjectionVarBinding() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getPropertyWrapperProjectionVarBinding()` exists. */ @@ -248,19 +209,6 @@ module Generated { exists(this.getPropertyWrapperProjectionVarBinding()) } - /** - * Gets the property wrapper projection variable of this variable declaration, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. - */ - VarDecl getImmediatePropertyWrapperProjectionVar() { - result = - Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) - .(Raw::VarDecl) - .getPropertyWrapperProjectionVar()) - } - /** * Gets the property wrapper projection variable of this variable declaration, if it exists. * @@ -286,11 +234,11 @@ module Generated { * ``` * This predicate returns such variable declaration. */ - final VarDecl getPropertyWrapperProjectionVar() { - exists(VarDecl immediate | - immediate = this.getImmediatePropertyWrapperProjectionVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) + VarDecl getPropertyWrapperProjectionVar() { + result = + Synth::convertVarDeclFromRaw(Synth::convertVarDeclToRaw(this) + .(Raw::VarDecl) + .getPropertyWrapperProjectionVar()) } /** diff --git a/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll index 3ee26f38f89..1710534e9a6 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/AppliedPropertyWrapperExpr.qll @@ -50,25 +50,12 @@ module Generated { /** * Gets the parameter declaration owning this wrapper application. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParam() { + ParamDecl getParam() { result = Synth::convertParamDeclFromRaw(Synth::convertAppliedPropertyWrapperExprToRaw(this) .(Raw::AppliedPropertyWrapperExpr) .getParam()) } - - /** - * Gets the parameter declaration owning this wrapper application. - */ - final ParamDecl getParam() { - exists(ParamDecl immediate | - immediate = this.getImmediateParam() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll index 6529ca4882a..01aabf3ef17 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ApplyExpr.qll @@ -29,27 +29,14 @@ module Generated { /** * Gets the `index`th argument passed to the applied function (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertApplyExprToRaw(this) .(Raw::ApplyExpr) .getArgument(index)) } - /** - * Gets the `index`th argument passed to the applied function (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments passed to the applied function. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/Argument.qll b/swift/ql/lib/codeql/swift/generated/expr/Argument.qll index 3040a549ec9..16b8da0887f 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/Argument.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/Argument.qll @@ -30,7 +30,7 @@ module Generated { final Expr getExpr() { exists(Expr immediate | immediate = this.getImmediateExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll index b3a6653ce77..521eb9f074d 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/CaptureListExpr.qll @@ -11,27 +11,14 @@ module Generated { /** * Gets the `index`th binding declaration of this capture list expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - PatternBindingDecl getImmediateBindingDecl(int index) { + PatternBindingDecl getBindingDecl(int index) { result = Synth::convertPatternBindingDeclFromRaw(Synth::convertCaptureListExprToRaw(this) .(Raw::CaptureListExpr) .getBindingDecl(index)) } - /** - * Gets the `index`th binding declaration of this capture list expression (0-based). - */ - final PatternBindingDecl getBindingDecl(int index) { - exists(PatternBindingDecl immediate | - immediate = this.getImmediateBindingDecl(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the binding declarations of this capture list expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll index 6aa2c0522f5..0f8bef8745a 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/DeclRefExpr.qll @@ -11,25 +11,12 @@ module Generated { /** * Gets the declaration of this declaration reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Decl getImmediateDecl() { + Decl getDecl() { result = Synth::convertDeclFromRaw(Synth::convertDeclRefExprToRaw(this).(Raw::DeclRefExpr).getDecl()) } - /** - * Gets the declaration of this declaration reference expression. - */ - final Decl getDecl() { - exists(Decl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th replacement type of this declaration reference expression (0-based). * diff --git a/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll index e457353ada4..23f791afff8 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/DefaultArgumentExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the parameter declaration of this default argument expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ParamDecl getImmediateParamDecl() { + ParamDecl getParamDecl() { result = Synth::convertParamDeclFromRaw(Synth::convertDefaultArgumentExprToRaw(this) .(Raw::DefaultArgumentExpr) .getParamDecl()) } - /** - * Gets the parameter declaration of this default argument expression. - */ - final ParamDecl getParamDecl() { - exists(ParamDecl immediate | - immediate = this.getImmediateParamDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the parameter index of this default argument expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll index 0ec0a3275dd..146c769f2a1 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/EnumIsCaseExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the element of this enum is case expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement() { + EnumElementDecl getElement() { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumIsCaseExprToRaw(this) .(Raw::EnumIsCaseExpr) .getElement()) } - - /** - * Gets the element of this enum is case expression. - */ - final EnumElementDecl getElement() { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/Expr.qll b/swift/ql/lib/codeql/swift/generated/expr/Expr.qll index dad004bc2bd..6f488acbe59 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/Expr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/Expr.qll @@ -2,13 +2,14 @@ private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw import codeql.swift.elements.AstNode +import codeql.swift.elements.HideableElement import codeql.swift.elements.type.Type module Generated { /** * The base class for all expressions in Swift. */ - class Expr extends Synth::TExpr, AstNode { + class Expr extends Synth::TExpr, AstNode, HideableElement { /** * Gets the type of this expression, if it exists. * diff --git a/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll index a74a289cf83..cd1d20d37aa 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/KeyPathExpr.qll @@ -14,27 +14,14 @@ module Generated { /** * Gets the root of this key path expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateRoot() { + TypeRepr getRoot() { result = Synth::convertTypeReprFromRaw(Synth::convertKeyPathExprToRaw(this) .(Raw::KeyPathExpr) .getRoot()) } - /** - * Gets the root of this key path expression, if it exists. - */ - final TypeRepr getRoot() { - exists(TypeRepr immediate | - immediate = this.getImmediateRoot() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getRoot()` exists. */ @@ -42,27 +29,14 @@ module Generated { /** * Gets the `index`th component of this key path expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - KeyPathComponent getImmediateComponent(int index) { + KeyPathComponent getComponent(int index) { result = Synth::convertKeyPathComponentFromRaw(Synth::convertKeyPathExprToRaw(this) .(Raw::KeyPathExpr) .getComponent(index)) } - /** - * Gets the `index`th component of this key path expression (0-based). - */ - final KeyPathComponent getComponent(int index) { - exists(KeyPathComponent immediate | - immediate = this.getImmediateComponent(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the components of this key path expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll index a2d5edccbff..496312312fc 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/LookupExpr.qll @@ -29,25 +29,12 @@ module Generated { /** * Gets the member of this lookup expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Decl getImmediateMember() { + Decl getMember() { result = Synth::convertDeclFromRaw(Synth::convertLookupExprToRaw(this).(Raw::LookupExpr).getMember()) } - /** - * Gets the member of this lookup expression, if it exists. - */ - final Decl getMember() { - exists(Decl immediate | - immediate = this.getImmediateMember() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getMember()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll index 1a19498c020..8445d13227e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the method of this obj c selector expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Function getImmediateMethod() { + Function getMethod() { result = Synth::convertFunctionFromRaw(Synth::convertObjCSelectorExprToRaw(this) .(Raw::ObjCSelectorExpr) .getMethod()) } - - /** - * Gets the method of this obj c selector expression. - */ - final Function getMethod() { - exists(Function immediate | - immediate = this.getImmediateMethod() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll index adbc4cb3f34..57aaae68bb5 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll @@ -22,27 +22,14 @@ module Generated { /** * Gets the `index`th argument of this object literal expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertObjectLiteralExprToRaw(this) .(Raw::ObjectLiteralExpr) .getArgument(index)) } - /** - * Gets the `index`th argument of this object literal expression (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments of this object literal expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll index cf66c7d3c79..674f5a217e7 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the initializer of this other initializer reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Initializer getImmediateInitializer() { + Initializer getInitializer() { result = Synth::convertInitializerFromRaw(Synth::convertOtherInitializerRefExprToRaw(this) .(Raw::OtherInitializerRefExpr) .getInitializer()) } - - /** - * Gets the initializer of this other initializer reference expression. - */ - final Initializer getInitializer() { - exists(Initializer immediate | - immediate = this.getImmediateInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll index 8a923e918f7..c13924bba35 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OverloadedDeclRefExpr.qll @@ -15,27 +15,14 @@ module Generated { /** * Gets the `index`th possible declaration of this overloaded declaration reference expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ValueDecl getImmediatePossibleDeclaration(int index) { + ValueDecl getPossibleDeclaration(int index) { result = Synth::convertValueDeclFromRaw(Synth::convertOverloadedDeclRefExprToRaw(this) .(Raw::OverloadedDeclRefExpr) .getPossibleDeclaration(index)) } - /** - * Gets the `index`th possible declaration of this overloaded declaration reference expression (0-based). - */ - final ValueDecl getPossibleDeclaration(int index) { - exists(ValueDecl immediate | - immediate = this.getImmediatePossibleDeclaration(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the possible declarations of this overloaded declaration reference expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll index 6a2c298e360..fa8bc92876e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/RebindSelfInInitializerExpr.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the self of this rebind self in initializer expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateSelf() { + VarDecl getSelf() { result = Synth::convertVarDeclFromRaw(Synth::convertRebindSelfInInitializerExprToRaw(this) .(Raw::RebindSelfInInitializerExpr) .getSelf()) } - - /** - * Gets the self of this rebind self in initializer expression. - */ - final VarDecl getSelf() { - exists(VarDecl immediate | - immediate = this.getImmediateSelf() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll index 8e9734917b7..561383ff57e 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/SubscriptExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th argument of this subscript expression (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Argument getImmediateArgument(int index) { + Argument getArgument(int index) { result = Synth::convertArgumentFromRaw(Synth::convertSubscriptExprToRaw(this) .(Raw::SubscriptExpr) .getArgument(index)) } - /** - * Gets the `index`th argument of this subscript expression (0-based). - */ - final Argument getArgument(int index) { - exists(Argument immediate | - immediate = this.getImmediateArgument(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the arguments of this subscript expression. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll index 5058db3f175..9731b002eef 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/SuperRefExpr.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the self of this super reference expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateSelf() { + VarDecl getSelf() { result = Synth::convertVarDeclFromRaw(Synth::convertSuperRefExprToRaw(this) .(Raw::SuperRefExpr) .getSelf()) } - - /** - * Gets the self of this super reference expression. - */ - final VarDecl getSelf() { - exists(VarDecl immediate | - immediate = this.getImmediateSelf() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll index 0132d9363f3..596a565115a 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/TapExpr.qll @@ -37,44 +37,18 @@ module Generated { /** * Gets the body of this tap expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertTapExprToRaw(this).(Raw::TapExpr).getBody()) } - /** - * Gets the body of this tap expression. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the variable of this tap expression. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateVar() { + VarDecl getVar() { result = Synth::convertVarDeclFromRaw(Synth::convertTapExprToRaw(this).(Raw::TapExpr).getVar()) } - - /** - * Gets the variable of this tap expression. - */ - final VarDecl getVar() { - exists(VarDecl immediate | - immediate = this.getImmediateVar() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll index 96fb7141531..d070555e6a6 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/TypeExpr.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the type representation of this type expression, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateTypeRepr() { + TypeRepr getTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertTypeExprToRaw(this) .(Raw::TypeExpr) .getTypeRepr()) } - /** - * Gets the type representation of this type expression, if it exists. - */ - final TypeRepr getTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll index bbed4615ce1..b6ef3dd514e 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/EnumElementPattern.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the element of this enum element pattern. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - EnumElementDecl getImmediateElement() { + EnumElementDecl getElement() { result = Synth::convertEnumElementDeclFromRaw(Synth::convertEnumElementPatternToRaw(this) .(Raw::EnumElementPattern) .getElement()) } - /** - * Gets the element of this enum element pattern. - */ - final EnumElementDecl getElement() { - exists(EnumElementDecl immediate | - immediate = this.getImmediateElement() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the sub pattern of this enum element pattern, if it exists. * diff --git a/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll index 7864297866c..a0fffd05155 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/IsPattern.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the cast type representation of this is pattern, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateCastTypeRepr() { + TypeRepr getCastTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertIsPatternToRaw(this) .(Raw::IsPattern) .getCastTypeRepr()) } - /** - * Gets the cast type representation of this is pattern, if it exists. - */ - final TypeRepr getCastTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateCastTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getCastTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll index 5c795e45107..5ba24c9fcda 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll @@ -2,7 +2,8 @@ private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw import codeql.swift.elements.AstNode +import codeql.swift.elements.HideableElement module Generated { - class Pattern extends Synth::TPattern, AstNode { } + class Pattern extends Synth::TPattern, AstNode, HideableElement { } } diff --git a/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll index 2570eca03f8..40a7884bd31 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/TypedPattern.qll @@ -33,27 +33,14 @@ module Generated { /** * Gets the type representation of this typed pattern, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeRepr getImmediateTypeRepr() { + TypeRepr getTypeRepr() { result = Synth::convertTypeReprFromRaw(Synth::convertTypedPatternToRaw(this) .(Raw::TypedPattern) .getTypeRepr()) } - /** - * Gets the type representation of this typed pattern, if it exists. - */ - final TypeRepr getTypeRepr() { - exists(TypeRepr immediate | - immediate = this.getImmediateTypeRepr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTypeRepr()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll index 08cc9c6ce2b..360366dcaa3 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th element of this brace statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AstNode getImmediateElement(int index) { + AstNode getElement(int index) { result = Synth::convertAstNodeFromRaw(Synth::convertBraceStmtToRaw(this) .(Raw::BraceStmt) .getElement(index)) } - /** - * Gets the `index`th element of this brace statement (0-based). - */ - final AstNode getElement(int index) { - exists(AstNode immediate | - immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the elements of this brace statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll index f9adaeb9ddb..2c8de492f08 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/BreakStmt.qll @@ -21,25 +21,12 @@ module Generated { /** * Gets the target of this break statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateTarget() { + Stmt getTarget() { result = Synth::convertStmtFromRaw(Synth::convertBreakStmtToRaw(this).(Raw::BreakStmt).getTarget()) } - /** - * Gets the target of this break statement, if it exists. - */ - final Stmt getTarget() { - exists(Stmt immediate | - immediate = this.getImmediateTarget() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTarget()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll b/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll index b69e392cc1e..c27e1ed893b 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/CaseLabelItem.qll @@ -28,7 +28,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -51,7 +51,7 @@ module Generated { final Expr getGuard() { exists(Expr immediate | immediate = this.getImmediateGuard() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll index e39ba24d48c..d0c2db1d752 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/CaseStmt.qll @@ -11,48 +11,22 @@ module Generated { /** * Gets the body of this case statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertCaseStmtToRaw(this).(Raw::CaseStmt).getBody()) } - /** - * Gets the body of this case statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th label of this case statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseLabelItem getImmediateLabel(int index) { + CaseLabelItem getLabel(int index) { result = Synth::convertCaseLabelItemFromRaw(Synth::convertCaseStmtToRaw(this) .(Raw::CaseStmt) .getLabel(index)) } - /** - * Gets the `index`th label of this case statement (0-based). - */ - final CaseLabelItem getLabel(int index) { - exists(CaseLabelItem immediate | - immediate = this.getImmediateLabel(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the labels of this case statement. */ @@ -65,27 +39,14 @@ module Generated { /** * Gets the `index`th variable of this case statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - VarDecl getImmediateVariable(int index) { + VarDecl getVariable(int index) { result = Synth::convertVarDeclFromRaw(Synth::convertCaseStmtToRaw(this) .(Raw::CaseStmt) .getVariable(index)) } - /** - * Gets the `index`th variable of this case statement (0-based). - */ - final VarDecl getVariable(int index) { - exists(VarDecl immediate | - immediate = this.getImmediateVariable(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the variables of this case statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll b/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll index 2eddaa245e7..6555c537e30 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ConditionElement.qll @@ -29,7 +29,7 @@ module Generated { final Expr getBoolean() { exists(Expr immediate | immediate = this.getImmediateBoolean() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -57,7 +57,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -85,7 +85,7 @@ module Generated { final Expr getInitializer() { exists(Expr immediate | immediate = this.getImmediateInitializer() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -96,27 +96,14 @@ module Generated { /** * Gets the availability of this condition element, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AvailabilityInfo getImmediateAvailability() { + AvailabilityInfo getAvailability() { result = Synth::convertAvailabilityInfoFromRaw(Synth::convertConditionElementToRaw(this) .(Raw::ConditionElement) .getAvailability()) } - /** - * Gets the availability of this condition element, if it exists. - */ - final AvailabilityInfo getAvailability() { - exists(AvailabilityInfo immediate | - immediate = this.getImmediateAvailability() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getAvailability()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll index d247f507d9a..617c903dc52 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ContinueStmt.qll @@ -21,27 +21,14 @@ module Generated { /** * Gets the target of this continue statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateTarget() { + Stmt getTarget() { result = Synth::convertStmtFromRaw(Synth::convertContinueStmtToRaw(this) .(Raw::ContinueStmt) .getTarget()) } - /** - * Gets the target of this continue statement, if it exists. - */ - final Stmt getTarget() { - exists(Stmt immediate | - immediate = this.getImmediateTarget() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getTarget()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll index 21da3aa706c..17cf8f07db0 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DeferStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this defer statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertDeferStmtToRaw(this).(Raw::DeferStmt).getBody()) } - - /** - * Gets the body of this defer statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll index 180c4103841..51639d9289c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DoCatchStmt.qll @@ -11,48 +11,22 @@ module Generated { /** * Gets the body of this do catch statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertDoCatchStmtToRaw(this).(Raw::DoCatchStmt).getBody()) } - /** - * Gets the body of this do catch statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the `index`th catch of this do catch statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateCatch(int index) { + CaseStmt getCatch(int index) { result = Synth::convertCaseStmtFromRaw(Synth::convertDoCatchStmtToRaw(this) .(Raw::DoCatchStmt) .getCatch(index)) } - /** - * Gets the `index`th catch of this do catch statement (0-based). - */ - final CaseStmt getCatch(int index) { - exists(CaseStmt immediate | - immediate = this.getImmediateCatch(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the catches of this do catch statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll index b4661b21d8e..b77a310de90 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/DoStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this do statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertDoStmtToRaw(this).(Raw::DoStmt).getBody()) } - - /** - * Gets the body of this do statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll index 20fadcc91f3..e9e05ea4c9a 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/FallthroughStmt.qll @@ -10,48 +10,22 @@ module Generated { /** * Gets the fallthrough source of this fallthrough statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateFallthroughSource() { + CaseStmt getFallthroughSource() { result = Synth::convertCaseStmtFromRaw(Synth::convertFallthroughStmtToRaw(this) .(Raw::FallthroughStmt) .getFallthroughSource()) } - /** - * Gets the fallthrough source of this fallthrough statement. - */ - final CaseStmt getFallthroughSource() { - exists(CaseStmt immediate | - immediate = this.getImmediateFallthroughSource() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the fallthrough dest of this fallthrough statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateFallthroughDest() { + CaseStmt getFallthroughDest() { result = Synth::convertCaseStmtFromRaw(Synth::convertFallthroughStmtToRaw(this) .(Raw::FallthroughStmt) .getFallthroughDest()) } - - /** - * Gets the fallthrough dest of this fallthrough statement. - */ - final CaseStmt getFallthroughDest() { - exists(CaseStmt immediate | - immediate = this.getImmediateFallthroughDest() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll index fccf5f3ed3b..ad5422a7ec0 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ForEachStmt.qll @@ -29,7 +29,7 @@ module Generated { final Pattern getPattern() { exists(Pattern immediate | immediate = this.getImmediatePattern() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -52,7 +52,7 @@ module Generated { final Expr getSequence() { exists(Expr immediate | immediate = this.getImmediateSequence() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -73,7 +73,7 @@ module Generated { final Expr getWhere() { exists(Expr immediate | immediate = this.getImmediateWhere() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } @@ -84,25 +84,12 @@ module Generated { /** * Gets the body of this for each statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertForEachStmtToRaw(this) .(Raw::ForEachStmt) .getBody()) } - - /** - * Gets the body of this for each statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll index 53d1a8a54aa..01989e827df 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/GuardStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this guard statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - BraceStmt getImmediateBody() { + BraceStmt getBody() { result = Synth::convertBraceStmtFromRaw(Synth::convertGuardStmtToRaw(this).(Raw::GuardStmt).getBody()) } - - /** - * Gets the body of this guard statement. - */ - final BraceStmt getBody() { - exists(BraceStmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll index 1f0ad8717cd..1c33e2383df 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/IfStmt.qll @@ -10,44 +10,18 @@ module Generated { /** * Gets the then of this if statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateThen() { + Stmt getThen() { result = Synth::convertStmtFromRaw(Synth::convertIfStmtToRaw(this).(Raw::IfStmt).getThen()) } - /** - * Gets the then of this if statement. - */ - final Stmt getThen() { - exists(Stmt immediate | - immediate = this.getImmediateThen() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets the else of this if statement, if it exists. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateElse() { + Stmt getElse() { result = Synth::convertStmtFromRaw(Synth::convertIfStmtToRaw(this).(Raw::IfStmt).getElse()) } - /** - * Gets the else of this if statement, if it exists. - */ - final Stmt getElse() { - exists(Stmt immediate | - immediate = this.getImmediateElse() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Holds if `getElse()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll index 41f728962bd..e2796dffb82 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/LabeledConditionalStmt.qll @@ -8,25 +8,12 @@ module Generated { class LabeledConditionalStmt extends Synth::TLabeledConditionalStmt, LabeledStmt { /** * Gets the condition of this labeled conditional statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - StmtCondition getImmediateCondition() { + StmtCondition getCondition() { result = Synth::convertStmtConditionFromRaw(Synth::convertLabeledConditionalStmtToRaw(this) .(Raw::LabeledConditionalStmt) .getCondition()) } - - /** - * Gets the condition of this labeled conditional statement. - */ - final StmtCondition getCondition() { - exists(StmtCondition immediate | - immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll index b2f9624447e..a38be8e4b18 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/PoundAssertStmt.qll @@ -27,7 +27,7 @@ module Generated { final Expr getCondition() { exists(Expr immediate | immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll index 2f4ada62ccf..a9b9c606f0e 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/RepeatWhileStmt.qll @@ -28,31 +28,18 @@ module Generated { final Expr getCondition() { exists(Expr immediate | immediate = this.getImmediateCondition() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } /** * Gets the body of this repeat while statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertRepeatWhileStmtToRaw(this) .(Raw::RepeatWhileStmt) .getBody()) } - - /** - * Gets the body of this repeat while statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll index c37671aba34..8e9d421da46 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ReturnStmt.qll @@ -25,7 +25,7 @@ module Generated { final Expr getResult() { exists(Expr immediate | immediate = this.getImmediateResult() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll b/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll index 1be4eaf361a..6ba5e85f0b4 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/StmtCondition.qll @@ -10,27 +10,14 @@ module Generated { /** * Gets the `index`th element of this statement condition (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ConditionElement getImmediateElement(int index) { + ConditionElement getElement(int index) { result = Synth::convertConditionElementFromRaw(Synth::convertStmtConditionToRaw(this) .(Raw::StmtCondition) .getElement(index)) } - /** - * Gets the `index`th element of this statement condition (0-based). - */ - final ConditionElement getElement(int index) { - exists(ConditionElement immediate | - immediate = this.getImmediateElement(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the elements of this statement condition. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll index 819be668d5c..9cfc7cfb2d2 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/SwitchStmt.qll @@ -26,33 +26,20 @@ module Generated { final Expr getExpr() { exists(Expr immediate | immediate = this.getImmediateExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } /** * Gets the `index`th case of this switch statement (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - CaseStmt getImmediateCase(int index) { + CaseStmt getCase(int index) { result = Synth::convertCaseStmtFromRaw(Synth::convertSwitchStmtToRaw(this) .(Raw::SwitchStmt) .getCase(index)) } - /** - * Gets the `index`th case of this switch statement (0-based). - */ - final CaseStmt getCase(int index) { - exists(CaseStmt immediate | - immediate = this.getImmediateCase(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the cases of this switch statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll index fd6c6920b00..294e7ed5bb8 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/ThrowStmt.qll @@ -25,7 +25,7 @@ module Generated { final Expr getSubExpr() { exists(Expr immediate | immediate = this.getImmediateSubExpr() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll index 0482887cc57..3ed59b4cc3c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/WhileStmt.qll @@ -10,23 +10,10 @@ module Generated { /** * Gets the body of this while statement. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - Stmt getImmediateBody() { + Stmt getBody() { result = Synth::convertStmtFromRaw(Synth::convertWhileStmtToRaw(this).(Raw::WhileStmt).getBody()) } - - /** - * Gets the body of this while statement. - */ - final Stmt getBody() { - exists(Stmt immediate | - immediate = this.getImmediateBody() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll index df8b51cb2c4..31a691ba91c 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/YieldStmt.qll @@ -27,7 +27,7 @@ module Generated { final Expr getResult(int index) { exists(Expr immediate | immediate = this.getImmediateResult(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } diff --git a/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll b/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll index 3cb6fe2786c..57a0ace8b58 100644 --- a/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/AnyGenericType.qll @@ -36,25 +36,12 @@ module Generated { /** * Gets the declaration of this any generic type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - GenericTypeDecl getImmediateDeclaration() { + GenericTypeDecl getDeclaration() { result = Synth::convertGenericTypeDeclFromRaw(Synth::convertAnyGenericTypeToRaw(this) .(Raw::AnyGenericType) .getDeclaration()) } - - /** - * Gets the declaration of this any generic type. - */ - final GenericTypeDecl getDeclaration() { - exists(GenericTypeDecl immediate | - immediate = this.getImmediateDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll b/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll index 7d907166dcf..2128967a8f8 100644 --- a/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/ArchetypeType.qll @@ -60,27 +60,14 @@ module Generated { /** * Gets the `index`th protocol of this archetype type (0-based). - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ProtocolDecl getImmediateProtocol(int index) { + ProtocolDecl getProtocol(int index) { result = Synth::convertProtocolDeclFromRaw(Synth::convertArchetypeTypeToRaw(this) .(Raw::ArchetypeType) .getProtocol(index)) } - /** - * Gets the `index`th protocol of this archetype type (0-based). - */ - final ProtocolDecl getProtocol(int index) { - exists(ProtocolDecl immediate | - immediate = this.getImmediateProtocol(index) and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } - /** * Gets any of the protocols of this archetype type. */ diff --git a/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll b/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll index 007748ae2c4..8192ed17213 100644 --- a/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/DependentMemberType.qll @@ -33,25 +33,12 @@ module Generated { /** * Gets the associated type declaration of this dependent member type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - AssociatedTypeDecl getImmediateAssociatedTypeDecl() { + AssociatedTypeDecl getAssociatedTypeDecl() { result = Synth::convertAssociatedTypeDeclFromRaw(Synth::convertDependentMemberTypeToRaw(this) .(Raw::DependentMemberType) .getAssociatedTypeDecl()) } - - /** - * Gets the associated type declaration of this dependent member type. - */ - final AssociatedTypeDecl getAssociatedTypeDecl() { - exists(AssociatedTypeDecl immediate | - immediate = this.getImmediateAssociatedTypeDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll b/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll index e43a1107533..6303b4df206 100644 --- a/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/ModuleType.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the module of this module type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - ModuleDecl getImmediateModule() { + ModuleDecl getModule() { result = Synth::convertModuleDeclFromRaw(Synth::convertModuleTypeToRaw(this) .(Raw::ModuleType) .getModule()) } - - /** - * Gets the module of this module type. - */ - final ModuleDecl getModule() { - exists(ModuleDecl immediate | - immediate = this.getImmediateModule() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll b/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll index b503969d8ab..520c7785287 100644 --- a/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/OpaqueTypeArchetypeType.qll @@ -15,25 +15,12 @@ module Generated { /** * Gets the declaration of this opaque type archetype type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - OpaqueTypeDecl getImmediateDeclaration() { + OpaqueTypeDecl getDeclaration() { result = Synth::convertOpaqueTypeDeclFromRaw(Synth::convertOpaqueTypeArchetypeTypeToRaw(this) .(Raw::OpaqueTypeArchetypeType) .getDeclaration()) } - - /** - * Gets the declaration of this opaque type archetype type. - */ - final OpaqueTypeDecl getDeclaration() { - exists(OpaqueTypeDecl immediate | - immediate = this.getImmediateDeclaration() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/Type.qll b/swift/ql/lib/codeql/swift/generated/type/Type.qll index a3074fdd4d3..7f09e7d7e94 100644 --- a/swift/ql/lib/codeql/swift/generated/type/Type.qll +++ b/swift/ql/lib/codeql/swift/generated/type/Type.qll @@ -1,10 +1,10 @@ // generated by codegen/codegen.py private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw -import codeql.swift.elements.Element +import codeql.swift.elements.HideableElement module Generated { - class Type extends Synth::TType, Element { + class Type extends Synth::TType, HideableElement { /** * Gets the name of this type. */ diff --git a/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll b/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll index fa6ea238996..6bb41db6655 100644 --- a/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll +++ b/swift/ql/lib/codeql/swift/generated/type/TypeAliasType.qll @@ -10,25 +10,12 @@ module Generated { /** * Gets the declaration of this type alias type. - * - * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the - * behavior of both the `Immediate` and non-`Immediate` versions. */ - TypeAliasDecl getImmediateDecl() { + TypeAliasDecl getDecl() { result = Synth::convertTypeAliasDeclFromRaw(Synth::convertTypeAliasTypeToRaw(this) .(Raw::TypeAliasType) .getDecl()) } - - /** - * Gets the declaration of this type alias type. - */ - final TypeAliasDecl getDecl() { - exists(TypeAliasDecl immediate | - immediate = this.getImmediateDecl() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() - ) - } } } diff --git a/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll b/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll index 4a3d11bd074..4dc124e2bda 100644 --- a/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll +++ b/swift/ql/lib/codeql/swift/generated/type/TypeRepr.qll @@ -25,7 +25,7 @@ module Generated { final Type getType() { exists(Type immediate | immediate = this.getImmediateType() and - if exists(this.getResolveStep()) then result = immediate else result = immediate.resolve() + result = immediate.resolve() ) } } diff --git a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll index 57e68648636..dc6af553f43 100644 --- a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll +++ b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll @@ -66,7 +66,7 @@ private string prettyPrint(Locatable e) { result = "[" + concat(e.getPrimaryQlClasses(), ", ") + "] " + e } -private class Unresolved extends Locatable { +private class Unresolved extends HideableElement, Locatable { Unresolved() { this != this.resolve() } } @@ -89,7 +89,7 @@ class PrintLocatable extends PrintAstNode, TLocatable { // use even indexes for normal children, leaving odd slots for conversions if any child = TLocatable(c) and index = 2 * i and label = accessor or - child = TLocatable(c.getFullyUnresolved().(Unresolved)) and + child = TLocatable(c.(HideableElement).getFullyUnresolved().(Unresolved)) and index = 2 * i + 1 and ( if c instanceof Expr diff --git a/swift/ql/lib/swift.dbscheme b/swift/ql/lib/swift.dbscheme index ba4171b90d0..37e784cc154 100644 --- a/swift/ql/lib/swift.dbscheme +++ b/swift/ql/lib/swift.dbscheme @@ -15,9 +15,9 @@ sourceLocationPrefix( @callable | @file | @generic_context +| @hideable_element | @locatable | @location -| @type ; #keyset[id] @@ -77,6 +77,12 @@ file_is_successfully_extracted( int id: @file ref ); +@hideable_element = + @expr +| @pattern +| @type +; + @locatable = @argument | @ast_node diff --git a/swift/schema.py b/swift/schema.py index f2d1283974f..76ac53dcb5c 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -14,7 +14,6 @@ from misc.codegen.lib.schemadefs import * include("prefix.dbscheme") @qltest.skip -@ql.hideable class Element: is_unknown: predicate | cpp.skip @@ -73,8 +72,12 @@ class UnknownLocation(Location): class AstNode(Locatable): pass +@ql.hideable +class HideableElement(Element): + pass + @group("type") -class Type(Element): +class Type(HideableElement): name: string canonical_type: "Type" @@ -84,12 +87,12 @@ class Decl(AstNode): members: list["Decl"] | child @group("expr") -class Expr(AstNode): +class Expr(AstNode, HideableElement): """The base class for all expressions in Swift.""" type: optional[Type] @group("pattern") -class Pattern(AstNode): +class Pattern(AstNode, HideableElement): pass @group("stmt") From b4edc92079dfe4a1e15bf607c564ed9de729cda8 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 23 May 2023 12:17:03 +0200 Subject: [PATCH 073/210] Swift: make hideability spread upward in the hierarchy --- misc/codegen/generators/qlgen.py | 1 - misc/codegen/lib/ql.py | 1 - misc/codegen/lib/schema.py | 1 - misc/codegen/loaders/schemaloader.py | 14 ++++- misc/codegen/templates/ql_class.mustache | 5 +- misc/codegen/templates/ql_parent.mustache | 14 ++--- misc/codegen/test/test_qlgen.py | 8 --- misc/codegen/test/test_schemaloader.py | 17 ++++-- swift/ql/.generated.list | 23 ++++---- swift/ql/.gitattributes | 1 - .../swift/controlflow/internal/Completion.qll | 6 +-- .../internal/ControlFlowGraphImpl.qll | 46 ++++++++-------- swift/ql/lib/codeql/swift/elements.qll | 1 - .../ql/lib/codeql/swift/elements/Element.qll | 11 ++++ .../codeql/swift/elements/HideableElement.qll | 14 ----- .../ql/lib/codeql/swift/generated/Element.qll | 17 ++++++ .../swift/generated/HideableElement.qll | 25 --------- .../codeql/swift/generated/ParentChild.qll | 52 ++++--------------- swift/ql/lib/codeql/swift/generated/Raw.qll | 11 ++-- swift/ql/lib/codeql/swift/generated/Synth.qll | 39 ++------------ .../swift/generated/UnspecifiedElement.qll | 15 +++++- .../swift/generated/decl/IfConfigDecl.qll | 15 +++++- .../lib/codeql/swift/generated/expr/Expr.qll | 3 +- .../swift/generated/pattern/Pattern.qll | 3 +- .../codeql/swift/generated/stmt/BraceStmt.qll | 15 +++++- .../lib/codeql/swift/generated/type/Type.qll | 4 +- .../codeql/swift/printast/PrintAstNode.qll | 4 +- swift/ql/lib/swift.dbscheme | 8 +-- swift/schema.py | 13 +++-- 29 files changed, 174 insertions(+), 213 deletions(-) delete mode 100644 swift/ql/lib/codeql/swift/elements/HideableElement.qll delete mode 100644 swift/ql/lib/codeql/swift/generated/HideableElement.qll diff --git a/misc/codegen/generators/qlgen.py b/misc/codegen/generators/qlgen.py index 6e4017b81f6..891533383d3 100755 --- a/misc/codegen/generators/qlgen.py +++ b/misc/codegen/generators/qlgen.py @@ -166,7 +166,6 @@ def get_ql_class(cls: schema.Class, lookup: typing.Dict[str, schema.Class]) -> q ipa=bool(cls.ipa), doc=cls.doc, hideable=cls.hideable, - hideable_root=cls.hideable_root, **pragmas, ) diff --git a/misc/codegen/lib/ql.py b/misc/codegen/lib/ql.py index 508db816beb..57a74f1f9d3 100644 --- a/misc/codegen/lib/ql.py +++ b/misc/codegen/lib/ql.py @@ -114,7 +114,6 @@ class Class: ql_internal: bool = False ipa: bool = False doc: List[str] = field(default_factory=list) - hideable_root: bool = False hideable: bool = False def __post_init__(self): diff --git a/misc/codegen/lib/schema.py b/misc/codegen/lib/schema.py index d72fa46adf4..023891b6b2d 100644 --- a/misc/codegen/lib/schema.py +++ b/misc/codegen/lib/schema.py @@ -91,7 +91,6 @@ class Class: """^^^ filled with `True` for non-final classes with only synthesized final descendants """ doc: List[str] = field(default_factory=list) default_doc_name: Optional[str] = None - hideable_root: bool = False hideable: bool = False @property diff --git a/misc/codegen/loaders/schemaloader.py b/misc/codegen/loaders/schemaloader.py index 0202c98f439..64f4d03cb57 100644 --- a/misc/codegen/loaders/schemaloader.py +++ b/misc/codegen/loaders/schemaloader.py @@ -39,7 +39,6 @@ def _get_class(cls: type) -> schema.Class: group=getattr(cls, "_group", ""), hideable=getattr(cls, "_hideable", False), # in the following we don't use `getattr` to avoid inheriting - hideable_root=cls.__dict__.get("_hideable", False), pragmas=cls.__dict__.get("_pragmas", []), ipa=cls.__dict__.get("_ipa", None), properties=[ @@ -96,6 +95,18 @@ def _fill_ipa_information(classes: typing.Dict[str, schema.Class]): cls.ipa = True +def _fill_hideable_information(classes: typing.Dict[str, schema.Class]): + """ Update the class map propagating the `hideable` attribute upwards in the hierarchy """ + todo = [cls for cls in classes.values() if cls.hideable] + while todo: + cls = todo.pop() + for base in cls.bases: + supercls = classes[base] + if not supercls.hideable: + supercls.hideable = True + todo.append(supercls) + + def load(m: types.ModuleType) -> schema.Schema: includes = set() classes = {} @@ -124,6 +135,7 @@ def load(m: types.ModuleType) -> schema.Schema: cls.is_null_class = True _fill_ipa_information(classes) + _fill_hideable_information(classes) return schema.Schema(includes=includes, classes=_toposort_classes_by_group(classes), null=null) diff --git a/misc/codegen/templates/ql_class.mustache b/misc/codegen/templates/ql_class.mustache index 63e4f0088fe..a22639ee4b6 100644 --- a/misc/codegen/templates/ql_class.mustache +++ b/misc/codegen/templates/ql_class.mustache @@ -37,8 +37,7 @@ module Generated { * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs. */ final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } - {{/root}} - {{#hideable_root}} + /** * Gets the most immediate element that should substitute this element in the explicit AST, if any. * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved @@ -55,7 +54,7 @@ module Generated { or result = this.getResolveStep().resolve() } - {{/hideable_root}} + {{/root}} {{#final}} override string getAPrimaryQlClass() { result = "{{name}}" } {{/final}} diff --git a/misc/codegen/templates/ql_parent.mustache b/misc/codegen/templates/ql_parent.mustache index 2dcac6c45dc..d310323e74f 100644 --- a/misc/codegen/templates/ql_parent.mustache +++ b/misc/codegen/templates/ql_parent.mustache @@ -64,10 +64,6 @@ none() {{/final}} {{/classes}} } - -Element resolve(Element e) { - {{#classes}}{{#hideable_root}}if e instanceof {{name}} then result = e.({{name}}).resolve() else {{/hideable_root}}{{/classes}}result = e -} } /** @@ -75,21 +71,21 @@ Element resolve(Element e) { * if `e` has conversions, `getImmediateParent(e)` will give the innermost conversion in the hidden AST. */ Element getImmediateParent(Element e) { -// `unique` is used here to tell the optimizer that there is in fact only one result -// this is tested by the `library-tests/parent/no_double_parents.ql` test -result = unique(Element x | e = Impl::getImmediateChild(x, _, _) | x) + // `unique` is used here to tell the optimizer that there is in fact only one result + // this is tested by the `library-tests/parent/no_double_parents.ql` test + result = unique(Element x | e = Impl::getImmediateChild(x, _, _) | x) } /** * Gets the immediate child indexed at `index`. Indexes are not guaranteed to be contiguous, but are guaranteed to be distinct. `accessor` is bound the member predicate call resulting in the given child. */ Element getImmediateChildAndAccessor(Element e, int index, string accessor) { -exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor) and accessor = "get" + partialAccessor) + exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor) and accessor = "get" + partialAccessor) } /** * Gets the child indexed at `index`. Indexes are not guaranteed to be contiguous, but are guaranteed to be distinct. `accessor` is bound the member predicate call resulting in the given child. */ Element getChildAndAccessor(Element e, int index, string accessor) { -exists(string partialAccessor | result = Impl::resolve(Impl::getImmediateChild(e, index, partialAccessor)) and accessor = "get" + partialAccessor) + exists(string partialAccessor | result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and accessor = "get" + partialAccessor) } diff --git a/misc/codegen/test/test_qlgen.py b/misc/codegen/test/test_qlgen.py index 32f65bbc851..44c5e63f05d 100644 --- a/misc/codegen/test/test_qlgen.py +++ b/misc/codegen/test/test_qlgen.py @@ -880,14 +880,6 @@ def test_hideable_class(generate_classes): } -def test_hideable_root_class(generate_classes): - assert generate_classes([ - schema.Class("MyObject", hideable_root=True), - ]) == { - "MyObject.qll": (a_ql_stub(name="MyObject"), a_ql_class(name="MyObject", final=True, hideable_root=True)), - } - - def test_hideable_property(generate_classes): assert generate_classes([ schema.Class("MyObject", hideable=True), diff --git a/misc/codegen/test/test_schemaloader.py b/misc/codegen/test/test_schemaloader.py index 2479fc08500..25b4c43f161 100644 --- a/misc/codegen/test/test_schemaloader.py +++ b/misc/codegen/test/test_schemaloader.py @@ -698,11 +698,22 @@ def test_hideable(): class A(Root): pass - class B(A): + class IndirectlyHideable(Root): pass - assert data.classes["A"] == schema.Class("A", bases=["Root"], derived={"B"}, hideable_root=True, hideable=True) - assert data.classes["B"] == schema.Class("B", bases=["A"], hideable=True) + class B(A, IndirectlyHideable): + pass + + class NonHideable(Root): + pass + + assert data.classes == { + "Root": schema.Class("Root", derived={"A", "IndirectlyHideable", "NonHideable"}, hideable=True), + "A": schema.Class("A", bases=["Root"], derived={"B"}, hideable=True), + "IndirectlyHideable": schema.Class("IndirectlyHideable", bases=["Root"], derived={"B"}, hideable=True), + "B": schema.Class("B", bases=["A", "IndirectlyHideable"], hideable=True), + "NonHideable": schema.Class("NonHideable", bases=["Root"], hideable=False), + } if __name__ == '__main__': diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index 3de24cd5c71..530a9e62795 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -365,7 +365,7 @@ lib/codeql/swift/elements/type/VariadicSequenceType.qll 325e4c4481e9ac07acdc6aeb lib/codeql/swift/elements/type/VariadicSequenceTypeConstructor.qll 0d1d2328a3b5e503a883e7e6d7efd0ca5e7f2633abead9e4c94a9f98ed3cb223 69bff81c1b9413949eacb9298d2efb718ea808e68364569a1090c9878c4af856 lib/codeql/swift/elements/type/WeakStorageType.qll 7c07739cfc1459f068f24fef74838428128054adf611504d22532e4a156073e7 9c968414d7cc8d672f3754bced5d4f83f43a6d7872d0d263d79ff60483e1f996 lib/codeql/swift/elements/type/WeakStorageTypeConstructor.qll d88b031ef44d6de14b3ddcff2eb47b53dbd11550c37250ff2edb42e5d21ec3e9 26d855c33492cf7a118e439f7baeed0e5425cfaf058b1dcc007eca7ed765c897 -lib/codeql/swift/elements.qll cba02ae777269061af0713f6b003c97679434ddc8b2e871fc00c5d17c5265d2a cba02ae777269061af0713f6b003c97679434ddc8b2e871fc00c5d17c5265d2a +lib/codeql/swift/elements.qll 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd 3df0060edd2b2030f4e4d7d5518afe0073d798474d9b1d6185d833bec63ca8bd lib/codeql/swift/generated/AstNode.qll 02ca56d82801f942ae6265c6079d92ccafdf6b532f6bcebd98a04029ddf696e4 6216fda240e45bd4302fa0cf0f08f5f945418b144659264cdda84622b0420aa2 lib/codeql/swift/generated/AvailabilityInfo.qll 1e38e7f52ccbcecd4dd088eae15c482d87911682dabb426332cc0e207fc6bf2f 7c6640530cdbece90d4172e8d6cfd119656860da08bb61ed4ef3a6757723994f lib/codeql/swift/generated/AvailabilitySpec.qll fb1255f91bb5e41ad4e9c675a2efbc50d0fb366ea2de68ab7eebd177b0795309 144e0c2e7d6c62ecee43325f7f26dcf437881edf0b75cc1bc898c6c4b61fdeaf @@ -374,23 +374,22 @@ lib/codeql/swift/generated/Comment.qll f58b49f6e68c21f87c51e2ff84c8a64b09286d733 lib/codeql/swift/generated/DbFile.qll a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc a49b2a2cb2788cb49c861ebcd458b8daead7b15adb19c3a9f4db3bf39a0051fc lib/codeql/swift/generated/DbLocation.qll b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 b9baea963d9fa82068986512c0649d1050897654eee3df51dba17cf6b1170873 lib/codeql/swift/generated/Diagnostics.qll d2ee2db55e932dcaee95fcc1164a51ffbe1a78d86ee0f50aabb299b458462afe 566d554d579cadde26dc4d1d6b1750ca800511201b737b629f15b6f873af3733 -lib/codeql/swift/generated/Element.qll 1c6a757f3c1218b02a98f075b2cfb5bd0cc31dff31bd1d04acdf4d4f040dee45 a3221cd9250706e6313a82450466326e5a1e6ffa5ae0b308e943d0979d03919e +lib/codeql/swift/generated/Element.qll 81a01c1965cf8154596c753b20536ef8630b30567d8c077660ab2d11143f060b 74f5c76db5ec82a9c1675ec0282acd44f1a86ef447d1961c47aea3eed50f79cb lib/codeql/swift/generated/ErrorElement.qll 4b032abe8ffb71376a29c63e470a52943ace2527bf7b433c97a8bf716f9ad102 4f2b1be162a5c275e3264dbc51bf98bce8846d251be8490a0d4b16cbc85f630f lib/codeql/swift/generated/File.qll f88c485883dd9b2b4a366080e098372912e03fb3177e5cae58aa4449c2b03399 0333c49e3a11c48e6146a7f492ee31ac022d80150fc3f8bfafc3c8f94d66ff76 -lib/codeql/swift/generated/HideableElement.qll 0eb3bb2fd9fb2b5ba444f4cd1aa4f91c87926618dcfa0051b048cf9d63f9602e 0eb3bb2fd9fb2b5ba444f4cd1aa4f91c87926618dcfa0051b048cf9d63f9602e lib/codeql/swift/generated/KeyPathComponent.qll c79c7bc04fc1426992ab472eedc1a20a7aa496ff3f43305400022f1a02ba44f4 a9935b68b511329d157bcd7a7d27aa4803d2163306db8b41808a2b736f80f4d8 lib/codeql/swift/generated/Locatable.qll be20967d48a34cdba126fe298606e0adc11697831f097acba9c52a0b7ce9983e 8aa01bc376614abbc3209e25785c72f86c9b4e94bb5f471a4a0677fedaec4f61 lib/codeql/swift/generated/Location.qll c5793987e77812059a28254dadee29bfe9b38153c0399fbb1bf6a2f5c237fdab 6e6d8802b021e36bbaad81845657769dd48a798ea33080ada05e9818a20b38f7 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll ffec94e3ee076ff73dd7b4e6561c8d8c1f9a198547085baa40a1e5e28adc5827 a28adf13137431f55ce218ade6848bf5b853d3f27315765e9e6c45032c02ddd3 +lib/codeql/swift/generated/ParentChild.qll 7d2d0628965c38d59877fed220b39bd3b02d3652990caf7eeabe966b73534c7d a5a9df21d0a6a00aed6ebb60f13fea3456bf97ca84a140ebca52610eb7c8ff8b lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 56e12381886fe9eb6aef74968cb542e179116ad6722640a21bda37f1d9d26e77 ae93d0caebecf3ce593c95887b44cd1686b5c7e989d5cce4bb39d97312c3cb68 -lib/codeql/swift/generated/Synth.qll 14dbc93375bcde4d792c1ec6157ee9c825119dcc9de31bcfeea56b3636f32d27 e84970ed295aa0af59135ee09b9cddbd6a26dcbce3baaf0e2a958b0552aac6d1 +lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 lib/codeql/swift/generated/UnknownLocation.qll e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 -lib/codeql/swift/generated/UnspecifiedElement.qll 2b66070944ad36316476b6bf8a811131ca6d4232591353b2b23e881b547463cc c9bff46bcb6f6d106eb57ab8bb04584d9a0b2513abdc1be6e98c0bd227c5f1e0 +lib/codeql/swift/generated/UnspecifiedElement.qll ad04c197266069baf505e529e62751ab3056b4bac5db378fe1f79bbdfa29e066 a5058c7e3e0ba7d52710161e349a71f3e963d4abe07ca581ad663395fc50e972 lib/codeql/swift/generated/decl/AbstractStorageDecl.qll 4e827d05b3b98c043f925a3bd9c00622da3dc6e3d3406f5a18b2c3a684e3774f 47e5767a6f9a87f848cccce651d8c40af8aa3e0e727fc147cbf4d5a2a3e483d9 lib/codeql/swift/generated/decl/AbstractTypeParamDecl.qll 1e268b00d0f2dbbd85aa70ac206c5e4a4612f06ba0091e5253483635f486ccf9 5479e13e99f68f1f347283535f8098964f7fd4a34326ff36ad5711b2de1ab0d0 lib/codeql/swift/generated/decl/Accessor.qll c93cdf7dbb87e6c9b09b5fcf469b952041f753914a892addeb24bb46eaa51d29 1e8104da2da146d3e4d8f5f96b87872e63162e53b46f9c7038c75db51a676599 @@ -409,7 +408,7 @@ lib/codeql/swift/generated/decl/Function.qll 92d1fbceb9e96afd00a1dfbfd15cec0063b lib/codeql/swift/generated/decl/GenericContext.qll 9f7e17d11bf898429a921ba7726b07aab382c97f8326bd186f2bded3d090852c 14d558b6e498d49b850f862d85091a11954dad13f16c60f700cf2c66fa37c473 lib/codeql/swift/generated/decl/GenericTypeDecl.qll 71f5c9c6078567dda0a3ac17e2d2d590454776b2459267e31fed975724f84aec 669c5dbd8fad8daf007598e719ac0b2dbcb4f9fad698bffb6f1d0bcd2cee9102 lib/codeql/swift/generated/decl/GenericTypeParamDecl.qll bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 bc41a9d854e65b1e0da86350870a8fe050eb1dc031cd17ded11c15b5ad8ad183 -lib/codeql/swift/generated/decl/IfConfigDecl.qll 085e2c70d3e158b7f3d3d3ade94593f1331d681d07da8a968c537830a67a62fe 19bb842314e8edb6a8dce4d78ec8043a527f13569da8be4ad03ba876a09998a5 +lib/codeql/swift/generated/decl/IfConfigDecl.qll f1decc68b28dfb43ec70070156d19d6ef0943d8cf375ea639adf13da19398586 75fe6359304693a002987d57865d52b9fca84023752432c98e2f0dbc2830da7e lib/codeql/swift/generated/decl/ImportDecl.qll 542405d7a75659d048d1ff8894a0cc0d357802c2936407ec39b7e4f69d2dd864 41ee9a9f1fc8068db587ac786145cf50f74f74161555ca94b502a57cca23288a lib/codeql/swift/generated/decl/InfixOperatorDecl.qll 3da133c325380fbc10448b731d5826959056ca861d3a0661e7c37694e5ccb208 bb81c8e1597a1fb7e791e3c4c4ed28a73c442591bff2b12d13a7a327a7b6db08 lib/codeql/swift/generated/decl/Initializer.qll a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 a72005f0abebd31b7b91f496ddae8dff49a027ba01b5a827e9b8870ecf34de17 @@ -484,7 +483,7 @@ lib/codeql/swift/generated/expr/ErrorExpr.qll 8e354eed5655e7261d939f3831eb6fa296 lib/codeql/swift/generated/expr/ExistentialMetatypeToObjectExpr.qll eb0d42aac3f6331011a0e26cf5581c5e0a1b5523d2da94672abdebe70000d65b efe2bc0424e551454acc919abe4dac7fd246b84f1ae0e5d2e31a49cbcf84ce40 lib/codeql/swift/generated/expr/ExplicitCastExpr.qll 162f94461d41cf10a81567e13d5141d7aca417cc92d4ef55de97c7909681882e c8e7d1f569265a9bc2ae6a82e33783ec3ac077c3ae6e582edcb49a4eb816f7b5 lib/codeql/swift/generated/expr/ExplicitClosureExpr.qll c5291fb91e04a99133d1b4caf25f8bd6e7f2e7b9d5d99558143899f4dc9a7861 c5291fb91e04a99133d1b4caf25f8bd6e7f2e7b9d5d99558143899f4dc9a7861 -lib/codeql/swift/generated/expr/Expr.qll 91b45df8d77ece59147e330b1a93515ad791e1da84128a079be2160ee5f87796 4a57263c533d9d5a9e1cacc997d09434fe7ebbabff9ac1a49602b618b828839b +lib/codeql/swift/generated/expr/Expr.qll b09ddd296693ad78a2b0e7dc17d2b746357ae88645b046a026861eafeba616cb 498c628f904fbf48be10f32b146168b71f8f7d9f829614e422020701ccc0f8e4 lib/codeql/swift/generated/expr/FloatLiteralExpr.qll ae851773886b3d33ab5535572a4d6f771d4b11d6c93e802f01348edb2d80c454 35f103436fc2d1b2cec67b5fbae07b28c054c9687d57cbd3245c38c55d8bde0b lib/codeql/swift/generated/expr/ForceTryExpr.qll 062997b5e9a9e993de703856ae6af60fe1950951cf77cdab11b972fb0a5a4ed3 062997b5e9a9e993de703856ae6af60fe1950951cf77cdab11b972fb0a5a4ed3 lib/codeql/swift/generated/expr/ForceValueExpr.qll cd7ee5fa4a6f7094c7fbb9c5831f60d5ce18b123fe7beea3dcb26ca78e387118 7cdef6e9b501f9e9cb0d48828e68b349b25e4e5f312e5bcee91868ae8b196e7d @@ -565,10 +564,10 @@ lib/codeql/swift/generated/pattern/IsPattern.qll c809159dff26b86d44f560742d66e75 lib/codeql/swift/generated/pattern/NamedPattern.qll 5d25e51eb83e86363b95a6531ffb164e5a6070b4a577f3900140edbef0e83c71 9e88b2b2b90a547b402d4782e8d494bc555d4200763c094dd985fe3b7ebc1ec8 lib/codeql/swift/generated/pattern/OptionalSomePattern.qll 5b9c7032584619d4921d1a1324e3ce4bd7207f0d4daa703e1e059f983bf1b132 e6d44514cd123a7ad27f657a2b83d46277a961a849139380ece886430a862920 lib/codeql/swift/generated/pattern/ParenPattern.qll 337cb03dcb7384f7ef13e35d843b3498c0ae391374f5e870d1e52c2d1baacd95 cba288ee99726f5bbf15cf61971e000a835cf6e8b7507dcf6f6c6dea91ec287a -lib/codeql/swift/generated/pattern/Pattern.qll abdb00ae9ee55061de85fa77ecff6f3df9ddf395f45a38dde94983ac423d861a 67ffece7bd83150bb0981b2fda86468c2df7c4d2015526b90ca40c71eec6b542 +lib/codeql/swift/generated/pattern/Pattern.qll 0e96528a8dd87185f4fb23ba33ea418932762127e99739d7e56e5c8988e024d1 ba1e010c9f7f891048fb8c4ff8ea5a6c664c09e43d74b860d559f6459f82554a lib/codeql/swift/generated/pattern/TuplePattern.qll b3a138b0942f7e3eecb52ad2f095584a6cd5f555e9487c6eaad6a5527ae99f0c d6ff67ecc7395571acef4b82da514cb737c72d97ea557d89da534469feda340c lib/codeql/swift/generated/pattern/TypedPattern.qll 6a9fd2815755eddc6918d6be8221c7afb90e4fba4fcb8eb54ff42754269bb481 f198c3b09553a5f5f3d97f8088ef82c00552b9635560750c56d801b09dbd9e26 -lib/codeql/swift/generated/stmt/BraceStmt.qll 72557bdbde907042a936b55039e6032afd5eb92b21a6bb3d669437f3141a7e76 a2fb52f3d77444880edcafec6d107f27cf8c528c21241b1222823136fd4cfbb9 +lib/codeql/swift/generated/stmt/BraceStmt.qll eea1a33767c14a3b96aea6bbe10f17c3ecd1d8ac263de07e475e23b46d85a20d a5ee6c19a38e968c245886c28c82513f39ca90a80a9ea11d0e3139a35f682046 lib/codeql/swift/generated/stmt/BreakStmt.qll 879cf66911cc7f53e7e8f4ae8244681018fb17d6501b269fb7cf9d8481f0b539 c78fc1b0e3e76321fc1653aa8b0aabaaacf082e01a003b78f693b106cc05faa0 lib/codeql/swift/generated/stmt/CaseLabelItem.qll 9536d2909a274c3a969eec25f8e5966adfaa9b0d6451ea6319d9f7bb2fd6fe07 02e25f036db50e9a6e9a7ceab6002dd605b73afb55fa1dee6f22e7af33a40913 lib/codeql/swift/generated/stmt/CaseStmt.qll c180478c6161439bc76bd39edfab343faba7450900ffedcadd3ccea12dc3a08c b537eb517db76113cfbc91c59e6bdfbf16ff83d639dfe6fd6892171f71a97090 @@ -647,7 +646,7 @@ lib/codeql/swift/generated/type/SubstitutableType.qll 9e74ec2d281cd3dedbc5791d66 lib/codeql/swift/generated/type/SugarType.qll 4ea82201ae20e769c0c3e6e158bae86493e1b16bbd3ef6495e2a3760baa1fc6b 6c78df86db6f9c70398484819a9b9ecc8ee337b0a4ac2d84e17294951a6fd788 lib/codeql/swift/generated/type/SyntaxSugarType.qll 253e036452e0ba8ae3bb60d6ed22f4efb8436f4ef19f158f1114a6f9a14df42c 743fe4dede40ca173b19d5757d14e0f606fe36f51119445503e8eea7cf6df3b0 lib/codeql/swift/generated/type/TupleType.qll af224031c3bea6dfca6138903cca940a4f00ba6494ad7b591b9f017d69ee9a6c f59ad1bb4994196ec49836ae169e550a70dbb25a359ff889ed6456882fe2d9a0 -lib/codeql/swift/generated/type/Type.qll ada3973ed840643fa9f015d721d1f3c58994cda46b169e875b77473281d9122f 6a43dc43be0ac6f315b58ca4dc9b015769281eb5011220f28b5e9b6ed9436207 +lib/codeql/swift/generated/type/Type.qll c08acc943c9b52662a465d77fcd39d12f869c42b24a3755225b3bddbb1cf72f5 6d82c5bddded75fd5598bb559ecfa07360ad802d5e9541af2c334dc9d0159335 lib/codeql/swift/generated/type/TypeAliasType.qll 7c1397c4a145d3265e8d1b4dac4ae6a58a2c4026145cfb2d8d28c01309b0ea26 0e3c3a2c166285f4ac1b417b8cc74a5095c8a8e1a102d7b5ca2829a06b61de23 lib/codeql/swift/generated/type/TypeRepr.qll 25a412f029bf2d4b283ea07f0f0ff5713b1b4f369f8cb06991328fdee030e14a 2a39717f2e023c96015b797b59812b0e0bef1ea2780ee83869b68da549abbf2f lib/codeql/swift/generated/type/UnarySyntaxSugarType.qll 6f3822691d04531cc1dd6a78fb184f3e18d42ee324123dc4338fdd368fbd0bd6 d489aac77955de0d71fd5c271fddccd40050db4ef8ce8d817320ca9554057c3a diff --git a/swift/ql/.gitattributes b/swift/ql/.gitattributes index c1bcfc90e69..71cc5c58ecf 100644 --- a/swift/ql/.gitattributes +++ b/swift/ql/.gitattributes @@ -379,7 +379,6 @@ /lib/codeql/swift/generated/Element.qll linguist-generated /lib/codeql/swift/generated/ErrorElement.qll linguist-generated /lib/codeql/swift/generated/File.qll linguist-generated -/lib/codeql/swift/generated/HideableElement.qll linguist-generated /lib/codeql/swift/generated/KeyPathComponent.qll linguist-generated /lib/codeql/swift/generated/Locatable.qll linguist-generated /lib/codeql/swift/generated/Location.qll linguist-generated diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll b/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll index ad96fcb12de..9e7975890e6 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll @@ -98,7 +98,7 @@ private predicate isBooleanConstant(ControlFlowElement n, boolean value) { // Boolean constants hidden inside conversions are also // constants that resolve to the same value. exists(ControlFlowElement parent | - parent.asAstNode() = n.asAstNode().(HideableElement).getResolveStep() and + parent.asAstNode() = n.asAstNode().getResolveStep() and isBooleanConstant(parent, value) ) } @@ -122,9 +122,9 @@ private predicate inBooleanContext(ControlFlowElement n) { private predicate astInBooleanContext(AstNode n) { n = any(ConditionElement condElem).getBoolean().getFullyUnresolved() or - n = any(ConditionElement condElem).getAvailability() + n = any(ConditionElement condElem).getAvailability().getFullyUnresolved() or - n = any(StmtCondition stmtCond) + n = any(StmtCondition stmtCond).getFullyUnresolved() or exists(RepeatWhileStmt repeat | n = repeat.getCondition().getFullyConverted()) or diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll index 3efa0dd8bc3..d3eb3aaa244 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll @@ -264,7 +264,7 @@ module Stmts { or child.asAstNode() = ast.getAnElement().getBoolean().getFullyConverted() or - child.asAstNode() = ast.getAnElement().getAvailability() + child.asAstNode() = ast.getAnElement().getAvailability().getFullyUnresolved() } predicate firstElement(int i, ControlFlowElement first) { @@ -278,7 +278,7 @@ module Stmts { astFirst(ast.getElement(i).getBoolean().getFullyConverted(), first) or // ... or an availability check. - astFirst(ast.getElement(i).getAvailability(), first) + astFirst(ast.getElement(i).getAvailability().getFullyUnresolved(), first) ) } @@ -296,7 +296,7 @@ module Stmts { astLast(ast.getElement(i).getBoolean().getFullyConverted(), pred, c) or // ... or the availability check ... - astLast(ast.getElement(i).getAvailability(), pred, c) + astLast(ast.getElement(i).getAvailability().getFullyUnresolved(), pred, c) ) and // We evaluate the next element c instanceof NormalCompletion and @@ -313,7 +313,7 @@ module Stmts { not c.(MatchingCompletion).isMatch() or // Stop if an availability check failed - astLast(ast.getAnElement().getAvailability(), last, c) and + astLast(ast.getAnElement().getAvailability().getFullyUnresolved(), last, c) and c instanceof FalseCompletion or // Stop if we successfully evaluated all the conditionals @@ -322,7 +322,7 @@ module Stmts { or astLast(ast.getLastElement().getPattern().getFullyUnresolved(), last, c) or - astLast(ast.getLastElement().getAvailability(), last, c) + astLast(ast.getLastElement().getAvailability().getFullyUnresolved(), last, c) ) and c instanceof NormalCompletion } @@ -342,14 +342,14 @@ module Stmts { override IfStmt ast; final override predicate propagatesAbnormal(ControlFlowElement child) { - child.asAstNode() = ast.getCondition() or + child.asAstNode() = ast.getCondition().getFullyUnresolved() or child.asAstNode() = ast.getThen() or child.asAstNode() = ast.getElse() } final override predicate last(ControlFlowElement last, Completion c) { // Condition exits with a false completion and there is no `else` branch - astLast(ast.getCondition(), last, c) and + astLast(ast.getCondition().getFullyUnresolved(), last, c) and c instanceof FalseOrNonMatchCompletion and not exists(ast.getElse()) or @@ -360,10 +360,10 @@ module Stmts { final override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: flow from statement itself to first element of condition pred.asAstNode() = ast and - astFirst(ast.getCondition(), succ) and + astFirst(ast.getCondition().getFullyUnresolved(), succ) and c instanceof SimpleCompletion or - astLast(ast.getCondition(), pred, c) and + astLast(ast.getCondition().getFullyUnresolved(), pred, c) and ( // Flow from last element of condition to first element of then branch c instanceof TrueOrMatchCompletion and @@ -380,7 +380,7 @@ module Stmts { override GuardStmt ast; final override predicate propagatesAbnormal(ControlFlowElement child) { - child.asAstNode() = ast.getCondition() or + child.asAstNode() = ast.getCondition().getFullyUnresolved() or child.asAstNode() = ast.getBody() } @@ -390,18 +390,18 @@ module Stmts { c instanceof NormalCompletion or // Exit when a condition is true - astLast(ast.getCondition(), last, c) and + astLast(ast.getCondition().getFullyUnresolved(), last, c) and c instanceof TrueOrMatchCompletion } final override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: flow from statement itself to first element of condition pred.asAstNode() = ast and - astFirst(ast.getCondition(), succ) and + astFirst(ast.getCondition().getFullyUnresolved(), succ) and c instanceof SimpleCompletion or // Flow to the body when the condition is false - astLast(ast.getCondition(), pred, c) and + astLast(ast.getCondition().getFullyUnresolved(), pred, c) and c instanceof FalseOrNonMatchCompletion and astFirst(ast.getBody(), succ) } @@ -458,7 +458,9 @@ module Stmts { private class WhileTree extends LoopTree { override WhileStmt ast; - final override ControlFlowElement getCondition() { result.asAstNode() = ast.getCondition() } + final override ControlFlowElement getCondition() { + result.asAstNode() = ast.getCondition().getFullyUnresolved() + } final override ControlFlowElement getBody() { result.asAstNode() = ast.getBody() } @@ -672,7 +674,7 @@ module Stmts { final override predicate last(ControlFlowElement last, Completion c) { // Case pattern exits with a non-match - astLast(ast.getLastLabel(), last, c) and + astLast(ast.getLastLabel().getFullyUnresolved(), last, c) and not c.(MatchingCompletion).isMatch() or // Case body exits with any completion @@ -682,18 +684,18 @@ module Stmts { override predicate succ(ControlFlowElement pred, ControlFlowElement succ, Completion c) { // Pre-order: Flow from the case statement itself to the first label pred.asAstNode() = ast and - astFirst(ast.getFirstLabel(), succ) and + astFirst(ast.getFirstLabel().getFullyUnresolved(), succ) and c instanceof SimpleCompletion or // Left-to-right evaluation of labels until we find a match exists(int i | - astLast(ast.getLabel(i), pred, c) and - astFirst(ast.getLabel(i + 1), succ) and + astLast(ast.getLabel(i).getFullyUnresolved(), pred, c) and + astFirst(ast.getLabel(i + 1).getFullyUnresolved(), succ) and c.(MatchingCompletion).isNonMatch() ) or // Flow from last element of pattern to first element of body - astLast(ast.getALabel(), pred, c) and + astLast(ast.getALabel().getFullyUnresolved(), pred, c) and astFirst(ast.getBody(), succ) and c.(MatchingCompletion).isMatch() } @@ -1162,7 +1164,7 @@ module Exprs { override CaptureListExpr ast; final override ControlFlowElement getChildElement(int i) { - result.asAstNode() = ast.getBindingDecl(i) + result.asAstNode() = ast.getBindingDecl(i).getFullyUnresolved() or i = ast.getNumberOfBindingDecls() and result.asAstNode() = ast.getClosureBody().getFullyConverted() @@ -1794,7 +1796,9 @@ module AvailabilityInfo { private class AvailabilityInfoTree extends AstStandardPostOrderTree { override AvailabilityInfo ast; - final override ControlFlowElement getChildElement(int i) { result.asAstNode() = ast.getSpec(i) } + final override ControlFlowElement getChildElement(int i) { + result.asAstNode() = ast.getSpec(i).getFullyUnresolved() + } } private class AvailabilitySpecTree extends AstLeafTree { diff --git a/swift/ql/lib/codeql/swift/elements.qll b/swift/ql/lib/codeql/swift/elements.qll index 486b2aa6cd0..7c75c11c976 100644 --- a/swift/ql/lib/codeql/swift/elements.qll +++ b/swift/ql/lib/codeql/swift/elements.qll @@ -10,7 +10,6 @@ import codeql.swift.elements.Diagnostics import codeql.swift.elements.Element import codeql.swift.elements.ErrorElement import codeql.swift.elements.File -import codeql.swift.elements.HideableElement import codeql.swift.elements.KeyPathComponent import codeql.swift.elements.Locatable import codeql.swift.elements.Location diff --git a/swift/ql/lib/codeql/swift/elements/Element.qll b/swift/ql/lib/codeql/swift/elements/Element.qll index b7bdd621eaf..394d1caab3b 100644 --- a/swift/ql/lib/codeql/swift/elements/Element.qll +++ b/swift/ql/lib/codeql/swift/elements/Element.qll @@ -1,7 +1,18 @@ private import codeql.swift.generated.Element class Element extends Generated::Element { + private predicate resolvesFrom(Element e) { e.getResolveStep() = this } + override string toString() { result = this.getPrimaryQlClasses() } + + Element getFullyUnresolved() { + not this.resolvesFrom(_) and result = this + or + exists(Element e | + this.resolvesFrom(e) and + result = e.getFullyUnresolved() + ) + } } class UnknownElement extends Element { diff --git a/swift/ql/lib/codeql/swift/elements/HideableElement.qll b/swift/ql/lib/codeql/swift/elements/HideableElement.qll deleted file mode 100644 index fdc392817dd..00000000000 --- a/swift/ql/lib/codeql/swift/elements/HideableElement.qll +++ /dev/null @@ -1,14 +0,0 @@ -private import codeql.swift.generated.HideableElement - -class HideableElement extends Generated::HideableElement { - private predicate resolvesFrom(HideableElement e) { e.getResolveStep() = this } - - HideableElement getFullyUnresolved() { - not this.resolvesFrom(_) and result = this - or - exists(HideableElement e | - this.resolvesFrom(e) and - result = e.getFullyUnresolved() - ) - } -} diff --git a/swift/ql/lib/codeql/swift/generated/Element.qll b/swift/ql/lib/codeql/swift/generated/Element.qll index 88e9b4cdd34..0fa588e0667 100644 --- a/swift/ql/lib/codeql/swift/generated/Element.qll +++ b/swift/ql/lib/codeql/swift/generated/Element.qll @@ -24,6 +24,23 @@ module Generated { */ final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } + /** + * Gets the most immediate element that should substitute this element in the explicit AST, if any. + * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved + * for conversions and syntactic sugar nodes like parentheses. + */ + Element getResolveStep() { none() } // overridden by subclasses + + /** + * Gets the element that should substitute this element in the explicit AST, applying `getResolveStep` + * transitively. + */ + final Element resolve() { + not exists(this.getResolveStep()) and result = this + or + result = this.getResolveStep().resolve() + } + /** * Holds if this element is unknown. */ diff --git a/swift/ql/lib/codeql/swift/generated/HideableElement.qll b/swift/ql/lib/codeql/swift/generated/HideableElement.qll deleted file mode 100644 index 9d8b323313c..00000000000 --- a/swift/ql/lib/codeql/swift/generated/HideableElement.qll +++ /dev/null @@ -1,25 +0,0 @@ -// generated by codegen/codegen.py -private import codeql.swift.generated.Synth -private import codeql.swift.generated.Raw -import codeql.swift.elements.Element - -module Generated { - class HideableElement extends Synth::THideableElement, Element { - /** - * Gets the most immediate element that should substitute this element in the explicit AST, if any. - * Classes can override this to indicate this node should be in the "hidden" AST, mostly reserved - * for conversions and syntactic sugar nodes like parentheses. - */ - HideableElement getResolveStep() { none() } // overridden by subclasses - - /** - * Gets the element that should substitute this element in the explicit AST, applying `getResolveStep` - * transitively. - */ - final HideableElement resolve() { - not exists(this.getResolveStep()) and result = this - or - result = this.getResolveStep().resolve() - } - } -} diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 61b61ab0459..ab0ce2dba37 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -50,21 +50,6 @@ private module Impl { ) } - private Element getImmediateChildOfHideableElement( - HideableElement e, int index, string partialPredicateCall - ) { - exists(int b, int bElement, int n | - b = 0 and - bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and - n = bElement and - ( - none() - or - result = getImmediateChildOfElement(e, index - b, partialPredicateCall) - ) - ) - } - private Element getImmediateChildOfLocatable(Locatable e, int index, string partialPredicateCall) { exists(int b, int bElement, int n | b = 0 and @@ -1043,19 +1028,14 @@ private module Impl { } private Element getImmediateChildOfExpr(Expr e, int index, string partialPredicateCall) { - exists(int b, int bAstNode, int bHideableElement, int n | + exists(int b, int bAstNode, int n | b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and - bHideableElement = - bAstNode + 1 + - max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and - n = bHideableElement and + n = bAstNode and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) - or - result = getImmediateChildOfHideableElement(e, index - bAstNode, partialPredicateCall) ) ) } @@ -3179,19 +3159,14 @@ private module Impl { } private Element getImmediateChildOfPattern(Pattern e, int index, string partialPredicateCall) { - exists(int b, int bAstNode, int bHideableElement, int n | + exists(int b, int bAstNode, int n | b = 0 and bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and - bHideableElement = - bAstNode + 1 + - max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and - n = bHideableElement and + n = bAstNode and ( none() or result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall) - or - result = getImmediateChildOfHideableElement(e, index - bAstNode, partialPredicateCall) ) ) } @@ -3481,13 +3456,13 @@ private module Impl { b = 0 and bStmt = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfStmt(e, i, _)) | i) and n = bStmt and - nElement = n + 1 + max(int i | i = -1 or exists(e.getElement(i)) | i) and + nElement = n + 1 + max(int i | i = -1 or exists(e.getImmediateElement(i)) | i) and ( none() or result = getImmediateChildOfStmt(e, index - b, partialPredicateCall) or - result = e.getElement(index - n) and + result = e.getImmediateElement(index - n) and partialPredicateCall = "Element(" + (index - n).toString() + ")" ) ) @@ -3854,15 +3829,14 @@ private module Impl { } private Element getImmediateChildOfType(Type e, int index, string partialPredicateCall) { - exists(int b, int bHideableElement, int n | + exists(int b, int bElement, int n | b = 0 and - bHideableElement = - b + 1 + max(int i | i = -1 or exists(getImmediateChildOfHideableElement(e, i, _)) | i) and - n = bHideableElement and + bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and + n = bElement and ( none() or - result = getImmediateChildOfHideableElement(e, index - b, partialPredicateCall) + result = getImmediateChildOfElement(e, index - b, partialPredicateCall) ) ) } @@ -5319,10 +5293,6 @@ private module Impl { or result = getImmediateChildOfVariadicSequenceType(e, index, partialAccessor) } - - Element resolve(Element e) { - if e instanceof HideableElement then result = e.(HideableElement).resolve() else result = e - } } /** @@ -5350,7 +5320,7 @@ Element getImmediateChildAndAccessor(Element e, int index, string accessor) { */ Element getChildAndAccessor(Element e, int index, string accessor) { exists(string partialAccessor | - result = Impl::resolve(Impl::getImmediateChild(e, index, partialAccessor)) and + result = Impl::getImmediateChild(e, index, partialAccessor).resolve() and accessor = "get" + partialAccessor ) } diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index f7c127818d7..dc5ddeed979 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -62,11 +62,6 @@ module Raw { predicate isSuccessfullyExtracted() { file_is_successfully_extracted(this) } } - /** - * INTERNAL: Do not use. - */ - class HideableElement extends @hideable_element, Element { } - /** * INTERNAL: Do not use. */ @@ -991,7 +986,7 @@ module Raw { * INTERNAL: Do not use. * The base class for all expressions in Swift. */ - class Expr extends @expr, AstNode, HideableElement { + class Expr extends @expr, AstNode { /** * Gets the type of this expression, if it exists. */ @@ -2358,7 +2353,7 @@ module Raw { /** * INTERNAL: Do not use. */ - class Pattern extends @pattern, AstNode, HideableElement { } + class Pattern extends @pattern, AstNode { } /** * INTERNAL: Do not use. @@ -2874,7 +2869,7 @@ module Raw { /** * INTERNAL: Do not use. */ - class Type extends @type, HideableElement { + class Type extends @type, Element { /** * Gets the name of this type. */ diff --git a/swift/ql/lib/codeql/swift/generated/Synth.qll b/swift/ql/lib/codeql/swift/generated/Synth.qll index f79d71f84a3..fdbadffcd33 100644 --- a/swift/ql/lib/codeql/swift/generated/Synth.qll +++ b/swift/ql/lib/codeql/swift/generated/Synth.qll @@ -1043,11 +1043,6 @@ module Synth { */ class TFile = TDbFile or TUnknownFile; - /** - * INTERNAL: Do not use. - */ - class THideableElement = TExpr or TPattern or TType; - /** * INTERNAL: Do not use. */ @@ -3228,11 +3223,11 @@ module Synth { or result = convertGenericContextFromRaw(e) or - result = convertHideableElementFromRaw(e) - or result = convertLocatableFromRaw(e) or result = convertLocationFromRaw(e) + or + result = convertTypeFromRaw(e) } /** @@ -3277,19 +3272,6 @@ module Synth { result = convertUnknownFileFromRaw(e) } - /** - * INTERNAL: Do not use. - * Converts a raw DB element to a synthesized `THideableElement`, if possible. - */ - cached - THideableElement convertHideableElementFromRaw(Raw::Element e) { - result = convertExprFromRaw(e) - or - result = convertPatternFromRaw(e) - or - result = convertTypeFromRaw(e) - } - /** * INTERNAL: Do not use. * Converts a raw DB element to a synthesized `TLocatable`, if possible. @@ -6046,11 +6028,11 @@ module Synth { or result = convertGenericContextToRaw(e) or - result = convertHideableElementToRaw(e) - or result = convertLocatableToRaw(e) or result = convertLocationToRaw(e) + or + result = convertTypeToRaw(e) } /** @@ -6095,19 +6077,6 @@ module Synth { result = convertUnknownFileToRaw(e) } - /** - * INTERNAL: Do not use. - * Converts a synthesized `THideableElement` to a raw DB element, if possible. - */ - cached - Raw::Element convertHideableElementToRaw(THideableElement e) { - result = convertExprToRaw(e) - or - result = convertPatternToRaw(e) - or - result = convertTypeToRaw(e) - } - /** * INTERNAL: Do not use. * Converts a synthesized `TLocatable` to a raw DB element, if possible. diff --git a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll index af422cbd10d..7a5c1b5903f 100644 --- a/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll +++ b/swift/ql/lib/codeql/swift/generated/UnspecifiedElement.qll @@ -10,14 +10,27 @@ module Generated { /** * Gets the parent of this unspecified element, if it exists. + * + * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the + * behavior of both the `Immediate` and non-`Immediate` versions. */ - Element getParent() { + Element getImmediateParent() { result = Synth::convertElementFromRaw(Synth::convertUnspecifiedElementToRaw(this) .(Raw::UnspecifiedElement) .getParent()) } + /** + * Gets the parent of this unspecified element, if it exists. + */ + final Element getParent() { + exists(Element immediate | + immediate = this.getImmediateParent() and + result = immediate.resolve() + ) + } + /** * Holds if `getParent()` exists. */ diff --git a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll index 9a93bce7540..aec001a1122 100644 --- a/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll +++ b/swift/ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll @@ -10,14 +10,27 @@ module Generated { /** * Gets the `index`th active element of this if config declaration (0-based). + * + * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the + * behavior of both the `Immediate` and non-`Immediate` versions. */ - AstNode getActiveElement(int index) { + AstNode getImmediateActiveElement(int index) { result = Synth::convertAstNodeFromRaw(Synth::convertIfConfigDeclToRaw(this) .(Raw::IfConfigDecl) .getActiveElement(index)) } + /** + * Gets the `index`th active element of this if config declaration (0-based). + */ + final AstNode getActiveElement(int index) { + exists(AstNode immediate | + immediate = this.getImmediateActiveElement(index) and + result = immediate.resolve() + ) + } + /** * Gets any of the active elements of this if config declaration. */ diff --git a/swift/ql/lib/codeql/swift/generated/expr/Expr.qll b/swift/ql/lib/codeql/swift/generated/expr/Expr.qll index 6f488acbe59..dad004bc2bd 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/Expr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/Expr.qll @@ -2,14 +2,13 @@ private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw import codeql.swift.elements.AstNode -import codeql.swift.elements.HideableElement import codeql.swift.elements.type.Type module Generated { /** * The base class for all expressions in Swift. */ - class Expr extends Synth::TExpr, AstNode, HideableElement { + class Expr extends Synth::TExpr, AstNode { /** * Gets the type of this expression, if it exists. * diff --git a/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll b/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll index 5ba24c9fcda..5c795e45107 100644 --- a/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll +++ b/swift/ql/lib/codeql/swift/generated/pattern/Pattern.qll @@ -2,8 +2,7 @@ private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw import codeql.swift.elements.AstNode -import codeql.swift.elements.HideableElement module Generated { - class Pattern extends Synth::TPattern, AstNode, HideableElement { } + class Pattern extends Synth::TPattern, AstNode { } } diff --git a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll index 360366dcaa3..d136e02df08 100644 --- a/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll +++ b/swift/ql/lib/codeql/swift/generated/stmt/BraceStmt.qll @@ -10,14 +10,27 @@ module Generated { /** * Gets the `index`th element of this brace statement (0-based). + * + * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the + * behavior of both the `Immediate` and non-`Immediate` versions. */ - AstNode getElement(int index) { + AstNode getImmediateElement(int index) { result = Synth::convertAstNodeFromRaw(Synth::convertBraceStmtToRaw(this) .(Raw::BraceStmt) .getElement(index)) } + /** + * Gets the `index`th element of this brace statement (0-based). + */ + final AstNode getElement(int index) { + exists(AstNode immediate | + immediate = this.getImmediateElement(index) and + result = immediate.resolve() + ) + } + /** * Gets any of the elements of this brace statement. */ diff --git a/swift/ql/lib/codeql/swift/generated/type/Type.qll b/swift/ql/lib/codeql/swift/generated/type/Type.qll index 7f09e7d7e94..a3074fdd4d3 100644 --- a/swift/ql/lib/codeql/swift/generated/type/Type.qll +++ b/swift/ql/lib/codeql/swift/generated/type/Type.qll @@ -1,10 +1,10 @@ // generated by codegen/codegen.py private import codeql.swift.generated.Synth private import codeql.swift.generated.Raw -import codeql.swift.elements.HideableElement +import codeql.swift.elements.Element module Generated { - class Type extends Synth::TType, HideableElement { + class Type extends Synth::TType, Element { /** * Gets the name of this type. */ diff --git a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll index dc6af553f43..57e68648636 100644 --- a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll +++ b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll @@ -66,7 +66,7 @@ private string prettyPrint(Locatable e) { result = "[" + concat(e.getPrimaryQlClasses(), ", ") + "] " + e } -private class Unresolved extends HideableElement, Locatable { +private class Unresolved extends Locatable { Unresolved() { this != this.resolve() } } @@ -89,7 +89,7 @@ class PrintLocatable extends PrintAstNode, TLocatable { // use even indexes for normal children, leaving odd slots for conversions if any child = TLocatable(c) and index = 2 * i and label = accessor or - child = TLocatable(c.(HideableElement).getFullyUnresolved().(Unresolved)) and + child = TLocatable(c.getFullyUnresolved().(Unresolved)) and index = 2 * i + 1 and ( if c instanceof Expr diff --git a/swift/ql/lib/swift.dbscheme b/swift/ql/lib/swift.dbscheme index 37e784cc154..ba4171b90d0 100644 --- a/swift/ql/lib/swift.dbscheme +++ b/swift/ql/lib/swift.dbscheme @@ -15,9 +15,9 @@ sourceLocationPrefix( @callable | @file | @generic_context -| @hideable_element | @locatable | @location +| @type ; #keyset[id] @@ -77,12 +77,6 @@ file_is_successfully_extracted( int id: @file ref ); -@hideable_element = - @expr -| @pattern -| @type -; - @locatable = @argument | @ast_node diff --git a/swift/schema.py b/swift/schema.py index 76ac53dcb5c..5f000b32a8c 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -72,12 +72,9 @@ class UnknownLocation(Location): class AstNode(Locatable): pass -@ql.hideable -class HideableElement(Element): - pass - @group("type") -class Type(HideableElement): +@ql.hideable +class Type(Element): name: string canonical_type: "Type" @@ -87,12 +84,14 @@ class Decl(AstNode): members: list["Decl"] | child @group("expr") -class Expr(AstNode, HideableElement): +@ql.hideable +class Expr(AstNode): """The base class for all expressions in Swift.""" type: optional[Type] @group("pattern") -class Pattern(AstNode, HideableElement): +@ql.hideable +class Pattern(AstNode): pass @group("stmt") From 99c211955b2b00a9c95914b835f8ab6a0e3bcb52 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Tue, 23 May 2023 14:31:25 +0100 Subject: [PATCH 074/210] Hotfix: Go: exclude method receivers from dead-store-of-field query --- go/ql/src/RedundantCode/DeadStoreOfField.ql | 3 +++ 1 file changed, 3 insertions(+) diff --git a/go/ql/src/RedundantCode/DeadStoreOfField.ql b/go/ql/src/RedundantCode/DeadStoreOfField.ql index 9dd2c4de65c..edc1d62cb00 100644 --- a/go/ql/src/RedundantCode/DeadStoreOfField.ql +++ b/go/ql/src/RedundantCode/DeadStoreOfField.ql @@ -38,6 +38,9 @@ predicate escapes(DataFlow::Node nd) { // if `nd` is passed to a function, then it escapes nd = any(DataFlow::CallNode c).getASyntacticArgument() or + // if `nd` is the receiver of a function, then it escapes + nd = any(DataFlow::MethodCallNode c).getReceiver() + or // if `nd` has its address taken, then it escapes exists(AddressExpr ae | nd.asExpr() = ae.getOperand()) or From 90c174de4e62deffe534a2e904cb390d10050150 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Tue, 23 May 2023 17:36:50 +0100 Subject: [PATCH 075/210] Updated the .expected file accordingly --- .../cwe-176/UnicodeBypassValidation.expected | 123 ++++++++++-------- 1 file changed, 71 insertions(+), 52 deletions(-) diff --git a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected index 0392033c948..b79057a8479 100644 --- a/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected +++ b/ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected @@ -1,56 +1,75 @@ edges -| unicode_normalization.rb:3:5:3:17 | unicode_input | unicode_normalization.rb:4:23:4:35 | unicode_input | -| unicode_normalization.rb:3:5:3:17 | unicode_input | unicode_normalization.rb:5:22:5:34 | unicode_input | -| unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:3:21:3:42 | ...[...] | -| unicode_normalization.rb:3:21:3:42 | ...[...] | unicode_normalization.rb:3:5:3:17 | unicode_input | -| unicode_normalization.rb:11:5:11:17 | unicode_input | unicode_normalization.rb:12:27:12:39 | unicode_input | -| unicode_normalization.rb:11:5:11:17 | unicode_input | unicode_normalization.rb:12:27:12:39 | unicode_input | -| unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:11:21:11:42 | ...[...] | -| unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:11:21:11:42 | ...[...] | -| unicode_normalization.rb:11:21:11:42 | ...[...] | unicode_normalization.rb:11:5:11:17 | unicode_input | -| unicode_normalization.rb:11:21:11:42 | ...[...] | unicode_normalization.rb:11:5:11:17 | unicode_input | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | -| unicode_normalization.rb:12:27:12:39 | unicode_input | unicode_normalization.rb:12:27:12:59 | call to sub | -| unicode_normalization.rb:12:27:12:39 | unicode_input | unicode_normalization.rb:12:27:12:59 | call to sub | -| unicode_normalization.rb:12:27:12:59 | call to sub | unicode_normalization.rb:12:5:12:23 | unicode_input_manip | -| unicode_normalization.rb:20:5:20:17 | unicode_input | unicode_normalization.rb:21:25:21:37 | unicode_input | -| unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:20:21:20:42 | ...[...] | -| unicode_normalization.rb:20:21:20:42 | ...[...] | unicode_normalization.rb:20:5:20:17 | unicode_input | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | -| unicode_normalization.rb:21:25:21:37 | unicode_input | unicode_normalization.rb:21:25:21:47 | call to html_safe | -| unicode_normalization.rb:21:25:21:47 | call to html_safe | unicode_normalization.rb:21:5:21:21 | unicode_html_safe | +| unicode_normalization.rb:7:5:7:17 | unicode_input | unicode_normalization.rb:8:23:8:35 | unicode_input | +| unicode_normalization.rb:7:5:7:17 | unicode_input | unicode_normalization.rb:9:22:9:34 | unicode_input | +| unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:7:21:7:42 | ...[...] | +| unicode_normalization.rb:7:21:7:42 | ...[...] | unicode_normalization.rb:7:5:7:17 | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | unicode_normalization.rb:16:27:16:39 | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | unicode_normalization.rb:16:27:16:39 | unicode_input | +| unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:15:21:15:42 | ...[...] | +| unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:15:21:15:42 | ...[...] | +| unicode_normalization.rb:15:21:15:42 | ...[...] | unicode_normalization.rb:15:5:15:17 | unicode_input | +| unicode_normalization.rb:15:21:15:42 | ...[...] | unicode_normalization.rb:15:5:15:17 | unicode_input | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | +| unicode_normalization.rb:16:27:16:39 | unicode_input | unicode_normalization.rb:16:27:16:59 | call to sub | +| unicode_normalization.rb:16:27:16:39 | unicode_input | unicode_normalization.rb:16:27:16:59 | call to sub | +| unicode_normalization.rb:16:27:16:59 | call to sub | unicode_normalization.rb:16:5:16:23 | unicode_input_manip | +| unicode_normalization.rb:24:5:24:17 | unicode_input | unicode_normalization.rb:25:37:25:49 | unicode_input | +| unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:24:21:24:42 | ...[...] | +| unicode_normalization.rb:24:21:24:42 | ...[...] | unicode_normalization.rb:24:5:24:17 | unicode_input | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | +| unicode_normalization.rb:25:25:25:50 | call to html_escape | unicode_normalization.rb:25:5:25:21 | unicode_html_safe | +| unicode_normalization.rb:25:37:25:49 | unicode_input | unicode_normalization.rb:25:25:25:50 | call to html_escape | +| unicode_normalization.rb:33:5:33:17 | unicode_input | unicode_normalization.rb:34:40:34:52 | unicode_input | +| unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:33:21:33:42 | ...[...] | +| unicode_normalization.rb:33:21:33:42 | ...[...] | unicode_normalization.rb:33:5:33:17 | unicode_input | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | +| unicode_normalization.rb:34:25:34:53 | call to escapeHTML | unicode_normalization.rb:34:25:34:63 | call to html_safe | +| unicode_normalization.rb:34:25:34:63 | call to html_safe | unicode_normalization.rb:34:5:34:21 | unicode_html_safe | +| unicode_normalization.rb:34:40:34:52 | unicode_input | unicode_normalization.rb:34:25:34:53 | call to escapeHTML | nodes -| unicode_normalization.rb:3:5:3:17 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:3:21:3:26 | call to params | semmle.label | call to params | -| unicode_normalization.rb:3:21:3:42 | ...[...] | semmle.label | ...[...] | -| unicode_normalization.rb:4:23:4:35 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:5:22:5:34 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:11:5:11:17 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:11:5:11:17 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:11:21:11:26 | call to params | semmle.label | call to params | -| unicode_normalization.rb:11:21:11:42 | ...[...] | semmle.label | ...[...] | -| unicode_normalization.rb:11:21:11:42 | ...[...] | semmle.label | ...[...] | -| unicode_normalization.rb:12:5:12:23 | unicode_input_manip | semmle.label | unicode_input_manip | -| unicode_normalization.rb:12:27:12:39 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:12:27:12:39 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:12:27:12:59 | call to sub | semmle.label | call to sub | -| unicode_normalization.rb:13:23:13:41 | unicode_input_manip | semmle.label | unicode_input_manip | -| unicode_normalization.rb:14:22:14:40 | unicode_input_manip | semmle.label | unicode_input_manip | -| unicode_normalization.rb:20:5:20:17 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:20:21:20:26 | call to params | semmle.label | call to params | -| unicode_normalization.rb:20:21:20:42 | ...[...] | semmle.label | ...[...] | -| unicode_normalization.rb:21:5:21:21 | unicode_html_safe | semmle.label | unicode_html_safe | -| unicode_normalization.rb:21:25:21:37 | unicode_input | semmle.label | unicode_input | -| unicode_normalization.rb:21:25:21:47 | call to html_safe | semmle.label | call to html_safe | -| unicode_normalization.rb:22:23:22:39 | unicode_html_safe | semmle.label | unicode_html_safe | -| unicode_normalization.rb:23:22:23:38 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:7:5:7:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:7:21:7:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:7:21:7:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:8:23:8:35 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:9:22:9:34 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:5:15:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:15:21:15:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:15:21:15:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:15:21:15:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:16:5:16:23 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:16:27:16:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:16:27:16:39 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:16:27:16:59 | call to sub | semmle.label | call to sub | +| unicode_normalization.rb:17:23:17:41 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:18:22:18:40 | unicode_input_manip | semmle.label | unicode_input_manip | +| unicode_normalization.rb:24:5:24:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:24:21:24:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:24:21:24:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:25:5:25:21 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:25:25:25:50 | call to html_escape | semmle.label | call to html_escape | +| unicode_normalization.rb:25:37:25:49 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:26:23:26:39 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:27:22:27:38 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:33:5:33:17 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:33:21:33:26 | call to params | semmle.label | call to params | +| unicode_normalization.rb:33:21:33:42 | ...[...] | semmle.label | ...[...] | +| unicode_normalization.rb:34:5:34:21 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:34:25:34:53 | call to escapeHTML | semmle.label | call to escapeHTML | +| unicode_normalization.rb:34:25:34:63 | call to html_safe | semmle.label | call to html_safe | +| unicode_normalization.rb:34:40:34:52 | unicode_input | semmle.label | unicode_input | +| unicode_normalization.rb:35:23:35:39 | unicode_html_safe | semmle.label | unicode_html_safe | +| unicode_normalization.rb:36:22:36:38 | unicode_html_safe | semmle.label | unicode_html_safe | subpaths #select -| unicode_normalization.rb:4:23:4:35 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:4:23:4:35 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:4:23:4:35 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:5:22:5:34 | unicode_input | unicode_normalization.rb:3:21:3:26 | call to params | unicode_normalization.rb:5:22:5:34 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:5:22:5:34 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:3:21:3:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:13:23:13:41 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:13:23:13:41 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:14:22:14:40 | unicode_input_manip | unicode_normalization.rb:11:21:11:26 | call to params | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:14:22:14:40 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:11:21:11:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:22:23:22:39 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:22:23:22:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | -| unicode_normalization.rb:23:22:23:38 | unicode_html_safe | unicode_normalization.rb:20:21:20:26 | call to params | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:23:22:23:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:20:21:20:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:8:23:8:35 | unicode_input | unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:8:23:8:35 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:8:23:8:35 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:7:21:7:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:9:22:9:34 | unicode_input | unicode_normalization.rb:7:21:7:26 | call to params | unicode_normalization.rb:9:22:9:34 | unicode_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:9:22:9:34 | unicode_input | Unicode transformation (Unicode normalization) | unicode_normalization.rb:7:21:7:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:17:23:17:41 | unicode_input_manip | unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:17:23:17:41 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:15:21:15:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:18:22:18:40 | unicode_input_manip | unicode_normalization.rb:15:21:15:26 | call to params | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:18:22:18:40 | unicode_input_manip | Unicode transformation (Unicode normalization) | unicode_normalization.rb:15:21:15:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:26:23:26:39 | unicode_html_safe | unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:26:23:26:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:24:21:24:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:27:22:27:38 | unicode_html_safe | unicode_normalization.rb:24:21:24:26 | call to params | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:27:22:27:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:24:21:24:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:35:23:35:39 | unicode_html_safe | unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:35:23:35:39 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:33:21:33:26 | call to params | remote user-controlled data | +| unicode_normalization.rb:36:22:36:38 | unicode_html_safe | unicode_normalization.rb:33:21:33:26 | call to params | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | unicode_normalization.rb:36:22:36:38 | unicode_html_safe | Unicode transformation (Unicode normalization) | unicode_normalization.rb:33:21:33:26 | call to params | remote user-controlled data | From ad5355a04af119ad3de4acb907db42f507705698 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Tue, 23 May 2023 19:49:03 +0200 Subject: [PATCH 076/210] Pg Library, change note and Frameworks.qll --- ruby/ql/lib/change-notes/2023-05-06-pg.md | 4 + ruby/ql/lib/codeql/ruby/Frameworks.qll | 1 + ruby/ql/lib/codeql/ruby/frameworks/Pg.qll | 77 +++++++++++++++++++ .../security/cwe-089/PgInjection.rb | 70 +++++++++++++++++ 4 files changed, 152 insertions(+) create mode 100644 ruby/ql/lib/change-notes/2023-05-06-pg.md create mode 100644 ruby/ql/lib/codeql/ruby/frameworks/Pg.qll create mode 100644 ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb diff --git a/ruby/ql/lib/change-notes/2023-05-06-pg.md b/ruby/ql/lib/change-notes/2023-05-06-pg.md new file mode 100644 index 00000000000..1828497c04e --- /dev/null +++ b/ruby/ql/lib/change-notes/2023-05-06-pg.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Support for the `pg` gem has been added. Method calls that execute queries against an PostgreSQL database that may be vulnerable to injection attacks will now be recognized. \ No newline at end of file diff --git a/ruby/ql/lib/codeql/ruby/Frameworks.qll b/ruby/ql/lib/codeql/ruby/Frameworks.qll index e61ac723e7e..29eacf22e33 100644 --- a/ruby/ql/lib/codeql/ruby/Frameworks.qll +++ b/ruby/ql/lib/codeql/ruby/Frameworks.qll @@ -32,3 +32,4 @@ private import codeql.ruby.frameworks.Slim private import codeql.ruby.frameworks.Sinatra private import codeql.ruby.frameworks.Twirp private import codeql.ruby.frameworks.Sqlite3 +private import codeql.ruby.frameworks.Pg diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll new file mode 100644 index 00000000000..27f4844bd77 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll @@ -0,0 +1,77 @@ +/** + * Provides modeling for Pg, a Ruby library (gem) for interacting with PostgreSQL databases. + */ + +private import codeql.ruby.ApiGraphs +private import codeql.ruby.dataflow.FlowSummary +private import codeql.ruby.Concepts + +/** + * Provides modeling for Pg, a Ruby library (gem) for interacting with PostgreSQL databases. + */ +module Pg { + /** + * Flow summary for `PG.new()`. This method initializes a database connection. + */ + private class SqlSummary extends SummarizedCallable { + SqlSummary() { this = "PG.new()" } + + override MethodCall getACall() { result = any(PgConnection c).asExpr().getExpr() } + + override predicate propagatesFlowExt(string input, string output, boolean preservesValue) { + input = "Argument[0]" and output = "ReturnValue" and preservesValue = false + } + } + + /** A call to PG::Connection.open() is used to establish a connection to a PostgreSQL database. */ + private class PgConnection extends DataFlow::CallNode { + PgConnection() { + this = + API::getTopLevelMember("PG") + .getMember("Connection") + .getAMethodCall(["open", "new", "connect_start"]) + or + this = API::getTopLevelMember("PG").getAnInstantiation() + } + } + + /** A call that prepares an SQL statment to be executed later. */ + private class PgPrepareCall extends SqlConstruction::Range, DataFlow::CallNode { + private DataFlow::Node query; + private PgConnection pgConnection; + private string queryName; + + PgPrepareCall() { + this = pgConnection.getAMethodCall("prepare") and + queryName = this.getArgument(0).getConstantValue().getStringlikeValue() and + query = this.getArgument(1) + } + + PgConnection getConnection() { result = pgConnection } + + string getQueryName() { result = queryName } + + override DataFlow::Node getSql() { result = query } + } + + /** A call that executes SQL statements against a PostgreSQL database. */ + private class PgExecution extends SqlExecution::Range, DataFlow::CallNode { + private DataFlow::Node query; + + PgExecution() { + exists(PgConnection pgConnection | + this = + pgConnection.getAMethodCall(["exec", "async_exec", "exec_params", "async_exec_params"]) and + query = this.getArgument(0) + or + exists(PgPrepareCall prepareCall | + pgConnection = prepareCall.getConnection() and + this.getArgument(0).getConstantValue().isStringlikeValue(prepareCall.getQueryName()) and + query = prepareCall.getSql() + ) + ) + } + + override DataFlow::Node getSql() { result = query } + } +} diff --git a/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb b/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb new file mode 100644 index 00000000000..549be489858 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-089/PgInjection.rb @@ -0,0 +1,70 @@ +class FooController < ActionController::Base + + def some_request_handler + # A string tainted by user input is inserted into a query + # (i.e a remote flow source) + name = params[:name] + + # Establish a connection to a PostgreSQL database + conn = PG::Connection.open(:dbname => 'postgresql', :user => 'user', :password => 'pass', :host => 'localhost', :port => '5432') + + # .exec() and .async_exec() + # BAD: SQL statement constructed from user input + qry1 = "SELECT * FROM users WHERE username = '#{name}';" + conn.exec(qry1) + conn.async_exec(qry1) + + # .exec_params() and .async_exec_params() + # BAD: SQL statement constructed from user input + qry2 = "SELECT * FROM users WHERE username = '#{name}';" + conn.exec_params(qry2) + conn.async_exec_params(qry2) + + # .exec_params() and .async_exec_params() + # GOOD: SQL statement constructed from sanitized user input + qry2 = "SELECT * FROM users WHERE username = $1;" + conn.exec_params(qry2, [name]) + conn.async_exec_params(qry2, [name]) + + # .prepare() and .exec_prepared() + # BAD: SQL statement constructed from user input + qry3 = "SELECT * FROM users WHERE username = '#{name}';" + conn.prepare("query_1", qry3) + conn.exec_prepared('query_1') + + # .prepare() and .exec_prepared() + # GOOD: SQL statement constructed from sanitized user input + qry3 = "SELECT * FROM users WHERE username = $1;" + conn.prepare("query_2", qry3) + conn.exec_prepared('query_2', [name]) + + # .prepare() and .exec_prepared() + # NOT EXECUTED: SQL statement constructed from user input but not executed + qry3 = "SELECT * FROM users WHERE username = '#{name}';" + conn.prepare("query_3", qry3) + end +end + +class BarController < ApplicationController + def safe_paths + name1 = params["name1"] + # GOOD: barrier guard prevents taint flow + if name == "admin" + qry_bar1 = "SELECT * FROM users WHERE username = '%s';" % name + else + qry_bar1 = "SELECT * FROM users WHERE username = 'none';" + end + conn.exec_params(qry_bar1) + + + name2 = params["name2"] + # GOOD: barrier guard prevents taint flow + name2 = if ["admin", "guest"].include? name2 + name2 + else + name2 = "none" + end + qry_bar2 = "SELECT * FROM users WHERE username = '%s';" % name + conn.exec_params(qry_bar2) + end +end From 8dca5852077112109a4e1c0009591c2716c5eac0 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Tue, 23 May 2023 20:04:34 +0200 Subject: [PATCH 077/210] Expected --- .../security/cwe-089/SqlInjection.expected | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected index 087063a6ac4..0cc0d213dcc 100644 --- a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected +++ b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected @@ -55,6 +55,18 @@ edges | ArelInjection.rb:4:5:4:8 | name | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | | ArelInjection.rb:4:12:4:17 | call to params | ArelInjection.rb:4:12:4:29 | ...[...] | | ArelInjection.rb:4:12:4:29 | ...[...] | ArelInjection.rb:4:5:4:8 | name | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:13:5:13:8 | qry1 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:19:5:19:8 | qry2 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:31:5:31:8 | qry3 | +| PgInjection.rb:6:5:6:8 | name | PgInjection.rb:43:5:43:8 | qry3 | +| PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:6:12:6:24 | ...[...] | +| PgInjection.rb:6:12:6:24 | ...[...] | PgInjection.rb:6:5:6:8 | name | +| PgInjection.rb:13:5:13:8 | qry1 | PgInjection.rb:14:15:14:18 | qry1 | +| PgInjection.rb:13:5:13:8 | qry1 | PgInjection.rb:15:21:15:24 | qry1 | +| PgInjection.rb:19:5:19:8 | qry2 | PgInjection.rb:20:22:20:25 | qry2 | +| PgInjection.rb:19:5:19:8 | qry2 | PgInjection.rb:21:28:21:31 | qry2 | +| PgInjection.rb:31:5:31:8 | qry3 | PgInjection.rb:32:29:32:32 | qry3 | +| PgInjection.rb:43:5:43:8 | qry3 | PgInjection.rb:44:29:44:32 | qry3 | nodes | ActiveRecordInjection.rb:8:25:8:28 | name | semmle.label | name | | ActiveRecordInjection.rb:8:31:8:34 | pass | semmle.label | pass | @@ -133,6 +145,19 @@ nodes | ArelInjection.rb:4:12:4:17 | call to params | semmle.label | call to params | | ArelInjection.rb:4:12:4:29 | ...[...] | semmle.label | ...[...] | | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | semmle.label | "SELECT * FROM users WHERE nam..." | +| PgInjection.rb:6:5:6:8 | name | semmle.label | name | +| PgInjection.rb:6:12:6:17 | call to params | semmle.label | call to params | +| PgInjection.rb:6:12:6:24 | ...[...] | semmle.label | ...[...] | +| PgInjection.rb:13:5:13:8 | qry1 | semmle.label | qry1 | +| PgInjection.rb:14:15:14:18 | qry1 | semmle.label | qry1 | +| PgInjection.rb:15:21:15:24 | qry1 | semmle.label | qry1 | +| PgInjection.rb:19:5:19:8 | qry2 | semmle.label | qry2 | +| PgInjection.rb:20:22:20:25 | qry2 | semmle.label | qry2 | +| PgInjection.rb:21:28:21:31 | qry2 | semmle.label | qry2 | +| PgInjection.rb:31:5:31:8 | qry3 | semmle.label | qry3 | +| PgInjection.rb:32:29:32:32 | qry3 | semmle.label | qry3 | +| PgInjection.rb:43:5:43:8 | qry3 | semmle.label | qry3 | +| PgInjection.rb:44:29:44:32 | qry3 | semmle.label | qry3 | subpaths #select | ActiveRecordInjection.rb:10:33:10:67 | "name='#{...}' and pass='#{...}'" | ActiveRecordInjection.rb:70:23:70:28 | call to params | ActiveRecordInjection.rb:10:33:10:67 | "name='#{...}' and pass='#{...}'" | This SQL query depends on a $@. | ActiveRecordInjection.rb:70:23:70:28 | call to params | user-provided value | @@ -159,3 +184,9 @@ subpaths | ActiveRecordInjection.rb:177:43:177:104 | "SELECT * FROM users WHERE id ..." | ActiveRecordInjection.rb:173:5:173:10 | call to params | ActiveRecordInjection.rb:177:43:177:104 | "SELECT * FROM users WHERE id ..." | This SQL query depends on a $@. | ActiveRecordInjection.rb:173:5:173:10 | call to params | user-provided value | | ActiveRecordInjection.rb:178:35:178:96 | "SELECT * FROM users WHERE id ..." | ActiveRecordInjection.rb:173:5:173:10 | call to params | ActiveRecordInjection.rb:178:35:178:96 | "SELECT * FROM users WHERE id ..." | This SQL query depends on a $@. | ActiveRecordInjection.rb:173:5:173:10 | call to params | user-provided value | | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | ArelInjection.rb:4:12:4:17 | call to params | ArelInjection.rb:6:20:6:61 | "SELECT * FROM users WHERE nam..." | This SQL query depends on a $@. | ArelInjection.rb:4:12:4:17 | call to params | user-provided value | +| PgInjection.rb:14:15:14:18 | qry1 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:14:15:14:18 | qry1 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:15:21:15:24 | qry1 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:15:21:15:24 | qry1 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:20:22:20:25 | qry2 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:20:22:20:25 | qry2 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:21:28:21:31 | qry2 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:21:28:21:31 | qry2 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:32:29:32:32 | qry3 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:32:29:32:32 | qry3 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | +| PgInjection.rb:44:29:44:32 | qry3 | PgInjection.rb:6:12:6:17 | call to params | PgInjection.rb:44:29:44:32 | qry3 | This SQL query depends on a $@. | PgInjection.rb:6:12:6:17 | call to params | user-provided value | \ No newline at end of file From 0dfc9b996d2f90cbb65109e9d108ff1d714979a5 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 23 May 2023 14:47:51 -0700 Subject: [PATCH 078/210] C++: Promote 'cpp/overrun-write' out of experimental. --- .../CWE/CWE-119}/OverrunWriteProductFlow.cpp | 0 .../CWE/CWE-119}/OverrunWriteProductFlow.qhelp | 0 .../CWE/CWE-119}/OverrunWriteProductFlow.ql | 2 +- .../Security/CWE/CWE-119/OverrunWriteProductFlow.qlref | 1 - .../CWE/CWE-119/SAMATE}/OverrunWriteProductFlow.expected | 0 .../Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref | 1 + .../Security/CWE/CWE-119/SAMATE}/test.cpp | 0 7 files changed, 2 insertions(+), 2 deletions(-) rename cpp/ql/src/{experimental/Likely Bugs => Security/CWE/CWE-119}/OverrunWriteProductFlow.cpp (100%) rename cpp/ql/src/{experimental/Likely Bugs => Security/CWE/CWE-119}/OverrunWriteProductFlow.qhelp (100%) rename cpp/ql/src/{experimental/Likely Bugs => Security/CWE/CWE-119}/OverrunWriteProductFlow.ql (99%) delete mode 100644 cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref rename cpp/ql/test/{experimental/query-tests/Security/CWE/CWE-119 => query-tests/Security/CWE/CWE-119/SAMATE}/OverrunWriteProductFlow.expected (100%) create mode 100644 cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref rename cpp/ql/test/{experimental/query-tests/Security/CWE/CWE-119 => query-tests/Security/CWE/CWE-119/SAMATE}/test.cpp (100%) diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql similarity index 99% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql index e787b596158..2768853c007 100644 --- a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql @@ -4,10 +4,10 @@ * may result in a buffer overflow. * @kind path-problem * @problem.severity error + * @precision medium * @id cpp/overrun-write * @tags reliability * security - * experimental * external/cwe/cwe-119 * external/cwe/cwe-131 */ diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref deleted file mode 100644 index 21ced45de5d..00000000000 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref +++ /dev/null @@ -1 +0,0 @@ -experimental/Likely Bugs/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected similarity index 100% rename from cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected rename to cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref new file mode 100644 index 00000000000..1a418e6abc6 --- /dev/null +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref @@ -0,0 +1 @@ +Security/CWE/CWE-119/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp similarity index 100% rename from cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp rename to cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp From e1223d0b2132b0daa572dd51fefb12dd15c1b767 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 23 May 2023 15:01:33 -0700 Subject: [PATCH 079/210] C++: Add security severity. --- cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql index 2768853c007..0d8648aac0a 100644 --- a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql @@ -4,6 +4,7 @@ * may result in a buffer overflow. * @kind path-problem * @problem.severity error + * @security-severity 9.3 * @precision medium * @id cpp/overrun-write * @tags reliability From 27c1e47ece8ad16cb851c300aa7b8589a5080b59 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Wed, 24 May 2023 01:44:51 +0200 Subject: [PATCH 080/210] Update ruby/ql/lib/change-notes/2023-05-06-pg.md Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com> --- ruby/ql/lib/change-notes/2023-05-06-pg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/change-notes/2023-05-06-pg.md b/ruby/ql/lib/change-notes/2023-05-06-pg.md index 1828497c04e..0e671ff9106 100644 --- a/ruby/ql/lib/change-notes/2023-05-06-pg.md +++ b/ruby/ql/lib/change-notes/2023-05-06-pg.md @@ -1,4 +1,4 @@ --- category: minorAnalysis --- -* Support for the `pg` gem has been added. Method calls that execute queries against an PostgreSQL database that may be vulnerable to injection attacks will now be recognized. \ No newline at end of file +* Support for the `pg` gem has been added. Method calls that execute queries against a PostgreSQL database that may be vulnerable to injection attacks will now be recognized. \ No newline at end of file From d2e192020b816f5092c3ac2f588432dc7b1153b4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 24 May 2023 11:26:12 +0000 Subject: [PATCH 081/210] Post-release preparation for codeql-cli-2.13.3 --- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/qlpack.yml | 2 +- 24 files changed, 24 insertions(+), 24 deletions(-) diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 2008adee602..1982886c434 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.7.2 +version: 0.7.3-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 8b2bb0ed100..46dffc3e763 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.6.2 +version: 0.6.3-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 9c09d378a20..4f2900e0b73 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.5.2 +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 241bb764b7c..2318576e19e 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.5.2 +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 1e56c93103b..17e00fa022c 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.6.2 +version: 0.6.3-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 663ad9efee2..95506e0f254 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.6.2 +version: 0.6.3-dev groups: - csharp - queries diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 4da3e4ac60c..287c27187e3 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.5.2 +version: 0.5.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 81410e8a0bc..75963a0708e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.5.2 +version: 0.5.3-dev groups: - go - queries diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 94ec029ed07..ada2ac9e999 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.6.2 +version: 0.6.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8936d5a4373..2da31e822ff 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.6.2 +version: 0.6.3-dev groups: - java - queries diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index c45ff2f4732..52962f549b0 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.6.2 +version: 0.6.3-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index f64917ed51f..10e071e417c 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.6.2 +version: 0.6.3-dev groups: - javascript - queries diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index a66a845730d..b6fbcda7201 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.5.2 +version: 0.5.3-dev groups: shared diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index be1ec0efa99..9d4522d5f58 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.9.2 +version: 0.9.3-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index d399ced2ccd..eb327c2e42e 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.7.2 +version: 0.7.3-dev groups: - python - queries diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 7d01fb676db..bb01a5ff87d 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.6.2 +version: 0.6.3-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 2ba1f5ae58f..3bc462dc7ee 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.6.2 +version: 0.6.3-dev groups: - ruby - queries diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index deb3ab1029b..86b105c881a 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.0.13 +version: 0.0.14-dev groups: shared library: true dependencies: diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 2200a923da4..55ebe316292 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.0.17 +version: 0.0.18-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index dafd176c023..af7544c0ae9 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.0.10 +version: 0.0.11-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 697964c9078..10e32e39f99 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.0.10 +version: 0.0.11-dev groups: shared library: true dependencies: diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 41595203b56..fa4fe52aace 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.0.17 +version: 0.0.18-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index b6a5d413250..c044709ceee 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.0.10 +version: 0.0.11-dev groups: shared library: true dependencies: diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 5f61beb0f39..6b9f33c9125 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.0.2 +version: 0.0.3-dev groups: shared library: true warnOnImplicitThis: true From 40450a27927d9682f2ae611d6efcb1f5f036d6a7 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Wed, 24 May 2023 17:02:48 +0200 Subject: [PATCH 082/210] typo --- ruby/ql/lib/codeql/ruby/frameworks/Pg.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll index 27f4844bd77..e0f60730721 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/Pg.qll @@ -35,7 +35,7 @@ module Pg { } } - /** A call that prepares an SQL statment to be executed later. */ + /** A call that prepares an SQL statement to be executed later. */ private class PgPrepareCall extends SqlConstruction::Range, DataFlow::CallNode { private DataFlow::Node query; private PgConnection pgConnection; From e513af1bcfe8a1e45f89860d634b636c4fe1c8c0 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 24 May 2023 12:11:05 +0200 Subject: [PATCH 083/210] Swift: add CFG and PrintAst consistency queries, enabling them in CI --- swift/actions/run-ql-tests/action.yml | 1 + .../lib/codeql/swift/printast/Consistency.qll | 29 +++++++++++++++++++ .../consistency/CfgConsistency.ql} | 0 .../ql/src/consistency/PrintAstConsistency.ql | 1 + .../ast/no_double_children.expected | 0 .../library-tests/ast/no_double_children.ql | 8 ----- .../ast/no_double_indexes.expected | 0 .../library-tests/ast/no_double_indexes.ql | 8 ----- .../ast/no_double_parents.expected | 0 .../library-tests/ast/no_double_parents.ql | 8 ----- .../ast/no_parent_child_loops.expected | 0 .../ast/no_parent_child_loops.ql | 7 ----- .../controlflow/graph/consistency.expected | 24 --------------- 13 files changed, 31 insertions(+), 55 deletions(-) create mode 100644 swift/ql/lib/codeql/swift/printast/Consistency.qll rename swift/ql/{test/library-tests/controlflow/graph/consistency.ql => src/consistency/CfgConsistency.ql} (100%) create mode 100644 swift/ql/src/consistency/PrintAstConsistency.ql delete mode 100644 swift/ql/test/library-tests/ast/no_double_children.expected delete mode 100644 swift/ql/test/library-tests/ast/no_double_children.ql delete mode 100644 swift/ql/test/library-tests/ast/no_double_indexes.expected delete mode 100644 swift/ql/test/library-tests/ast/no_double_indexes.ql delete mode 100644 swift/ql/test/library-tests/ast/no_double_parents.expected delete mode 100644 swift/ql/test/library-tests/ast/no_double_parents.ql delete mode 100644 swift/ql/test/library-tests/ast/no_parent_child_loops.expected delete mode 100644 swift/ql/test/library-tests/ast/no_parent_child_loops.ql delete mode 100644 swift/ql/test/library-tests/controlflow/graph/consistency.expected diff --git a/swift/actions/run-ql-tests/action.yml b/swift/actions/run-ql-tests/action.yml index 436f913e630..ea2a7313584 100644 --- a/swift/actions/run-ql-tests/action.yml +++ b/swift/actions/run-ql-tests/action.yml @@ -26,6 +26,7 @@ runs: --check-repeated-labels \ --check-redefined-labels \ --check-use-before-definition \ + --consistency-queries "${{ github.workspace }}/swift/ql/src/consistency" \ --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" \ ${{ inputs.flags }} \ swift/ql/test diff --git a/swift/ql/lib/codeql/swift/printast/Consistency.qll b/swift/ql/lib/codeql/swift/printast/Consistency.qll new file mode 100644 index 00000000000..7fa731d4fe9 --- /dev/null +++ b/swift/ql/lib/codeql/swift/printast/Consistency.qll @@ -0,0 +1,29 @@ +private import codeql.swift.printast.PrintAstNode + +query predicate doubleChildren( + PrintAstNode parent, int index, PrintAstNode child1, PrintAstNode child2 +) { + child1 != child2 and + parent.hasChild(child1, index, _) and + parent.hasChild(child2, index, _) +} + +query predicate doubleIndexes(PrintAstNode parent, int index1, int index2, PrintAstNode child) { + index1 != index2 and + parent.hasChild(child, index1, _) and + parent.hasChild(child, index2, _) +} + +query predicate doubleParents(PrintAstNode parent1, PrintAstNode parent2, PrintAstNode child) { + parent1 != parent2 and + parent1.hasChild(child, _, _) and + parent2.hasChild(child, _, _) +} + +private predicate isChildOf(PrintAstNode parent, PrintAstNode child) { + parent.hasChild(child, _, _) +} + +query predicate parentChildLoops(PrintAstNode parent, PrintAstNode child) { + isChildOf(parent, child) and isChildOf*(child, parent) +} diff --git a/swift/ql/test/library-tests/controlflow/graph/consistency.ql b/swift/ql/src/consistency/CfgConsistency.ql similarity index 100% rename from swift/ql/test/library-tests/controlflow/graph/consistency.ql rename to swift/ql/src/consistency/CfgConsistency.ql diff --git a/swift/ql/src/consistency/PrintAstConsistency.ql b/swift/ql/src/consistency/PrintAstConsistency.ql new file mode 100644 index 00000000000..12c7dfe5991 --- /dev/null +++ b/swift/ql/src/consistency/PrintAstConsistency.ql @@ -0,0 +1 @@ +import codeql.swift.printast.Consistency diff --git a/swift/ql/test/library-tests/ast/no_double_children.expected b/swift/ql/test/library-tests/ast/no_double_children.expected deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/swift/ql/test/library-tests/ast/no_double_children.ql b/swift/ql/test/library-tests/ast/no_double_children.ql deleted file mode 100644 index ffd27bedb03..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_children.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent, int index, PrintAstNode child1, PrintAstNode child2 -where - child1 != child2 and - parent.hasChild(child1, index, _) and - parent.hasChild(child2, index, _) -select parent, index, child1, child2 diff --git a/swift/ql/test/library-tests/ast/no_double_indexes.expected b/swift/ql/test/library-tests/ast/no_double_indexes.expected deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/swift/ql/test/library-tests/ast/no_double_indexes.ql b/swift/ql/test/library-tests/ast/no_double_indexes.ql deleted file mode 100644 index c6308a99100..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_indexes.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent, int index1, int index2, PrintAstNode child -where - index1 != index2 and - parent.hasChild(child, index1, _) and - parent.hasChild(child, index2, _) -select parent, child, index1, index2 diff --git a/swift/ql/test/library-tests/ast/no_double_parents.expected b/swift/ql/test/library-tests/ast/no_double_parents.expected deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/swift/ql/test/library-tests/ast/no_double_parents.ql b/swift/ql/test/library-tests/ast/no_double_parents.ql deleted file mode 100644 index 5a62076a9ea..00000000000 --- a/swift/ql/test/library-tests/ast/no_double_parents.ql +++ /dev/null @@ -1,8 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -from PrintAstNode parent1, PrintAstNode parent2, PrintAstNode child -where - parent1 != parent2 and - parent1.hasChild(child, _, _) and - parent2.hasChild(child, _, _) -select parent1, parent2, child diff --git a/swift/ql/test/library-tests/ast/no_parent_child_loops.expected b/swift/ql/test/library-tests/ast/no_parent_child_loops.expected deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/swift/ql/test/library-tests/ast/no_parent_child_loops.ql b/swift/ql/test/library-tests/ast/no_parent_child_loops.ql deleted file mode 100644 index e7ffea56cc7..00000000000 --- a/swift/ql/test/library-tests/ast/no_parent_child_loops.ql +++ /dev/null @@ -1,7 +0,0 @@ -private import codeql.swift.printast.PrintAstNode - -predicate isChildOf(PrintAstNode parent, PrintAstNode child) { parent.hasChild(child, _, _) } - -from PrintAstNode parent, PrintAstNode child -where isChildOf(parent, child) and isChildOf*(child, parent) -select parent, child diff --git a/swift/ql/test/library-tests/controlflow/graph/consistency.expected b/swift/ql/test/library-tests/controlflow/graph/consistency.expected deleted file mode 100644 index 0440ab97c1a..00000000000 --- a/swift/ql/test/library-tests/controlflow/graph/consistency.expected +++ /dev/null @@ -1,24 +0,0 @@ -nonUniqueSetRepresentation -breakInvariant2 -breakInvariant3 -breakInvariant4 -breakInvariant5 -multipleSuccessors -| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:33:49:33:60 | call to isZero(x:) | -| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:35:5:37:3 | case ... | -| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | -| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | -| cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | -| cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | -simpleAndNormalSuccessors -deadEnd -| cfg.swift:33:49:33:60 | call to isZero(x:) | -| cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | -| file://:0:0:0:0 | ... = ... | -| file://:0:0:0:0 | ... = ... | -nonUniqueSplitKind -nonUniqueListOrder From 85fdcd9912b28bdc685aa550916677269d58d423 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 24 May 2023 13:11:22 +0200 Subject: [PATCH 084/210] Swift: move consistency queries --- swift/actions/run-ql-tests/action.yml | 2 +- .../{src/consistency => consistency-queries}/CfgConsistency.ql | 0 .../consistency => consistency-queries}/PrintAstConsistency.ql | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename swift/ql/{src/consistency => consistency-queries}/CfgConsistency.ql (100%) rename swift/ql/{src/consistency => consistency-queries}/PrintAstConsistency.ql (100%) diff --git a/swift/actions/run-ql-tests/action.yml b/swift/actions/run-ql-tests/action.yml index ea2a7313584..da10997df44 100644 --- a/swift/actions/run-ql-tests/action.yml +++ b/swift/actions/run-ql-tests/action.yml @@ -26,7 +26,7 @@ runs: --check-repeated-labels \ --check-redefined-labels \ --check-use-before-definition \ - --consistency-queries "${{ github.workspace }}/swift/ql/src/consistency" \ + --consistency-queries "${{ github.workspace }}/swift/ql/consistency-queries" \ --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" \ ${{ inputs.flags }} \ swift/ql/test diff --git a/swift/ql/src/consistency/CfgConsistency.ql b/swift/ql/consistency-queries/CfgConsistency.ql similarity index 100% rename from swift/ql/src/consistency/CfgConsistency.ql rename to swift/ql/consistency-queries/CfgConsistency.ql diff --git a/swift/ql/src/consistency/PrintAstConsistency.ql b/swift/ql/consistency-queries/PrintAstConsistency.ql similarity index 100% rename from swift/ql/src/consistency/PrintAstConsistency.ql rename to swift/ql/consistency-queries/PrintAstConsistency.ql From b9fe056d81f70e86763e47a421163f8f1117540b Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 24 May 2023 13:23:05 +0200 Subject: [PATCH 085/210] Swift: add `qlpack.yml` to `consistency-queries` --- swift/ql/consistency-queries/qlpack.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 swift/ql/consistency-queries/qlpack.yml diff --git a/swift/ql/consistency-queries/qlpack.yml b/swift/ql/consistency-queries/qlpack.yml new file mode 100644 index 00000000000..57ef2babccf --- /dev/null +++ b/swift/ql/consistency-queries/qlpack.yml @@ -0,0 +1,4 @@ +name: codeql/swift-consistency-queries +groups: [swift, test, consistency-queries] +dependencies: + codeql/swift-all: ${workspace} From 67a9141e8c6d9238b812b5fcbc4e73ec54603d44 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 24 May 2023 13:26:01 +0200 Subject: [PATCH 086/210] Swift: make AST printer consistency query more helpful --- .../lib/codeql/swift/printast/Consistency.qll | 23 +++++++++++-------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/swift/ql/lib/codeql/swift/printast/Consistency.qll b/swift/ql/lib/codeql/swift/printast/Consistency.qll index 7fa731d4fe9..c2ba698f5ae 100644 --- a/swift/ql/lib/codeql/swift/printast/Consistency.qll +++ b/swift/ql/lib/codeql/swift/printast/Consistency.qll @@ -1,23 +1,28 @@ private import codeql.swift.printast.PrintAstNode query predicate doubleChildren( - PrintAstNode parent, int index, PrintAstNode child1, PrintAstNode child2 + PrintAstNode parent, int index, string label1, PrintAstNode child1, string label2, + PrintAstNode child2 ) { child1 != child2 and - parent.hasChild(child1, index, _) and - parent.hasChild(child2, index, _) + parent.hasChild(child1, index, label1) and + parent.hasChild(child2, index, label2) } -query predicate doubleIndexes(PrintAstNode parent, int index1, int index2, PrintAstNode child) { +query predicate doubleIndexes( + PrintAstNode parent, int index1, string label1, int index2, string label2, PrintAstNode child +) { index1 != index2 and - parent.hasChild(child, index1, _) and - parent.hasChild(child, index2, _) + parent.hasChild(child, index1, label1) and + parent.hasChild(child, index2, label2) } -query predicate doubleParents(PrintAstNode parent1, PrintAstNode parent2, PrintAstNode child) { +query predicate doubleParents( + PrintAstNode parent1, string label1, PrintAstNode parent2, string label2, PrintAstNode child +) { parent1 != parent2 and - parent1.hasChild(child, _, _) and - parent2.hasChild(child, _, _) + parent1.hasChild(child, _, label1) and + parent2.hasChild(child, _, label2) } private predicate isChildOf(PrintAstNode parent, PrintAstNode child) { From 63fb0581c2cfdb1fb51610b6f3c58316f6a7c5e9 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 24 May 2023 20:09:46 +0200 Subject: [PATCH 087/210] Swift: accept inconsistencies for now --- .../CONSISTENCY/CfgConsistency.expected | 6 ++ .../CONSISTENCY/CfgConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 2 + .../CONSISTENCY/CfgConsistency.expected | 14 ++++ .../CONSISTENCY/PrintAstConsistency.expected | 13 ++++ .../CONSISTENCY/CfgConsistency.expected | 6 ++ .../CONSISTENCY/PrintAstConsistency.expected | 21 ++++++ .../CONSISTENCY/PrintAstConsistency.expected | 13 ++++ .../CONSISTENCY/PrintAstConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 14 ++++ .../CONSISTENCY/PrintAstConsistency.expected | 3 + .../CONSISTENCY/PrintAstConsistency.expected | 7 ++ .../CONSISTENCY/PrintAstConsistency.expected | 3 + .../CONSISTENCY/CfgConsistency.expected | 2 + .../CONSISTENCY/CfgConsistency.expected | 2 + .../ast/CONSISTENCY/CfgConsistency.expected | 24 +++++++ .../graph/CONSISTENCY/CfgConsistency.expected | 16 +++++ .../CONSISTENCY/CfgConsistency.expected | 7 ++ .../CONSISTENCY/PrintAstConsistency.expected | 3 + .../CONSISTENCY/PrintAstConsistency.expected | 13 ++++ .../core/CONSISTENCY/CfgConsistency.expected | 15 +++++ .../CONSISTENCY/CfgConsistency.expected | 20 ++++++ .../CONSISTENCY/CfgConsistency.expected | 3 + .../CONSISTENCY/CfgConsistency.expected | 17 +++++ .../CONSISTENCY/CfgConsistency.expected | 9 +++ .../CONSISTENCY/CfgConsistency.expected | 15 +++++ .../CONSISTENCY/CfgConsistency.expected | 11 ++++ .../CONSISTENCY/CfgConsistency.expected | 3 + .../CONSISTENCY/CfgConsistency.expected | 41 ++++++++++++ .../CONSISTENCY/CfgConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 2 + .../CONSISTENCY/PrintAstConsistency.expected | 3 + .../CONSISTENCY/CfgConsistency.expected | 65 +++++++++++++++++++ .../CONSISTENCY/CfgConsistency.expected | 13 ++++ .../CONSISTENCY/CfgConsistency.expected | 9 +++ .../CONSISTENCY/CfgConsistency.expected | 2 + .../CONSISTENCY/CfgConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 5 ++ .../CONSISTENCY/CfgConsistency.expected | 5 ++ 40 files changed, 432 insertions(+) create mode 100644 swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected diff --git a/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..9d02611e7a7 --- /dev/null +++ b/swift/ql/test/extractor-tests/declarations/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,6 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..770537cf684 --- /dev/null +++ b/swift/ql/test/extractor-tests/errors/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| unspecified.swift:12:20:12:21 | (...) | +| unspecified.swift:25:9:28:9 | switch ErrorExpr { ... } | diff --git a/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/extractor-tests/expressions/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..5d70f700af3 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,14 @@ +multipleSuccessors +| var_decls.swift:54:4:54:15 | call to X.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | +| var_decls.swift:54:4:54:15 | call to X.init(wrappedValue:) | successor | var_decls.swift:54:6:54:15 | var ... = ... | +| var_decls.swift:55:4:55:29 | call to WrapperWithInit.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | +| var_decls.swift:55:4:55:29 | call to WrapperWithInit.init(wrappedValue:) | successor | var_decls.swift:55:20:55:29 | var ... = ... | +| var_decls.swift:56:4:56:34 | call to WrapperWithProjected.init(wrappedValue:projectedValue:) | successor | file://:0:0:0:0 | var ... = ... | +| var_decls.swift:56:4:56:34 | call to WrapperWithProjected.init(wrappedValue:projectedValue:) | successor | var_decls.swift:56:25:56:34 | var ... = ... | +| var_decls.swift:57:4:57:41 | call to WrapperWithProjectedAndInit.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | +| var_decls.swift:57:4:57:41 | call to WrapperWithProjectedAndInit.init(wrappedValue:) | successor | var_decls.swift:57:32:57:41 | var ... = ... | +deadEnd +| file://:0:0:0:0 | var ... = ... | +| file://:0:0:0:0 | var ... = ... | +| file://:0:0:0:0 | var ... = ... | +| file://:0:0:0:0 | var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..bd58f4414d2 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,13 @@ +doubleParents +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:6:54:15 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:4:54:15 | [CallExpr] call to X.init(wrappedValue:) | +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:20:55:29 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:4:55:29 | [CallExpr] call to WrapperWithInit.init(wrappedValue:) | +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:25:56:34 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:4:56:34 | [CallExpr] call to WrapperWithProjected.init(wrappedValue:projectedValue:) | +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:32:57:41 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:4:57:41 | [CallExpr] call to WrapperWithProjectedAndInit.init(wrappedValue:) | +| var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(2) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(3) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVar() | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] _wrapped | +| var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVar() | var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(3) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] _wrapped | +| var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVarBinding() | var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(2) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| var_decls.swift:54:6:54:15 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:4:54:15 | [CallExpr] call to X.init(wrappedValue:) | +| var_decls.swift:55:20:55:29 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:4:55:29 | [CallExpr] call to WrapperWithInit.init(wrappedValue:) | +| var_decls.swift:56:25:56:34 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:4:56:34 | [CallExpr] call to WrapperWithProjected.init(wrappedValue:projectedValue:) | +| var_decls.swift:57:32:57:41 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:4:57:41 | [CallExpr] call to WrapperWithProjectedAndInit.init(wrappedValue:) | diff --git a/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..9d02611e7a7 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/decl/EnumDecl/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,6 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..3d3703c8ca4 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,21 @@ +doubleParents +| param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] _p1 | +| param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVarBinding() | param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] _p1 | +| param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVarBinding() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] _p2 | +| param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVarBinding() | param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] _p2 | +| param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVarBinding() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperBackingVar() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p3 | +| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] $p3 | +| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperBackingVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p3 | +| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] $p3 | +| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperBackingVar() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p4 | +| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] $p4 | +| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperBackingVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p4 | +| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] $p4 | +| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..6c2028995fe --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,13 @@ +doubleParents +| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _x | +| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] $x | +| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _x | +| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] $x | +| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _y | +| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] $y | +| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _y | +| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] $y | +| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..768d459dd00 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,5 @@ +doubleParents +| dynamic_lookup.swift:15:1:15:3 | [DynamicMemberRefExpr] .foo(_:) | getBase() | dynamic_lookup.swift:15:1:15:3 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:15:1:15:1 | [OpaqueValueExpr] OpaqueValueExpr | +| dynamic_lookup.swift:15:1:15:3 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:15:1:15:3 | [DynamicMemberRefExpr] .foo(_:) | getBase() | dynamic_lookup.swift:15:1:15:1 | [OpaqueValueExpr] OpaqueValueExpr | +| dynamic_lookup.swift:16:5:16:9 | [DynamicSubscriptExpr] subscript ...[...] | getBase() | dynamic_lookup.swift:16:5:16:9 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:16:5:16:5 | [OpaqueValueExpr] OpaqueValueExpr | +| dynamic_lookup.swift:16:5:16:9 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:16:5:16:9 | [DynamicSubscriptExpr] subscript ...[...] | getBase() | dynamic_lookup.swift:16:5:16:5 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..08c7e13fdcc --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,14 @@ +multipleSuccessors +| method_lookups.swift:42:9:42:19 | call to baz(_:) | successor | method_lookups.swift:42:3:42:19 | await ... | +| method_lookups.swift:42:9:42:19 | call to baz(_:) | successor | method_lookups.swift:44:7:44:7 | f | +| method_lookups.swift:48:9:48:19 | call to foo(_:_:) | successor | method_lookups.swift:48:3:48:19 | await ... | +| method_lookups.swift:48:9:48:19 | call to foo(_:_:) | successor | method_lookups.swift:49:9:49:11 | .bar() | +| method_lookups.swift:49:9:49:15 | call to bar() | successor | method_lookups.swift:49:3:49:15 | await ... | +| method_lookups.swift:49:9:49:15 | call to bar() | successor | method_lookups.swift:50:9:50:13 | .baz(_:) | +| method_lookups.swift:50:9:50:19 | call to baz(_:) | successor | method_lookups.swift:50:3:50:19 | await ... | +| method_lookups.swift:50:9:50:19 | call to baz(_:) | successor | method_lookups.swift:52:7:52:7 | f | +deadEnd +| method_lookups.swift:42:3:42:19 | await ... | +| method_lookups.swift:48:3:48:19 | await ... | +| method_lookups.swift:49:3:49:15 | await ... | +| method_lookups.swift:50:3:50:19 | await ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..73431518cde --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/MethodLookupExpr/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,3 @@ +doubleIndexes +| method_lookups.swift:44:13:44:13 | [AutoClosureExpr] { ... } | 2 | getParam(0) | 4 | getParam(1) | file://:0:0:0:0 | [ParamDecl] argument | +| method_lookups.swift:44:13:44:13 | [AutoClosureExpr] { ... } | 4 | getParam(1) | 2 | getParam(0) | file://:0:0:0:0 | [ParamDecl] argument | diff --git a/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..a57070efd5a --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,7 @@ +doubleParents +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:12:12:26 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:4:12:26 | [CallExpr] call to Wrapper.init(wrappedValue:) | +| property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(2) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | +| property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(3) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] _x | +| property_wrapper_value_placeholder.swift:12:12:12:26 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:4:12:26 | [CallExpr] call to Wrapper.init(wrappedValue:) | +| property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(3) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] _x | +| property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVarBinding() | property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(2) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..3eda02b23e1 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,3 @@ +doubleParents +| opened_archetypes.swift:24:10:24:16 | [MemberRefExpr] .isFooMember | getBase() | opened_archetypes.swift:24:10:24:16 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | opened_archetypes.swift:24:10:24:10 | [OpaqueValueExpr] OpaqueValueExpr | +| opened_archetypes.swift:24:10:24:16 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | opened_archetypes.swift:24:10:24:16 | [MemberRefExpr] .isFooMember | getBase() | opened_archetypes.swift:24:10:24:10 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..1ad4ad0b970 --- /dev/null +++ b/swift/ql/test/extractor-tests/patterns/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| patterns.swift:16:10:16:14 | =~ ... | diff --git a/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/extractor-tests/statements/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..4c13966e124 --- /dev/null +++ b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,24 @@ +multipleSuccessors +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:35:5:37:3 | case ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | +deadEnd +| cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| patterns.swift:16:10:16:14 | =~ ... | diff --git a/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..b9b2913e4d2 --- /dev/null +++ b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,16 @@ +multipleSuccessors +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:33:28:33:28 | ... is ... | no-match | cfg.swift:35:5:37:3 | case ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | +| cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | +deadEnd +| cfg.swift:33:49:33:60 | call to isZero(x:) | +| cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..5208a9053d5 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,7 @@ +multipleSuccessors +| test.swift:252:6:252:27 | call to DidSetSource.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | +| test.swift:252:6:252:27 | call to DidSetSource.init(wrappedValue:) | successor | test.swift:252:19:252:27 | var ... = ... | +| test.swift:488:8:488:12 | let ...? | no-match | test.swift:488:27:488:27 | y | +| test.swift:488:8:488:12 | let ...? | no-match | test.swift:493:9:493:9 | tuple1 | +deadEnd +| file://:0:0:0:0 | var ... = ... | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..cc3ea4d16c3 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,3 @@ +doubleParents +| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:19:252:27 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:6:252:27 | [CallExpr] call to DidSetSource.init(wrappedValue:) | +| test.swift:252:19:252:27 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:6:252:27 | [CallExpr] call to DidSetSource.init(wrappedValue:) | diff --git a/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..6f3e5d56f99 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,13 @@ +doubleParents +| generics.swift:93:9:93:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:93:9:93:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:93:9:93:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:93:9:93:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:93:9:93:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:93:9:93:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:94:9:94:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:94:9:94:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:94:9:94:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:94:9:94:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:94:9:94:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:94:9:94:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:95:9:95:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:95:9:95:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:95:9:95:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:95:9:95:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:95:9:95:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:95:9:95:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:125:9:125:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:125:9:125:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:125:9:125:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:125:9:125:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:125:9:125:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:125:9:125:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:126:9:126:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:126:9:126:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:126:9:126:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:126:9:126:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:126:9:126:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:126:9:126:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:127:9:127:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:127:9:127:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:127:9:127:9 | [OpaqueValueExpr] OpaqueValueExpr | +| generics.swift:127:9:127:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:127:9:127:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:127:9:127:9 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..92afde47424 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,15 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:13:23:13:23 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:13:24:13:24 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:22:12:22:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:22:13:22:13 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:23:12:23:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:23:13:23:13 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:24:12:24:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:24:13:24:13 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:30:12:30:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:30:13:30:13 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:31:12:31:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:31:13:31:13 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:32:12:32:12 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:32:13:32:13 | .appendLiteral(_:) | diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..4fc723b3001 --- /dev/null +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,20 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | string.swift:139:13:139:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:139:14:139:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:141:13:141:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:141:14:141:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:143:13:143:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:143:14:143:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:147:13:147:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:147:14:147:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:149:13:149:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:149:14:149:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:151:13:151:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:151:14:151:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | string.swift:154:13:154:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | string.swift:154:14:154:14 | .appendLiteral(_:) | +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..280e2eeab41 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/function/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,3 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..25ce837828c --- /dev/null +++ b/swift/ql/test/library-tests/elements/expr/methodlookup/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,17 @@ +multipleSuccessors +| methodlookup.swift:37:11:37:30 | call to instanceMethod() | successor | methodlookup.swift:37:5:37:30 | await ... | +| methodlookup.swift:37:11:37:30 | call to instanceMethod() | successor | methodlookup.swift:40:5:40:9 | .staticMethod() | +| methodlookup.swift:47:11:47:30 | call to instanceMethod() | successor | methodlookup.swift:47:5:47:30 | await ... | +| methodlookup.swift:47:11:47:30 | call to instanceMethod() | successor | methodlookup.swift:48:11:48:11 | Baz.Type | +| methodlookup.swift:48:11:48:35 | call to { ... } | successor | methodlookup.swift:48:5:48:35 | await ... | +| methodlookup.swift:48:11:48:35 | call to { ... } | successor | methodlookup.swift:50:11:50:15 | .classMethod() | +| methodlookup.swift:50:11:50:27 | call to classMethod() | successor | methodlookup.swift:50:5:50:27 | await ... | +| methodlookup.swift:50:11:50:27 | call to classMethod() | successor | methodlookup.swift:51:11:51:15 | .staticMethod() | +| methodlookup.swift:51:11:51:28 | call to staticMethod() | successor | methodlookup.swift:43:6:52:1 | exit { ... } (normal) | +| methodlookup.swift:51:11:51:28 | call to staticMethod() | successor | methodlookup.swift:51:5:51:28 | await ... | +deadEnd +| methodlookup.swift:37:5:37:30 | await ... | +| methodlookup.swift:47:5:47:30 | await ... | +| methodlookup.swift:48:5:48:35 | await ... | +| methodlookup.swift:50:5:50:27 | await ... | +| methodlookup.swift:51:5:51:28 | await ... | diff --git a/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..7d441114cb6 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,9 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:126:25:126:25 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:126:26:126:26 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:127:25:127:25 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:127:26:127:26 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:173:25:173:25 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:173:26:173:26 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:174:25:174:25 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:174:26:174:26 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..5d83b4a49ef --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,15 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:67:21:67:21 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:67:22:67:22 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:68:19:68:19 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:68:20:68:20 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:69:19:69:19 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:69:20:69:20 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:127:21:127:21 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:127:22:127:22 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:128:19:128:19 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:128:20:128:20 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:129:19:129:19 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:129:20:129:20 | .appendLiteral(_:) | +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..90f66c1830d --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-1204/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,11 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..dfc53ae7a9a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,3 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | UncontrolledFormatString.swift:94:22:94:22 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | UncontrolledFormatString.swift:94:23:94:23 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..8898c8876df --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,41 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation2.swift:38:11:38:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation2.swift:38:12:38:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:46:11:46:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:46:12:46:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:47:11:47:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:47:12:47:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:48:11:48:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:48:12:48:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:57:11:57:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:57:12:57:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:61:11:61:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:61:12:61:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:67:11:67:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:67:12:67:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:75:11:75:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:75:12:75:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:82:11:82:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:82:12:82:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:91:11:91:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:91:12:91:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:97:11:97:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:97:12:97:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:101:11:101:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:101:12:101:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:105:11:105:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:105:12:105:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:109:11:109:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:109:12:109:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:115:11:115:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:115:12:115:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:121:11:121:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:121:12:121:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:127:11:127:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:127:12:127:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:133:11:133:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:133:12:133:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:139:11:139:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:139:12:139:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:145:11:145:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:145:12:145:12 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-259/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected new file mode 100644 index 00000000000..e1a86b483ac --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected @@ -0,0 +1,3 @@ +doubleParents +| file://:0:0:0:0 | [MethodLookupExpr] .container(keyedBy:) | getBase() | file://:0:0:0:0 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | file://:0:0:0:0 | [OpaqueValueExpr] OpaqueValueExpr | +| file://:0:0:0:0 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | file://:0:0:0:0 | [MethodLookupExpr] .container(keyedBy:) | getBase() | file://:0:0:0:0 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..67a549aa5bb --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,65 @@ +multipleSuccessors +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:98:11:98:11 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:98:12:98:12 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:107:13:107:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:107:14:107:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:108:13:108:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:108:14:108:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:109:13:109:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:109:14:109:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:110:13:110:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:110:14:110:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:111:13:111:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:111:14:111:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:112:13:112:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:112:14:112:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:113:13:113:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:113:14:113:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:114:13:114:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:114:14:114:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:115:13:115:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:115:14:115:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:116:13:116:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:116:14:116:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:117:13:117:13 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:117:14:117:14 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:118:30:118:30 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:118:31:118:31 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:119:15:119:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:119:16:119:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:120:15:120:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:120:16:120:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:121:15:121:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:121:16:121:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:122:15:122:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:122:16:122:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:123:14:123:14 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:123:15:123:15 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:124:14:124:14 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:124:15:124:15 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:125:16:125:16 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:125:17:125:17 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:126:16:126:16 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:126:17:126:17 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:127:17:127:17 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:127:18:127:18 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:128:17:128:17 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:128:18:128:18 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:129:15:129:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:129:16:129:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:130:15:130:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:130:16:130:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:131:18:131:18 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:131:19:131:19 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:132:18:132:18 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:132:19:132:19 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:133:15:133:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:133:16:133:16 | .appendLiteral(_:) | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:134:15:134:15 | OpaqueValueExpr | +| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:134:16:134:16 | .appendLiteral(_:) | +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..65cf24d02a7 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-321/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,13 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..fc0518030f4 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-327/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,9 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..069a6ecbc6a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-328/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,2 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..107533d785d --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-611/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | StmtCondition | +| file://:0:0:0:0 | StmtCondition | +| file://:0:0:0:0 | hasher | +| file://:0:0:0:0 | hasher | diff --git a/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-757/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-760/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..853828d4f77 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-916/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,5 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | From 90824d01b4eca23b157c6e2ab6790dcf82c5081c Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 24 May 2023 14:39:05 -0700 Subject: [PATCH 088/210] C++: Add change note. --- cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md diff --git a/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md new file mode 100644 index 00000000000..32195223fcd --- /dev/null +++ b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `cpp/overrun-write`, to detect buffer overflows in C-style functions that manipulate buffers. From 64d7b4923da98d086318c0e77ce048803d1d202f Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 24 May 2023 15:16:34 -0700 Subject: [PATCH 089/210] C++: Prune flow states based on 'PointerArithmeticToDerefConfig'. --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index fb664a0c364..684b93c231b 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -78,7 +78,7 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } -predicate pointerArithOverflow( +predicate pointerArithOverflow0( PointerArithmeticInstruction pai, Field f, int size, int bound, int delta ) { pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and @@ -89,7 +89,7 @@ predicate pointerArithOverflow( module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - pointerArithOverflow(source.asInstruction(), _, _, _, _) + pointerArithOverflow0(source.asInstruction(), _, _, _, _) } predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } @@ -97,6 +97,13 @@ module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { module PointerArithmeticToDerefFlow = DataFlow::Global; +predicate pointerArithOverflow( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + pointerArithOverflow0(pai, f, size, bound, delta) and + PointerArithmeticToDerefFlow::flow(DataFlow::instructionNode(pai), _) +} + module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { newtype FlowState = additional TArray(Field f) { pointerArithOverflow(_, f, _, _, _) } or From 298013a57e806ba42fa16ed8f52865f49f9a3009 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 24 May 2023 15:50:00 -0700 Subject: [PATCH 090/210] C++: Add in-barrier on sources to reduce duplication. --- .../CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 684b93c231b..82bdb8c5d42 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -84,7 +84,10 @@ predicate pointerArithOverflow0( pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and f.getUnspecifiedType().(ArrayType).getArraySize() = size and semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and - delta = bound - size + delta = bound - size and + delta >= 0 and + size != 0 and + size != 1 } module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { @@ -92,6 +95,8 @@ module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { pointerArithOverflow0(source.asInstruction(), _, _, _, _) } + predicate isBarrierIn(DataFlow::Node node) { isSource(node) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } @@ -127,18 +132,17 @@ module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { predicate isBarrier(DataFlow::Node node, FlowState state) { none() } + predicate isBarrierIn(DataFlow::Node node) { isSource(node, _) } + predicate isAdditionalFlowStep( DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 ) { - exists(PointerArithmeticInstruction pai, Field f, int size, int delta | + exists(PointerArithmeticInstruction pai, Field f | state1 = TArray(f) and state2 = TOverflowArithmetic(pai) and pai.getLeft() = node1.asInstruction() and node2.asInstruction() = pai and - pointerArithOverflow(pai, f, size, _, delta) and - delta >= 0 and - size != 0 and - size != 1 + pointerArithOverflow(pai, f, _, _, _) ) } } From ec192d621c12577ae1b224f1a235e78b891d75a7 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 24 May 2023 16:13:42 -0700 Subject: [PATCH 091/210] C++: Whitespace commit to make qhelp show up in diff. --- .../CWE/CWE-119/OverrunWriteProductFlow.qhelp | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp index 302340a3c2c..4da7e2a3c94 100644 --- a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp @@ -1,29 +1,29 @@ - - - -

    You must ensure that you do not exceed the size of an allocation during write and read operations. -If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. -Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. -

    + + + +

    You must ensure that you do not exceed the size of an allocation during write and read operations. + If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. + Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. +

    -     - -

    -Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. -

    +     + +

    + Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. +

    -     - +     + - - + + -
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • -
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • +
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • +
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • -     - +     + From d772bb213acf7e7575f73f2a386e5e637d6ac1bd Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Thu, 25 May 2023 03:10:00 +0100 Subject: [PATCH 092/210] Added three more Unicode Normalization sinks --- .../UnicodeBypassValidationQuery.qll | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index a642438c1b2..d2e3a3738e0 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -81,10 +81,30 @@ class Configuration extends TaintTracking::Configuration { /* A Unicode Tranformation (Unicode tranformation) is considered a sink when the algorithm used is either NFC or NFKC. */ override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { - exists(DataFlow::CallNode cn | - cn.getMethodName() = "unicode_normalize" and - cn.getArgument(0).getConstantValue().getSymbol() = ["nfkc", "nfc", "nfkd", "nfd"] and - sink = cn.getReceiver() + ( + exists(DataFlow::CallNode cn | + cn.getMethodName() = "unicode_normalize" and + cn.getArgument(0).getConstantValue().getSymbol() = ["nfkc", "nfc", "nfkd", "nfd"] and + sink = cn.getReceiver() + ) + or + // unicode_utils + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("UnicodeUtils").getMethod(["nfkd", "nfc", "nfd", "nfkc"]) and + sink = mac.getParameter(0).asSink() + ) + or + // eprun + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("Eprun").getMethod("normalize") and + sink = mac.getParameter(0).asSink() + ) + or + // unf + exists(API::MethodAccessNode mac | + mac = API::getTopLevelMember("UNF").getMember("Normalizer").getMethod("normalize") and + sink = mac.getParameter(0).asSink() + ) ) and state instanceof PostValidation } From 8d656a996bba8959ebce23ce4e8a12951350a422 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 09:56:39 +0200 Subject: [PATCH 093/210] Swift: add QLdoc to AST consistency checks --- .../lib/codeql/swift/printast/Consistency.qll | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/swift/ql/lib/codeql/swift/printast/Consistency.qll b/swift/ql/lib/codeql/swift/printast/Consistency.qll index c2ba698f5ae..8aaf160ad24 100644 --- a/swift/ql/lib/codeql/swift/printast/Consistency.qll +++ b/swift/ql/lib/codeql/swift/printast/Consistency.qll @@ -1,5 +1,17 @@ +/** Provides a set of checks that the AST is actually a tree. */ + private import codeql.swift.printast.PrintAstNode +/** Checks that no child has more than one parent. */ +query predicate doubleParents( + PrintAstNode parent1, string label1, PrintAstNode parent2, string label2, PrintAstNode child +) { + parent1 != parent2 and + parent1.hasChild(child, _, label1) and + parent2.hasChild(child, _, label2) +} + +/** Checks that no two children share the same index. */ query predicate doubleChildren( PrintAstNode parent, int index, string label1, PrintAstNode child1, string label2, PrintAstNode child2 @@ -9,6 +21,7 @@ query predicate doubleChildren( parent.hasChild(child2, index, label2) } +/** Checks that no child is under different indexes. */ query predicate doubleIndexes( PrintAstNode parent, int index1, string label1, int index2, string label2, PrintAstNode child ) { @@ -17,18 +30,11 @@ query predicate doubleIndexes( parent.hasChild(child, index2, label2) } -query predicate doubleParents( - PrintAstNode parent1, string label1, PrintAstNode parent2, string label2, PrintAstNode child -) { - parent1 != parent2 and - parent1.hasChild(child, _, label1) and - parent2.hasChild(child, _, label2) -} - private predicate isChildOf(PrintAstNode parent, PrintAstNode child) { parent.hasChild(child, _, _) } +/** Checks that there is no back edge. */ query predicate parentChildLoops(PrintAstNode parent, PrintAstNode child) { isChildOf(parent, child) and isChildOf*(child, parent) } From 7d68f6afc93f6326f444409b9bd4d8774a51df72 Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Thu, 25 May 2023 09:21:55 +0100 Subject: [PATCH 094/210] added ActiveSupport::Multibyte::Chars normalize() sink --- .../experimental/UnicodeBypassValidationQuery.qll | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index d2e3a3738e0..a28fb2ac5d6 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -105,6 +105,18 @@ class Configuration extends TaintTracking::Configuration { mac = API::getTopLevelMember("UNF").getMember("Normalizer").getMethod("normalize") and sink = mac.getParameter(0).asSink() ) + or + // ActiveSupport::Multibyte::Chars + exists(DataFlow::CallNode cn, DataFlow::CallNode n | + cn = + API::getTopLevelMember("ActiveSupport") + .getMember("Multibyte") + .getMember("Chars") + .getMethod("new") + .getCallNode() and + n = cn.(DataFlow::CallNode).getAMethodCall("normalize") and + sink = cn.getArgument(0) + ) ) and state instanceof PostValidation } From 09c97ce0dab695e017a3b8f63fe6cdf8f4e2c25f Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Thu, 25 May 2023 09:41:22 +0100 Subject: [PATCH 095/210] Added one more example to the qhelp --- .../cwe-176/UnicodeBypassValidation.qhelp | 12 ++++++++++++ .../cwe-176/examples/unicode_normalization2.rb | 2 ++ 2 files changed, 14 insertions(+) create mode 100644 ruby/ql/src/experimental/cwe-176/examples/unicode_normalization2.rb diff --git a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp index 90751fd81c6..6757cd68b4a 100644 --- a/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp +++ b/ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp @@ -23,6 +23,18 @@ + + + +

    The next example shows how an early deletion of a character may be bypassed due to a + potential Unicode character collision.

    +

    The character < was expected to be omitted from the string s. + However, a malicious user may consider using its colliding Unicode character U+FE64 + ﹤ as an alternative. Due to the Late-Unicode normalization with the form NFKC, + the resulting string would contain the unintended character < .

    + + +
  • Research study: Date: Thu, 25 May 2023 10:56:25 +0200 Subject: [PATCH 096/210] Swift: add change notes to consistency queries --- .../change-notes/2023-05-25-consistency-queries-pack.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md diff --git a/swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md b/swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md new file mode 100644 index 00000000000..a3f2e4bbe81 --- /dev/null +++ b/swift/ql/consistency-queries/change-notes/2023-05-25-consistency-queries-pack.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added two consistency queries for checking control flow and AST printing internals. From 7878bc3cc19e9efc1f07859ca4681651241c3950 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 11:27:38 +0200 Subject: [PATCH 097/210] Swift: remove property wrapper AST inconsistencies --- .../codeql/swift/printast/PrintAstNode.qll | 62 ++++++++++++++++--- .../CONSISTENCY/PrintAstConsistency.expected | 13 ---- .../CONSISTENCY/PrintAstConsistency.expected | 21 ------- .../CONSISTENCY/PrintAstConsistency.expected | 13 ---- .../CONSISTENCY/PrintAstConsistency.expected | 7 --- .../CONSISTENCY/PrintAstConsistency.expected | 3 - 6 files changed, 55 insertions(+), 64 deletions(-) delete mode 100644 swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected diff --git a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll index 57e68648636..5b2a1d22d4d 100644 --- a/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll +++ b/swift/ql/lib/codeql/swift/printast/PrintAstNode.qll @@ -28,7 +28,7 @@ private predicate shouldPrint(Locatable e) { any(PrintAstConfiguration config).s /** * An AST node that should be printed. */ -private newtype TPrintAstNode = TLocatable(Locatable ast) +private newtype TPrintAstNode = TPrintLocatable(Locatable ast) /** * A node in the output tree. @@ -60,6 +60,11 @@ class PrintAstNode extends TPrintAstNode { * the property is `key`. */ string getProperty(string key) { none() } + + /** + * Gets the underlying AST node, if any. + */ + abstract Locatable getAstNode(); } private string prettyPrint(Locatable e) { @@ -73,10 +78,10 @@ private class Unresolved extends Locatable { /** * A graph node representing a real Locatable node. */ -class PrintLocatable extends PrintAstNode, TLocatable { +class PrintLocatable extends PrintAstNode, TPrintLocatable { Locatable ast; - PrintLocatable() { this = TLocatable(ast) } + PrintLocatable() { this = TPrintLocatable(ast) } override string toString() { result = prettyPrint(ast) } @@ -87,9 +92,9 @@ class PrintLocatable extends PrintAstNode, TLocatable { c = getChildAndAccessor(ast, i, accessor) and ( // use even indexes for normal children, leaving odd slots for conversions if any - child = TLocatable(c) and index = 2 * i and label = accessor + child = TPrintLocatable(c) and index = 2 * i and label = accessor or - child = TLocatable(c.getFullyUnresolved().(Unresolved)) and + child = TPrintLocatable(c.getFullyUnresolved().(Unresolved)) and index = 2 * i + 1 and ( if c instanceof Expr @@ -100,6 +105,8 @@ class PrintLocatable extends PrintAstNode, TLocatable { ) } + final override Locatable getAstNode() { result = ast } + final override Location getLocation() { result = ast.getLocation() } } @@ -112,17 +119,38 @@ class PrintUnresolved extends PrintLocatable { override predicate hasChild(PrintAstNode child, int index, string label) { // only print immediate unresolved children from the "parallel" AST - child = TLocatable(getImmediateChildAndAccessor(ast, index, label).(Unresolved)) + child = TPrintLocatable(getImmediateChildAndAccessor(ast, index, label).(Unresolved)) } } +private predicate hasPropertyWrapperElement(VarDecl d, Locatable a) { + a = [d.getPropertyWrapperBackingVar(), d.getPropertyWrapperProjectionVar()] or + a = [d.getPropertyWrapperBackingVarBinding(), d.getPropertyWrapperProjectionVarBinding()] +} + /** - * A specialization of graph node for `VarDecl`, to add typing information. + * A specialization of graph node for `VarDecl`, to add typing information and deal with ambiguity + * over property wrapper children. */ class PrintVarDecl extends PrintLocatable { override VarDecl ast; override string getProperty(string key) { key = "Type" and result = ast.getType().toString() } + + override predicate hasChild(PrintAstNode child, int index, string label) { + PrintLocatable.super.hasChild(child, index, label) and + // exclude property wrapper related children when they are already listed in the enclosing + // nominal type declaration or for a wrapped parameter for which this is a virtual local variable copy + not exists(Locatable childAst | + childAst = child.getAstNode() and + hasPropertyWrapperElement(ast, childAst) and + ( + childAst = ast.getDeclaringDecl().getAMember() + or + ast instanceof ConcreteVarDecl and hasPropertyWrapperElement(any(ParamDecl p), childAst) + ) + ) + } } /** @@ -135,3 +163,23 @@ class PrintFunction extends PrintLocatable { key = "InterfaceType" and result = ast.getInterfaceType().toString() } } + +/** + * A specialization of graph node for `PatternBindingDecl`, to solve ambiguity on `getInit`. + * When a property wrapper is involved, `getInit` may become shared between the explicit binding and + * the implicit compiler synthesized one. + */ +class PrintPatternBindingDecl extends PrintLocatable { + override PatternBindingDecl ast; + + override predicate hasChild(PrintAstNode child, int index, string label) { + PrintLocatable.super.hasChild(child, index, label) and + // exclude `getInit` that are already the initializer of a variable that has this as a property wrapper backer + not exists(Expr init, VarDecl var | + init = child.getAstNode() and + init = ast.getAnInit() and + var.getPropertyWrapperBackingVarBinding() = ast and + var.getParentInitializer() = init + ) + } +} diff --git a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index bd58f4414d2..00000000000 --- a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,13 +0,0 @@ -doubleParents -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:6:54:15 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:4:54:15 | [CallExpr] call to X.init(wrappedValue:) | -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:20:55:29 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:4:55:29 | [CallExpr] call to WrapperWithInit.init(wrappedValue:) | -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:25:56:34 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:4:56:34 | [CallExpr] call to WrapperWithProjected.init(wrappedValue:projectedValue:) | -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:32:57:41 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:4:57:41 | [CallExpr] call to WrapperWithProjectedAndInit.init(wrappedValue:) | -| var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(2) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(3) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVar() | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] _wrapped | -| var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVar() | var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(3) | var_decls.swift:24:15:24:15 | [ConcreteVarDecl] _wrapped | -| var_decls.swift:24:15:24:15 | [ConcreteVarDecl] wrapped | getPropertyWrapperBackingVarBinding() | var_decls.swift:23:1:25:1 | [StructDecl] Wrapped | getMember(2) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| var_decls.swift:54:6:54:15 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:54:4:54:15 | [CallExpr] call to X.init(wrappedValue:) | -| var_decls.swift:55:20:55:29 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:55:4:55:29 | [CallExpr] call to WrapperWithInit.init(wrappedValue:) | -| var_decls.swift:56:25:56:34 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:56:4:56:34 | [CallExpr] call to WrapperWithProjected.init(wrappedValue:projectedValue:) | -| var_decls.swift:57:32:57:41 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | var_decls.swift:57:4:57:41 | [CallExpr] call to WrapperWithProjectedAndInit.init(wrappedValue:) | diff --git a/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index 3d3703c8ca4..00000000000 --- a/swift/ql/test/extractor-tests/generated/decl/ParamDecl/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,21 +0,0 @@ -doubleParents -| param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] _p1 | -| param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVarBinding() | param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVar() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] _p1 | -| param_decls.swift:48:18:48:22 | [ParamDecl] p1 | getPropertyWrapperBackingVarBinding() | param_decls.swift:48:18:48:18 | [ConcreteVarDecl] p1 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] _p2 | -| param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVarBinding() | param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVar() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] _p2 | -| param_decls.swift:49:26:49:30 | [ParamDecl] p2 | getPropertyWrapperBackingVarBinding() | param_decls.swift:49:26:49:26 | [ConcreteVarDecl] p2 | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperBackingVar() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p3 | -| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] $p3 | -| param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperBackingVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p3 | -| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVar() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] $p3 | -| param_decls.swift:50:31:50:35 | [ParamDecl] p3 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:50:31:50:31 | [ConcreteVarDecl] p3 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperBackingVar() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p4 | -| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] $p4 | -| param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperBackingVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _p4 | -| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVar() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] $p4 | -| param_decls.swift:51:38:51:42 | [ParamDecl] p4 | getPropertyWrapperProjectionVarBinding() | param_decls.swift:51:38:51:38 | [ConcreteVarDecl] p4 | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index 6c2028995fe..00000000000 --- a/swift/ql/test/extractor-tests/generated/expr/AppliedPropertyWrapperExpr/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,13 +0,0 @@ -doubleParents -| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _x | -| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] $x | -| applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _x | -| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] $x | -| applied_property_wrapper.swift:12:19:12:22 | [ParamDecl] x | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:12:19:12:19 | [ConcreteVarDecl] x | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _y | -| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] $y | -| applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperBackingVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperBackingVar() | file://:0:0:0:0 | [ParamDecl] _y | -| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVar() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] $y | -| applied_property_wrapper.swift:17:26:17:29 | [ParamDecl] y | getPropertyWrapperProjectionVarBinding() | applied_property_wrapper.swift:17:26:17:26 | [ConcreteVarDecl] y | getPropertyWrapperProjectionVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index a57070efd5a..00000000000 --- a/swift/ql/test/extractor-tests/generated/expr/PropertyWrapperValuePlaceholderExpr/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,7 +0,0 @@ -doubleParents -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:12:12:26 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:4:12:26 | [CallExpr] call to Wrapper.init(wrappedValue:) | -| property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(2) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVarBinding() | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | -| property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(3) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] _x | -| property_wrapper_value_placeholder.swift:12:12:12:26 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | property_wrapper_value_placeholder.swift:12:4:12:26 | [CallExpr] call to Wrapper.init(wrappedValue:) | -| property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVar() | property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(3) | property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] _x | -| property_wrapper_value_placeholder.swift:12:16:12:16 | [ConcreteVarDecl] x | getPropertyWrapperBackingVarBinding() | property_wrapper_value_placeholder.swift:11:1:13:1 | [StructDecl] S | getMember(2) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index cc3ea4d16c3..00000000000 --- a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,3 +0,0 @@ -doubleParents -| file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:19:252:27 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:6:252:27 | [CallExpr] call to DidSetSource.init(wrappedValue:) | -| test.swift:252:19:252:27 | [PatternBindingDecl] var ... = ... | getInit(0) | file://:0:0:0:0 | [PatternBindingDecl] var ... = ... | getInit(0) | test.swift:252:6:252:27 | [CallExpr] call to DidSetSource.init(wrappedValue:) | From 52dd247a8115519ee355096ecffc21542c3349fa Mon Sep 17 00:00:00 2001 From: Sim4n6 Date: Thu, 25 May 2023 11:55:13 +0100 Subject: [PATCH 098/210] Removed redundant cast --- .../codeql/ruby/experimental/UnicodeBypassValidationQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll index a28fb2ac5d6..5c24978c4c3 100644 --- a/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll @@ -114,7 +114,7 @@ class Configuration extends TaintTracking::Configuration { .getMember("Chars") .getMethod("new") .getCallNode() and - n = cn.(DataFlow::CallNode).getAMethodCall("normalize") and + n = cn.getAMethodCall("normalize") and sink = cn.getArgument(0) ) ) and From b26b0a6e4310cb9266d12a57211e48c65acc5721 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 11:44:40 +0200 Subject: [PATCH 099/210] Swift: remove property wrapper CFG inconsistencies --- .../controlflow/internal/ControlFlowGraphImpl.qll | 9 +++++++++ .../CONSISTENCY/CfgConsistency.expected | 14 -------------- .../dataflow/CONSISTENCY/CfgConsistency.expected | 4 ---- 3 files changed, 9 insertions(+), 18 deletions(-) delete mode 100644 swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll index d3eb3aaa244..6b77ba288c9 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll @@ -969,6 +969,15 @@ module Decls { result.asAstNode() = ast.getPattern(j).getFullyUnresolved() ) or + // synthesized pattern bindings for property wrappers may be sharing the init with the backed + // variable declaration, so we need to skip those + not exists(VarDecl decl | + ast = + [ + decl.getPropertyWrapperBackingVarBinding(), + decl.getPropertyWrapperProjectionVarBinding() + ] + ) and exists(int j | i = 2 * j + 1 and result.asAstNode() = ast.getInit(j).getFullyConverted() diff --git a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected deleted file mode 100644 index 5d70f700af3..00000000000 --- a/swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/CONSISTENCY/CfgConsistency.expected +++ /dev/null @@ -1,14 +0,0 @@ -multipleSuccessors -| var_decls.swift:54:4:54:15 | call to X.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | -| var_decls.swift:54:4:54:15 | call to X.init(wrappedValue:) | successor | var_decls.swift:54:6:54:15 | var ... = ... | -| var_decls.swift:55:4:55:29 | call to WrapperWithInit.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | -| var_decls.swift:55:4:55:29 | call to WrapperWithInit.init(wrappedValue:) | successor | var_decls.swift:55:20:55:29 | var ... = ... | -| var_decls.swift:56:4:56:34 | call to WrapperWithProjected.init(wrappedValue:projectedValue:) | successor | file://:0:0:0:0 | var ... = ... | -| var_decls.swift:56:4:56:34 | call to WrapperWithProjected.init(wrappedValue:projectedValue:) | successor | var_decls.swift:56:25:56:34 | var ... = ... | -| var_decls.swift:57:4:57:41 | call to WrapperWithProjectedAndInit.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | -| var_decls.swift:57:4:57:41 | call to WrapperWithProjectedAndInit.init(wrappedValue:) | successor | var_decls.swift:57:32:57:41 | var ... = ... | -deadEnd -| file://:0:0:0:0 | var ... = ... | -| file://:0:0:0:0 | var ... = ... | -| file://:0:0:0:0 | var ... = ... | -| file://:0:0:0:0 | var ... = ... | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected index 5208a9053d5..500c114c6c9 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/CONSISTENCY/CfgConsistency.expected @@ -1,7 +1,3 @@ multipleSuccessors -| test.swift:252:6:252:27 | call to DidSetSource.init(wrappedValue:) | successor | file://:0:0:0:0 | var ... = ... | -| test.swift:252:6:252:27 | call to DidSetSource.init(wrappedValue:) | successor | test.swift:252:19:252:27 | var ... = ... | | test.swift:488:8:488:12 | let ...? | no-match | test.swift:488:27:488:27 | y | | test.swift:488:8:488:12 | let ...? | no-match | test.swift:493:9:493:9 | tuple1 | -deadEnd -| file://:0:0:0:0 | var ... = ... | From 7b76aa34bd64d32969618c79d5741cec3f111d98 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 12:00:20 +0200 Subject: [PATCH 100/210] Swift: fix CFG inconsistency on `TapExpr` --- .../internal/ControlFlowGraphImpl.qll | 30 ++-------- .../ast/CONSISTENCY/CfgConsistency.expected | 4 -- .../graph/CONSISTENCY/CfgConsistency.expected | 4 -- .../controlflow/graph/Cfg.expected | 4 +- .../core/CONSISTENCY/CfgConsistency.expected | 15 ----- .../dataflow/taint/core/LocalTaint.expected | 21 +++---- .../CONSISTENCY/CfgConsistency.expected | 15 ----- .../CONSISTENCY/CfgConsistency.expected | 9 --- .../CONSISTENCY/CfgConsistency.expected | 13 ---- .../CONSISTENCY/CfgConsistency.expected | 3 - .../CONSISTENCY/CfgConsistency.expected | 41 ------------- .../CONSISTENCY/CfgConsistency.expected | 59 ------------------- 12 files changed, 15 insertions(+), 203 deletions(-) delete mode 100644 swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected delete mode 100644 swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected delete mode 100644 swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected delete mode 100644 swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll index 6b77ba288c9..4ec5d691256 100644 --- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll +++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll @@ -111,31 +111,21 @@ module Stmts { override predicate propagatesAbnormal(ControlFlowElement node) { none() } - private predicate isBodyOfTapExpr() { any(TapExpr tap).getBody() = ast } - - // Note: If the brace statement is the body of a `TapExpr`, the first element is the variable - // declaration (see https://github.com/apple/swift/blob/main/include/swift/AST/Expr.h#L848) - // that's initialized by the `TapExpr`. In `TapExprTree` we've already visited this declaration, - // along with its initializer. So we skip the first element here. - private AstNode getFirstElement() { - if this.isBodyOfTapExpr() then result = ast.getElement(1) else result = ast.getFirstElement() - } - override predicate first(ControlFlowElement first) { this.firstInner(first) or - not exists(this.getFirstElement()) and first.asAstNode() = ast + not exists(ast.getFirstElement()) and first.asAstNode() = ast } override predicate last(ControlFlowElement last, Completion c) { this.lastInner(last, c) or - not exists(this.getFirstElement()) and + not exists(ast.getFirstElement()) and last.asAstNode() = ast and c instanceof SimpleCompletion } - predicate firstInner(ControlFlowElement first) { astFirst(this.getFirstElement(), first) } + predicate firstInner(ControlFlowElement first) { astFirst(ast.getFirstElement(), first) } /** Gets the body of the i'th `defer` statement. */ private BraceStmt getDeferStmtBody(int i) { @@ -1406,20 +1396,12 @@ module Exprs { override TapExpr ast; final override ControlFlowElement getChildElement(int i) { - // We first visit the local variable declaration. + // We first visit the expression that gives the local variable its initial value. i = 0 and - result.asAstNode() = ast.getVar() - or - // Then we visit the expression that gives the local variable its initial value. - i = 1 and result.asAstNode() = ast.getSubExpr().getFullyConverted() or - // And finally, we visit the body that potentially mutates the local variable. - // Note that the CFG for the body will skip the first element in the - // body because it's guaranteed to be the variable declaration - // that we've already visited at i = 0. See the explanation - // in `BraceStmtTree` for why this is necessary. - i = 2 and + // And then we visit the body that potentially mutates the local variable. + i = 1 and result.asAstNode() = ast.getBody() } } diff --git a/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected index 4c13966e124..fdfaa9f18cd 100644 --- a/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/library-tests/ast/CONSISTENCY/CfgConsistency.expected @@ -5,10 +5,6 @@ multipleSuccessors | cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | deadEnd | cfg.swift:33:49:33:60 | call to isZero(x:) | | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | diff --git a/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected index b9b2913e4d2..0c4047134f3 100644 --- a/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected @@ -5,10 +5,6 @@ multipleSuccessors | cfg.swift:144:10:144:10 | =~ ... | no-match | cfg.swift:146:5:147:14 | case ... | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:515:42:515:46 | iOS 12 | | cfg.swift:515:6:515:28 | #available | false | cfg.swift:519:10:519:10 | x | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:11:40:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:40:12:40:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:10:263:10 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cfg.swift:263:11:263:11 | .appendLiteral(_:) | deadEnd | cfg.swift:33:49:33:60 | call to isZero(x:) | | cfg.swift:144:18:144:34 | ... .&&(_:_:) ... | diff --git a/swift/ql/test/library-tests/controlflow/graph/Cfg.expected b/swift/ql/test/library-tests/controlflow/graph/Cfg.expected index b62245dbe2a..de69eda9614 100644 --- a/swift/ql/test/library-tests/controlflow/graph/Cfg.expected +++ b/swift/ql/test/library-tests/controlflow/graph/Cfg.expected @@ -349,6 +349,7 @@ cfg.swift: #-----| match -> print(_:separator:terminator:) # 40| print(_:separator:terminator:) +#-----| -> OpaqueValueExpr # 40| call to print(_:separator:terminator:) #-----| -> 0 @@ -366,7 +367,6 @@ cfg.swift: #-----| -> [...] # 40| OpaqueValueExpr -#-----| -> .appendLiteral(_:) # 40| TapExpr #-----| -> "..." @@ -2777,6 +2777,7 @@ cfg.swift: #-----| -> y # 262| y +#-----| -> OpaqueValueExpr # 263| return ... #-----| return -> exit interpolatedString(x:y:) (normal) @@ -2788,7 +2789,6 @@ cfg.swift: #-----| -> return ... # 263| OpaqueValueExpr -#-----| -> .appendLiteral(_:) # 263| TapExpr #-----| -> "..." diff --git a/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected deleted file mode 100644 index 92afde47424..00000000000 --- a/swift/ql/test/library-tests/dataflow/taint/core/CONSISTENCY/CfgConsistency.expected +++ /dev/null @@ -1,15 +0,0 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:13:23:13:23 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:13:24:13:24 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:22:12:22:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:22:13:22:13 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:23:12:23:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:23:13:23:13 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:24:12:24:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:24:13:24:13 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:30:12:30:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:30:13:30:13 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:31:12:31:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:31:13:31:13 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:32:12:32:12 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | stringinterpolation.swift:32:13:32:13 | .appendLiteral(_:) | diff --git a/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected index 3d58e8a40ad..9986d248b84 100644 --- a/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected +++ b/swift/ql/test/library-tests/dataflow/taint/core/LocalTaint.expected @@ -150,7 +150,7 @@ | stringinterpolation.swift:13:3:13:3 | self | stringinterpolation.swift:13:3:13:3 | &... | | stringinterpolation.swift:13:23:13:23 | "..." | stringinterpolation.swift:13:3:13:3 | [post] &... | | stringinterpolation.swift:13:23:13:23 | "..." | stringinterpolation.swift:13:23:13:23 | [post] "..." | -| stringinterpolation.swift:13:23:13:23 | SSA def($interpolation) | stringinterpolation.swift:13:24:13:24 | SSA phi($interpolation) | +| stringinterpolation.swift:13:23:13:23 | SSA def($interpolation) | stringinterpolation.swift:13:24:13:24 | $interpolation | | stringinterpolation.swift:13:23:13:23 | TapExpr | stringinterpolation.swift:13:23:13:23 | "..." | | stringinterpolation.swift:13:23:13:23 | first is: | stringinterpolation.swift:13:23:13:23 | [post] first is: | | stringinterpolation.swift:13:23:13:23 | first is: | stringinterpolation.swift:13:24:13:24 | [post] &... | @@ -158,7 +158,6 @@ | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:23:13:23 | [post] first is: | | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:24:13:24 | [post] &... | | stringinterpolation.swift:13:24:13:24 | &... | stringinterpolation.swift:13:35:13:35 | $interpolation | -| stringinterpolation.swift:13:24:13:24 | SSA phi($interpolation) | stringinterpolation.swift:13:24:13:24 | $interpolation | | stringinterpolation.swift:13:24:13:24 | [post] &... | stringinterpolation.swift:13:35:13:35 | $interpolation | | stringinterpolation.swift:13:35:13:35 | $interpolation | stringinterpolation.swift:13:35:13:35 | &... | | stringinterpolation.swift:13:35:13:35 | &... | stringinterpolation.swift:13:35:13:35 | [post] &... | @@ -179,7 +178,7 @@ | stringinterpolation.swift:19:2:19:2 | p1 | stringinterpolation.swift:20:2:20:2 | p1 | | stringinterpolation.swift:20:2:20:2 | [post] p1 | stringinterpolation.swift:22:21:22:21 | p1 | | stringinterpolation.swift:20:2:20:2 | p1 | stringinterpolation.swift:22:21:22:21 | p1 | -| stringinterpolation.swift:22:12:22:12 | SSA def($interpolation) | stringinterpolation.swift:22:13:22:13 | SSA phi($interpolation) | +| stringinterpolation.swift:22:12:22:12 | SSA def($interpolation) | stringinterpolation.swift:22:13:22:13 | $interpolation | | stringinterpolation.swift:22:12:22:12 | TapExpr | stringinterpolation.swift:22:12:22:12 | "..." | | stringinterpolation.swift:22:12:22:12 | pair: | stringinterpolation.swift:22:12:22:12 | [post] pair: | | stringinterpolation.swift:22:12:22:12 | pair: | stringinterpolation.swift:22:13:22:13 | [post] &... | @@ -187,7 +186,6 @@ | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:12:22:12 | [post] pair: | | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:13:22:13 | [post] &... | | stringinterpolation.swift:22:13:22:13 | &... | stringinterpolation.swift:22:20:22:20 | $interpolation | -| stringinterpolation.swift:22:13:22:13 | SSA phi($interpolation) | stringinterpolation.swift:22:13:22:13 | $interpolation | | stringinterpolation.swift:22:13:22:13 | [post] &... | stringinterpolation.swift:22:20:22:20 | $interpolation | | stringinterpolation.swift:22:20:22:20 | $interpolation | stringinterpolation.swift:22:20:22:20 | &... | | stringinterpolation.swift:22:20:22:20 | &... | stringinterpolation.swift:22:20:22:20 | [post] &... | @@ -203,7 +201,7 @@ | stringinterpolation.swift:22:30:22:30 | &... | stringinterpolation.swift:22:30:22:30 | [post] | | stringinterpolation.swift:22:30:22:30 | &... | stringinterpolation.swift:22:30:22:30 | [post] &... | | stringinterpolation.swift:22:30:22:30 | [post] &... | stringinterpolation.swift:22:12:22:12 | TapExpr | -| stringinterpolation.swift:23:12:23:12 | SSA def($interpolation) | stringinterpolation.swift:23:13:23:13 | SSA phi($interpolation) | +| stringinterpolation.swift:23:12:23:12 | SSA def($interpolation) | stringinterpolation.swift:23:13:23:13 | $interpolation | | stringinterpolation.swift:23:12:23:12 | TapExpr | stringinterpolation.swift:23:12:23:12 | "..." | | stringinterpolation.swift:23:12:23:12 | pair: | stringinterpolation.swift:23:12:23:12 | [post] pair: | | stringinterpolation.swift:23:12:23:12 | pair: | stringinterpolation.swift:23:13:23:13 | [post] &... | @@ -211,7 +209,6 @@ | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:12:23:12 | [post] pair: | | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:13:23:13 | [post] &... | | stringinterpolation.swift:23:13:23:13 | &... | stringinterpolation.swift:23:20:23:20 | $interpolation | -| stringinterpolation.swift:23:13:23:13 | SSA phi($interpolation) | stringinterpolation.swift:23:13:23:13 | $interpolation | | stringinterpolation.swift:23:13:23:13 | [post] &... | stringinterpolation.swift:23:20:23:20 | $interpolation | | stringinterpolation.swift:23:20:23:20 | $interpolation | stringinterpolation.swift:23:20:23:20 | &... | | stringinterpolation.swift:23:20:23:20 | &... | stringinterpolation.swift:23:20:23:20 | [post] &... | @@ -227,7 +224,7 @@ | stringinterpolation.swift:23:31:23:31 | &... | stringinterpolation.swift:23:31:23:31 | [post] | | stringinterpolation.swift:23:31:23:31 | &... | stringinterpolation.swift:23:31:23:31 | [post] &... | | stringinterpolation.swift:23:31:23:31 | [post] &... | stringinterpolation.swift:23:12:23:12 | TapExpr | -| stringinterpolation.swift:24:12:24:12 | SSA def($interpolation) | stringinterpolation.swift:24:13:24:13 | SSA phi($interpolation) | +| stringinterpolation.swift:24:12:24:12 | SSA def($interpolation) | stringinterpolation.swift:24:13:24:13 | $interpolation | | stringinterpolation.swift:24:12:24:12 | TapExpr | stringinterpolation.swift:24:12:24:12 | "..." | | stringinterpolation.swift:24:12:24:12 | pair: | stringinterpolation.swift:24:12:24:12 | [post] pair: | | stringinterpolation.swift:24:12:24:12 | pair: | stringinterpolation.swift:24:13:24:13 | [post] &... | @@ -235,7 +232,6 @@ | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:12:24:12 | [post] pair: | | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:13:24:13 | [post] &... | | stringinterpolation.swift:24:13:24:13 | &... | stringinterpolation.swift:24:20:24:20 | $interpolation | -| stringinterpolation.swift:24:13:24:13 | SSA phi($interpolation) | stringinterpolation.swift:24:13:24:13 | $interpolation | | stringinterpolation.swift:24:13:24:13 | [post] &... | stringinterpolation.swift:24:20:24:20 | $interpolation | | stringinterpolation.swift:24:20:24:20 | $interpolation | stringinterpolation.swift:24:20:24:20 | &... | | stringinterpolation.swift:24:20:24:20 | &... | stringinterpolation.swift:24:20:24:20 | [post] &... | @@ -258,7 +254,7 @@ | stringinterpolation.swift:27:2:27:2 | p2 | stringinterpolation.swift:28:2:28:2 | p2 | | stringinterpolation.swift:28:2:28:2 | [post] p2 | stringinterpolation.swift:30:21:30:21 | p2 | | stringinterpolation.swift:28:2:28:2 | p2 | stringinterpolation.swift:30:21:30:21 | p2 | -| stringinterpolation.swift:30:12:30:12 | SSA def($interpolation) | stringinterpolation.swift:30:13:30:13 | SSA phi($interpolation) | +| stringinterpolation.swift:30:12:30:12 | SSA def($interpolation) | stringinterpolation.swift:30:13:30:13 | $interpolation | | stringinterpolation.swift:30:12:30:12 | TapExpr | stringinterpolation.swift:30:12:30:12 | "..." | | stringinterpolation.swift:30:12:30:12 | pair: | stringinterpolation.swift:30:12:30:12 | [post] pair: | | stringinterpolation.swift:30:12:30:12 | pair: | stringinterpolation.swift:30:13:30:13 | [post] &... | @@ -266,7 +262,6 @@ | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:12:30:12 | [post] pair: | | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:13:30:13 | [post] &... | | stringinterpolation.swift:30:13:30:13 | &... | stringinterpolation.swift:30:20:30:20 | $interpolation | -| stringinterpolation.swift:30:13:30:13 | SSA phi($interpolation) | stringinterpolation.swift:30:13:30:13 | $interpolation | | stringinterpolation.swift:30:13:30:13 | [post] &... | stringinterpolation.swift:30:20:30:20 | $interpolation | | stringinterpolation.swift:30:20:30:20 | $interpolation | stringinterpolation.swift:30:20:30:20 | &... | | stringinterpolation.swift:30:20:30:20 | &... | stringinterpolation.swift:30:20:30:20 | [post] &... | @@ -282,7 +277,7 @@ | stringinterpolation.swift:30:30:30:30 | &... | stringinterpolation.swift:30:30:30:30 | [post] | | stringinterpolation.swift:30:30:30:30 | &... | stringinterpolation.swift:30:30:30:30 | [post] &... | | stringinterpolation.swift:30:30:30:30 | [post] &... | stringinterpolation.swift:30:12:30:12 | TapExpr | -| stringinterpolation.swift:31:12:31:12 | SSA def($interpolation) | stringinterpolation.swift:31:13:31:13 | SSA phi($interpolation) | +| stringinterpolation.swift:31:12:31:12 | SSA def($interpolation) | stringinterpolation.swift:31:13:31:13 | $interpolation | | stringinterpolation.swift:31:12:31:12 | TapExpr | stringinterpolation.swift:31:12:31:12 | "..." | | stringinterpolation.swift:31:12:31:12 | pair: | stringinterpolation.swift:31:12:31:12 | [post] pair: | | stringinterpolation.swift:31:12:31:12 | pair: | stringinterpolation.swift:31:13:31:13 | [post] &... | @@ -290,7 +285,6 @@ | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:12:31:12 | [post] pair: | | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:13:31:13 | [post] &... | | stringinterpolation.swift:31:13:31:13 | &... | stringinterpolation.swift:31:20:31:20 | $interpolation | -| stringinterpolation.swift:31:13:31:13 | SSA phi($interpolation) | stringinterpolation.swift:31:13:31:13 | $interpolation | | stringinterpolation.swift:31:13:31:13 | [post] &... | stringinterpolation.swift:31:20:31:20 | $interpolation | | stringinterpolation.swift:31:20:31:20 | $interpolation | stringinterpolation.swift:31:20:31:20 | &... | | stringinterpolation.swift:31:20:31:20 | &... | stringinterpolation.swift:31:20:31:20 | [post] &... | @@ -306,7 +300,7 @@ | stringinterpolation.swift:31:31:31:31 | &... | stringinterpolation.swift:31:31:31:31 | [post] | | stringinterpolation.swift:31:31:31:31 | &... | stringinterpolation.swift:31:31:31:31 | [post] &... | | stringinterpolation.swift:31:31:31:31 | [post] &... | stringinterpolation.swift:31:12:31:12 | TapExpr | -| stringinterpolation.swift:32:12:32:12 | SSA def($interpolation) | stringinterpolation.swift:32:13:32:13 | SSA phi($interpolation) | +| stringinterpolation.swift:32:12:32:12 | SSA def($interpolation) | stringinterpolation.swift:32:13:32:13 | $interpolation | | stringinterpolation.swift:32:12:32:12 | TapExpr | stringinterpolation.swift:32:12:32:12 | "..." | | stringinterpolation.swift:32:12:32:12 | pair: | stringinterpolation.swift:32:12:32:12 | [post] pair: | | stringinterpolation.swift:32:12:32:12 | pair: | stringinterpolation.swift:32:13:32:13 | [post] &... | @@ -314,7 +308,6 @@ | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:12:32:12 | [post] pair: | | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:13:32:13 | [post] &... | | stringinterpolation.swift:32:13:32:13 | &... | stringinterpolation.swift:32:20:32:20 | $interpolation | -| stringinterpolation.swift:32:13:32:13 | SSA phi($interpolation) | stringinterpolation.swift:32:13:32:13 | $interpolation | | stringinterpolation.swift:32:13:32:13 | [post] &... | stringinterpolation.swift:32:20:32:20 | $interpolation | | stringinterpolation.swift:32:20:32:20 | $interpolation | stringinterpolation.swift:32:20:32:20 | &... | | stringinterpolation.swift:32:20:32:20 | &... | stringinterpolation.swift:32:20:32:20 | [post] &... | diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected index 4fc723b3001..853828d4f77 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/CONSISTENCY/CfgConsistency.expected @@ -1,18 +1,3 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | string.swift:139:13:139:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:139:14:139:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:141:13:141:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:141:14:141:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:143:13:143:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:143:14:143:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:147:13:147:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:147:14:147:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:149:13:149:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:149:14:149:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:151:13:151:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:151:14:151:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | string.swift:154:13:154:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | string.swift:154:14:154:14 | .appendLiteral(_:) | deadEnd | file://:0:0:0:0 | ... = ... | | file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected deleted file mode 100644 index 7d441114cb6..00000000000 --- a/swift/ql/test/query-tests/Security/CWE-079/CONSISTENCY/CfgConsistency.expected +++ /dev/null @@ -1,9 +0,0 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:126:25:126:25 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:126:26:126:26 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:127:25:127:25 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:127:26:127:26 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:173:25:173:25 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:173:26:173:26 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:174:25:174:25 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | UnsafeWebViewFetch.swift:174:26:174:26 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected index 5d83b4a49ef..069a6ecbc6a 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/query-tests/Security/CWE-089/CONSISTENCY/CfgConsistency.expected @@ -1,15 +1,2 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:67:21:67:21 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:67:22:67:22 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:68:19:68:19 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:68:20:68:20 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:69:19:69:19 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | SQLite.swift:69:20:69:20 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:127:21:127:21 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:127:22:127:22 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:128:19:128:19 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:128:20:128:20 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:129:19:129:19 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | sqlite3_c_api.swift:129:20:129:20 | .appendLiteral(_:) | deadEnd | file://:0:0:0:0 | ... = ... | diff --git a/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected deleted file mode 100644 index dfc53ae7a9a..00000000000 --- a/swift/ql/test/query-tests/Security/CWE-134/CONSISTENCY/CfgConsistency.expected +++ /dev/null @@ -1,3 +0,0 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | UncontrolledFormatString.swift:94:22:94:22 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | UncontrolledFormatString.swift:94:23:94:23 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected deleted file mode 100644 index 8898c8876df..00000000000 --- a/swift/ql/test/query-tests/Security/CWE-135/CONSISTENCY/CfgConsistency.expected +++ /dev/null @@ -1,41 +0,0 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation2.swift:38:11:38:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation2.swift:38:12:38:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:46:11:46:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:46:12:46:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:47:11:47:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:47:12:47:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:48:11:48:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:48:12:48:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:57:11:57:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:57:12:57:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:61:11:61:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:61:12:61:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:67:11:67:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:67:12:67:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:75:11:75:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:75:12:75:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:82:11:82:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:82:12:82:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:91:11:91:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:91:12:91:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:97:11:97:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:97:12:97:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:101:11:101:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:101:12:101:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:105:11:105:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:105:12:105:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:109:11:109:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:109:12:109:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:115:11:115:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:115:12:115:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:121:11:121:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:121:12:121:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:127:11:127:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:127:12:127:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:133:11:133:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:133:12:133:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:139:11:139:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:139:12:139:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:145:11:145:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | StringLengthConflation.swift:145:12:145:12 | .appendLiteral(_:) | diff --git a/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected index 67a549aa5bb..9d02611e7a7 100644 --- a/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected +++ b/swift/ql/test/query-tests/Security/CWE-312/CONSISTENCY/CfgConsistency.expected @@ -1,62 +1,3 @@ -multipleSuccessors -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:98:11:98:11 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:98:12:98:12 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:107:13:107:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:107:14:107:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:108:13:108:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:108:14:108:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:109:13:109:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:109:14:109:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:110:13:110:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:110:14:110:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:111:13:111:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:111:14:111:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:112:13:112:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:112:14:112:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:113:13:113:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:113:14:113:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:114:13:114:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:114:14:114:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:115:13:115:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:115:14:115:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:116:13:116:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:116:14:116:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:117:13:117:13 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:117:14:117:14 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:118:30:118:30 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:118:31:118:31 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:119:15:119:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:119:16:119:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:120:15:120:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:120:16:120:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:121:15:121:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:121:16:121:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:122:15:122:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:122:16:122:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:123:14:123:14 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:123:15:123:15 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:124:14:124:14 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:124:15:124:15 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:125:16:125:16 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:125:17:125:17 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:126:16:126:16 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:126:17:126:17 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:127:17:127:17 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:127:18:127:18 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:128:17:128:17 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:128:18:128:18 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:129:15:129:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:129:16:129:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:130:15:130:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:130:16:130:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:131:18:131:18 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:131:19:131:19 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:132:18:132:18 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:132:19:132:19 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:133:15:133:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:133:16:133:16 | .appendLiteral(_:) | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:134:15:134:15 | OpaqueValueExpr | -| file://:0:0:0:0 | $interpolation | successor | cleartextLoggingTest.swift:134:16:134:16 | .appendLiteral(_:) | deadEnd | file://:0:0:0:0 | ... = ... | | file://:0:0:0:0 | ... = ... | From 51f1a5dcc81b7b5d5b855f1780326686b2506446 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 12:22:44 +0200 Subject: [PATCH 101/210] Swift: remove `getOpaqueExpr` from `OpenExistentialExpr`'s children --- swift/ql/.generated.list | 9 ++++---- swift/ql/.gitattributes | 3 ++- .../codeql/swift/generated/ParentChild.qll | 7 +----- swift/ql/lib/codeql/swift/generated/Raw.qll | 17 ++++++++++++-- .../generated/expr/OpenExistentialExpr.qll | 23 +++++++++++++++---- .../CONSISTENCY/PrintAstConsistency.expected | 5 ---- .../OpenExistentialExpr/MISSING_SOURCE.txt | 4 ---- .../OpenExistentialExpr.expected | 1 + .../OpenExistentialExpr.ql | 16 +++++++++++++ .../OpenExistentialExpr_getType.expected | 1 + .../OpenExistentialExpr_getType.ql | 7 ++++++ .../open_existentials.swift | 15 ++++++++++++ .../CONSISTENCY/PrintAstConsistency.expected | 3 --- .../CONSISTENCY/PrintAstConsistency.expected | 13 ----------- .../CONSISTENCY/PrintAstConsistency.expected | 3 --- swift/schema.py | 19 ++++++++++++--- 16 files changed, 98 insertions(+), 48 deletions(-) delete mode 100644 swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt create mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql create mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected create mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql create mode 100644 swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift delete mode 100644 swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected delete mode 100644 swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list index a28e6ba533b..53847acba54 100644 --- a/swift/ql/.generated.list +++ b/swift/ql/.generated.list @@ -381,10 +381,10 @@ lib/codeql/swift/generated/KeyPathComponent.qll 00b1e586b8532f0193b3f61111e70d4e lib/codeql/swift/generated/Locatable.qll bfdf2dafae2829cac8d1e863a93676228d131b5a7f3df87c40d2f3b1839962b8 af243098af0955a40862387edf7526826fde62a64e5e6ca28de9e9603a8622bf lib/codeql/swift/generated/Location.qll 921922352d39449067d9f2788309b5f3490091097ffe35e6aa98f9368626ce2c 0795c63565c4308e745400bc70ea73675160201590a95bb418de4e2ebca32764 lib/codeql/swift/generated/OtherAvailabilitySpec.qll 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 0e26a203b26ff0581b7396b0c6d1606feec5cc32477f676585cdec4911af91c5 -lib/codeql/swift/generated/ParentChild.qll f490202e849b9cbd550ee9d758644b85d43e60d81413e6c28df2850fb1e9a2d6 6b95aeab6b53a880b230ad0c96b6deb519a7368898c844632ae96090de59df99 +lib/codeql/swift/generated/ParentChild.qll 01b27b48a12955a45ea26d0f7888a160faac9fd5fb57a19e87365318e9b21a30 88090ef26a7ce63f4ba88fa735e2c8207fd1de00076532083d93a7a02553797e lib/codeql/swift/generated/PlatformVersionAvailabilitySpec.qll f82d9ca416fe8bd59b5531b65b1c74c9f317b3297a6101544a11339a1cffce38 7f5c6d3309e66c134107afe55bae76dfc9a72cb7cdd6d4c3706b6b34cee09fa0 lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 -lib/codeql/swift/generated/Raw.qll 8d4880e5ee1fdd120adeb7bf0dfa1399e7b1a53b2cc7598aed8e15cbf996d1c0 da0d446347d29f5cd05281c17c24e87610f31c32adb7e05ab8f3a26bed55bd90 +lib/codeql/swift/generated/Raw.qll 13cf09f9b2f628831b6b715448779366959a4c44b1b5ffc97397654fc8620486 03d60bdb6543d87a83ca50a3977c98c08d936d435981ae0b373f98ecde7a142b lib/codeql/swift/generated/Synth.qll 551fdf7e4b53f9ee1314d1bb42c2638cf82f45bfa1f40a635dfa7b6072e4418c 9ab178464700a19951fc5285acacda4913addee81515d8e072b3d7055935a814 lib/codeql/swift/generated/SynthConstructors.qll 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 2f801bd8b0db829b0253cd459ed3253c1fdfc55dce68ebc53e7fec138ef0aca4 lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 @@ -521,7 +521,7 @@ lib/codeql/swift/generated/expr/ObjCSelectorExpr.qll efc72580627467dce30ab784bfb lib/codeql/swift/generated/expr/ObjectLiteralExpr.qll 199b3a5196bff35681ba2e4bdb546cfbe0a2e265f535d05cfdb89af9c382c1a6 7c6b962565841a634c850d088fd404a3e6f3045e05ff555e1cde0ec02ba8dc8d lib/codeql/swift/generated/expr/OneWayExpr.qll 8464649694b671a8462476fcd3827b07f8448069c7caa9e9efce44d7ce87aee0 c3e143ecd28238342a1d911a468087cc58a751106385f01cbe5a44e19c862d0e lib/codeql/swift/generated/expr/OpaqueValueExpr.qll 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 354f23d00d5ea2e734fd192130620d26c76c14d5bb7b0a1aa69f17ffb5289793 -lib/codeql/swift/generated/expr/OpenExistentialExpr.qll 55ff1b4fdf23b787538f8b8cdc5f382d874221cec230f8fa35189ebf6de09b58 8235fe3387753a0ac389e297bf67b416991117587a98a566620ac9b328887dd6 +lib/codeql/swift/generated/expr/OpenExistentialExpr.qll dfa76a8ce3613f6beb15a1e1ef37588b3862b02044aedad39a70a72d53b0dd4b 0bb2c70df80bccac424e281c772d9cdeac184dabfdbacf609a5a8519e80e923e lib/codeql/swift/generated/expr/OptionalEvaluationExpr.qll 76a3a789b3a4f17dd494f973f099766aa1db97c38cbbd93542e664a7cd7e1680 f56ce693b59cee6713a7cfdb2937a8a4e791d6e80c241ecd333ab197482a2d1b lib/codeql/swift/generated/expr/OptionalTryExpr.qll f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 f0c8dff90faee4fbf07772efda53afe1acc1fd148c16ee4d85a1502a36178e71 lib/codeql/swift/generated/expr/OtherInitializerRefExpr.qll 9e695cca00e162beadad513d6833f117cee0f364da6f16c7ed3809573c1fbfe2 ff29f1f265e22eefc9166f77fa8adca7f89d3f769591149e21c58c0789577a88 @@ -819,7 +819,8 @@ test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getArgum test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getType.ql 07d59d9962f3705f8f32302c0d730c179ca980172dd000b724a72e768fbf39db cd146e19249590316bb83efec19dd41234723513025cf9df45313f78f2b364dd test/extractor-tests/generated/expr/OneWayExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OpaqueValueExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 -test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 +test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql 48da42e3a2d44f4ca6b159bc8ba273352984b34fd14a3d6ca15ec9d6c38a2608 ba6a769c8c3c8cea40d64e0339515f59aded493d2c8f9c2447b10bcc43bed5f7 +test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql f8d4ddc40e4bef7760446bfb90f3d2b7438fd5a0a2aa092efd59493fa8a98b23 e54f77a98a38c2c68414a5e6de8de18189ce7f0e68f9c945ab387e52d7e04a12 test/extractor-tests/generated/expr/OptionalEvaluationExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OptionalTryExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 test/extractor-tests/generated/expr/OtherInitializerRefExpr/MISSING_SOURCE.txt 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 66846d526b0bc4328735c3c4dd9c390a9325da5b5dfd42ec07622f9c7108a7d7 diff --git a/swift/ql/.gitattributes b/swift/ql/.gitattributes index 71cc5c58ecf..b3bcb997024 100644 --- a/swift/ql/.gitattributes +++ b/swift/ql/.gitattributes @@ -821,7 +821,8 @@ /test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr_getType.ql linguist-generated /test/extractor-tests/generated/expr/OneWayExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OpaqueValueExpr/MISSING_SOURCE.txt linguist-generated -/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt linguist-generated +/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql linguist-generated +/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql linguist-generated /test/extractor-tests/generated/expr/OptionalEvaluationExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OptionalTryExpr/MISSING_SOURCE.txt linguist-generated /test/extractor-tests/generated/expr/OtherInitializerRefExpr/MISSING_SOURCE.txt linguist-generated diff --git a/swift/ql/lib/codeql/swift/generated/ParentChild.qll b/swift/ql/lib/codeql/swift/generated/ParentChild.qll index 09c48606353..785c67d7d44 100644 --- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll +++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll @@ -1615,13 +1615,12 @@ private module Impl { private Element getImmediateChildOfOpenExistentialExpr( OpenExistentialExpr e, int index, string partialPredicateCall ) { - exists(int b, int bExpr, int n, int nSubExpr, int nExistential, int nOpaqueExpr | + exists(int b, int bExpr, int n, int nSubExpr, int nExistential | b = 0 and bExpr = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfExpr(e, i, _)) | i) and n = bExpr and nSubExpr = n + 1 and nExistential = nSubExpr + 1 and - nOpaqueExpr = nExistential + 1 and ( none() or @@ -1632,10 +1631,6 @@ private module Impl { index = nSubExpr and result = e.getImmediateExistential() and partialPredicateCall = "Existential()" - or - index = nExistential and - result = e.getImmediateOpaqueExpr() and - partialPredicateCall = "OpaqueExpr()" ) ) } diff --git a/swift/ql/lib/codeql/swift/generated/Raw.qll b/swift/ql/lib/codeql/swift/generated/Raw.qll index dc5ddeed979..8ebecc81a15 100644 --- a/swift/ql/lib/codeql/swift/generated/Raw.qll +++ b/swift/ql/lib/codeql/swift/generated/Raw.qll @@ -1434,22 +1434,35 @@ module Raw { /** * INTERNAL: Do not use. + * An implicit expression created by the compiler when a method is called on a protocol. For example in + * ``` + * protocol P { + * func foo() -> Int + * } + * func bar(x: P) -> Int { + * return x.foo() + * } + * `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + * an `OpaqueValueExpr`. + * ``` */ class OpenExistentialExpr extends @open_existential_expr, Expr { override string toString() { result = "OpenExistentialExpr" } /** * Gets the sub expression of this open existential expression. + * + * This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used. */ Expr getSubExpr() { open_existential_exprs(this, result, _, _) } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. */ Expr getExistential() { open_existential_exprs(this, _, result, _) } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. */ OpaqueValueExpr getOpaqueExpr() { open_existential_exprs(this, _, _, result) } } diff --git a/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll b/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll index 72d7f0c6361..21a602c15a1 100644 --- a/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll +++ b/swift/ql/lib/codeql/swift/generated/expr/OpenExistentialExpr.qll @@ -5,6 +5,19 @@ import codeql.swift.elements.expr.Expr import codeql.swift.elements.expr.OpaqueValueExpr module Generated { + /** + * An implicit expression created by the compiler when a method is called on a protocol. For example in + * ``` + * protocol P { + * func foo() -> Int + * } + * func bar(x: P) -> Int { + * return x.foo() + * } + * `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + * an `OpaqueValueExpr`. + * ``` + */ class OpenExistentialExpr extends Synth::TOpenExistentialExpr, Expr { override string getAPrimaryQlClass() { result = "OpenExistentialExpr" } @@ -23,6 +36,8 @@ module Generated { /** * Gets the sub expression of this open existential expression. + * + * This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used. */ final Expr getSubExpr() { exists(Expr immediate | @@ -32,7 +47,7 @@ module Generated { } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the * behavior of both the `Immediate` and non-`Immediate` versions. @@ -45,7 +60,7 @@ module Generated { } /** - * Gets the existential of this open existential expression. + * Gets the protocol-typed expression opened by this expression. */ final Expr getExistential() { exists(Expr immediate | @@ -55,7 +70,7 @@ module Generated { } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. * * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the * behavior of both the `Immediate` and non-`Immediate` versions. @@ -68,7 +83,7 @@ module Generated { } /** - * Gets the opaque expression of this open existential expression. + * Gets the opaque value expression embedded within `getSubExpr()`. */ final OpaqueValueExpr getOpaqueExpr() { exists(OpaqueValueExpr immediate | diff --git a/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index 768d459dd00..00000000000 --- a/swift/ql/test/extractor-tests/generated/expr/DynamicLookupExpr/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,5 +0,0 @@ -doubleParents -| dynamic_lookup.swift:15:1:15:3 | [DynamicMemberRefExpr] .foo(_:) | getBase() | dynamic_lookup.swift:15:1:15:3 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:15:1:15:1 | [OpaqueValueExpr] OpaqueValueExpr | -| dynamic_lookup.swift:15:1:15:3 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:15:1:15:3 | [DynamicMemberRefExpr] .foo(_:) | getBase() | dynamic_lookup.swift:15:1:15:1 | [OpaqueValueExpr] OpaqueValueExpr | -| dynamic_lookup.swift:16:5:16:9 | [DynamicSubscriptExpr] subscript ...[...] | getBase() | dynamic_lookup.swift:16:5:16:9 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:16:5:16:5 | [OpaqueValueExpr] OpaqueValueExpr | -| dynamic_lookup.swift:16:5:16:9 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | dynamic_lookup.swift:16:5:16:9 | [DynamicSubscriptExpr] subscript ...[...] | getBase() | dynamic_lookup.swift:16:5:16:5 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt deleted file mode 100644 index 25daf3d23a2..00000000000 --- a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/MISSING_SOURCE.txt +++ /dev/null @@ -1,4 +0,0 @@ -// generated by codegen/codegen.py - -After a source file is added in this directory and codegen/codegen.py is run again, test queries -will appear and this file will be deleted diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected new file mode 100644 index 00000000000..4d2e4f05c6e --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.expected @@ -0,0 +1 @@ +| open_existentials.swift:14:5:14:19 | OpenExistentialExpr | hasType: | yes | getSubExpr: | open_existentials.swift:14:5:14:19 | call to foo() | getExistential: | open_existentials.swift:14:5:14:13 | call to createP() | getOpaqueExpr: | open_existentials.swift:14:5:14:13 | OpaqueValueExpr | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql new file mode 100644 index 00000000000..ddff95364d2 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr.ql @@ -0,0 +1,16 @@ +// generated by codegen/codegen.py +import codeql.swift.elements +import TestUtils + +from + OpenExistentialExpr x, string hasType, Expr getSubExpr, Expr getExistential, + OpaqueValueExpr getOpaqueExpr +where + toBeTested(x) and + not x.isUnknown() and + (if x.hasType() then hasType = "yes" else hasType = "no") and + getSubExpr = x.getSubExpr() and + getExistential = x.getExistential() and + getOpaqueExpr = x.getOpaqueExpr() +select x, "hasType:", hasType, "getSubExpr:", getSubExpr, "getExistential:", getExistential, + "getOpaqueExpr:", getOpaqueExpr diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected new file mode 100644 index 00000000000..2103b344895 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.expected @@ -0,0 +1 @@ +| open_existentials.swift:14:5:14:19 | OpenExistentialExpr | () | diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql new file mode 100644 index 00000000000..11f926e60ce --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/OpenExistentialExpr_getType.ql @@ -0,0 +1,7 @@ +// generated by codegen/codegen.py +import codeql.swift.elements +import TestUtils + +from OpenExistentialExpr x +where toBeTested(x) and not x.isUnknown() +select x, x.getType() diff --git a/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift new file mode 100644 index 00000000000..1cd9a688da6 --- /dev/null +++ b/swift/ql/test/extractor-tests/generated/expr/OpenExistentialExpr/open_existentials.swift @@ -0,0 +1,15 @@ +protocol P { + func foo() -> () +} + +class C : P { + func foo() {} +} + +func createP() -> P { + return C() +} + +func test() { + createP().foo() +} diff --git a/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index 3eda02b23e1..00000000000 --- a/swift/ql/test/extractor-tests/generated/type/OpenedArchetypeType/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,3 +0,0 @@ -doubleParents -| opened_archetypes.swift:24:10:24:16 | [MemberRefExpr] .isFooMember | getBase() | opened_archetypes.swift:24:10:24:16 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | opened_archetypes.swift:24:10:24:10 | [OpaqueValueExpr] OpaqueValueExpr | -| opened_archetypes.swift:24:10:24:16 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | opened_archetypes.swift:24:10:24:16 | [MemberRefExpr] .isFooMember | getBase() | opened_archetypes.swift:24:10:24:10 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index 6f3e5d56f99..00000000000 --- a/swift/ql/test/library-tests/dataflow/flowsources/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,13 +0,0 @@ -doubleParents -| generics.swift:93:9:93:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:93:9:93:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:93:9:93:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:93:9:93:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:93:9:93:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:93:9:93:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:94:9:94:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:94:9:94:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:94:9:94:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:94:9:94:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:94:9:94:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:94:9:94:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:95:9:95:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:95:9:95:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:95:9:95:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:95:9:95:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:95:9:95:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:95:9:95:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:125:9:125:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:125:9:125:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:125:9:125:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:125:9:125:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:125:9:125:15 | [MemberRefExpr] .source0 | getBase() | generics.swift:125:9:125:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:126:9:126:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:126:9:126:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:126:9:126:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:126:9:126:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:126:9:126:15 | [MemberRefExpr] .source1 | getBase() | generics.swift:126:9:126:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:127:9:127:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:127:9:127:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:127:9:127:9 | [OpaqueValueExpr] OpaqueValueExpr | -| generics.swift:127:9:127:15 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | generics.swift:127:9:127:15 | [MemberRefExpr] .source2 | getBase() | generics.swift:127:9:127:9 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected b/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected deleted file mode 100644 index e1a86b483ac..00000000000 --- a/swift/ql/test/query-tests/Security/CWE-311/CONSISTENCY/PrintAstConsistency.expected +++ /dev/null @@ -1,3 +0,0 @@ -doubleParents -| file://:0:0:0:0 | [MethodLookupExpr] .container(keyedBy:) | getBase() | file://:0:0:0:0 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | file://:0:0:0:0 | [OpaqueValueExpr] OpaqueValueExpr | -| file://:0:0:0:0 | [OpenExistentialExpr] OpenExistentialExpr | getOpaqueExpr() | file://:0:0:0:0 | [MethodLookupExpr] .container(keyedBy:) | getBase() | file://:0:0:0:0 | [OpaqueValueExpr] OpaqueValueExpr | diff --git a/swift/schema.py b/swift/schema.py index 8fc0941e171..ef2c357899f 100644 --- a/swift/schema.py +++ b/swift/schema.py @@ -516,9 +516,22 @@ class OpaqueValueExpr(Expr): pass class OpenExistentialExpr(Expr): - sub_expr: Expr | child - existential: Expr | child - opaque_expr: OpaqueValueExpr | child + """ An implicit expression created by the compiler when a method is called on a protocol. For example in + ``` + protocol P { + func foo() -> Int + } + func bar(x: P) -> Int { + return x.foo() + } + `x.foo()` is actually wrapped in an `OpenExistentialExpr` that "opens" `x` replacing it in its subexpression with + an `OpaqueValueExpr`. + ``` + """ + sub_expr: Expr | child | desc(""" + This wrapped subexpression is where the opaque value and the dynamic type under the protocol type may be used.""") + existential: Expr | child | doc("protocol-typed expression opened by this expression") + opaque_expr: OpaqueValueExpr | doc("opaque value expression embedded within `getSubExpr()`") class OptionalEvaluationExpr(Expr): sub_expr: Expr | child From 765076bcba4b720a5eddf279f2479ce4e2bb8497 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 25 May 2023 13:28:39 +0200 Subject: [PATCH 102/210] fix whitespace in the samples in ReDoS.qhelp --- java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp | 3 +-- javascript/ql/src/Performance/ReDoS.qhelp | 3 +-- python/ql/src/Security/CWE-730/ReDoS.qhelp | 3 +-- ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp | 3 +-- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp index 08b67acb638..9f0d7a6fa07 100644 --- a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp +++ b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp @@ -25,8 +25,7 @@ the two branches of the alternative inside the repetition:

    - ^_(__|[^_])+_$ - +^_(__|[^_])+_$ diff --git a/javascript/ql/src/Performance/ReDoS.qhelp b/javascript/ql/src/Performance/ReDoS.qhelp index 21b937b17ef..a020a319207 100644 --- a/javascript/ql/src/Performance/ReDoS.qhelp +++ b/javascript/ql/src/Performance/ReDoS.qhelp @@ -25,8 +25,7 @@ the two branches of the alternative inside the repetition:

    - /^_(__|[^_])+_$/ - +/^_(__|[^_])+_$/ diff --git a/python/ql/src/Security/CWE-730/ReDoS.qhelp b/python/ql/src/Security/CWE-730/ReDoS.qhelp index 9cfbcc32354..74f3b8b87a1 100644 --- a/python/ql/src/Security/CWE-730/ReDoS.qhelp +++ b/python/ql/src/Security/CWE-730/ReDoS.qhelp @@ -25,8 +25,7 @@ the two branches of the alternative inside the repetition:

    - ^_(__|[^_])+_$ - +^_(__|[^_])+_$ diff --git a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp index 4c85702a0d3..901315cba72 100644 --- a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp +++ b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp @@ -21,8 +21,7 @@ repetition:

    - /^_(__|[^_])+_$/ - +/^_(__|[^_])+_$/ From 9f5bf8fb2268d6975e9d791ad1b54da89428646c Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 25 May 2023 13:56:29 +0200 Subject: [PATCH 103/210] also fix the first code-block --- java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp | 3 +-- javascript/ql/src/Performance/ReDoS.qhelp | 3 +-- python/ql/src/Security/CWE-730/ReDoS.qhelp | 3 +-- ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp | 3 +-- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp index 9f0d7a6fa07..7fcdb97535b 100644 --- a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp +++ b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

    - ^_(__|.)+_$ - +^_(__|.)+_$

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two diff --git a/javascript/ql/src/Performance/ReDoS.qhelp b/javascript/ql/src/Performance/ReDoS.qhelp index a020a319207..c152d646201 100644 --- a/javascript/ql/src/Performance/ReDoS.qhelp +++ b/javascript/ql/src/Performance/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

    - /^_(__|.)+_$/ - +/^_(__|.)+_$/

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two diff --git a/python/ql/src/Security/CWE-730/ReDoS.qhelp b/python/ql/src/Security/CWE-730/ReDoS.qhelp index 74f3b8b87a1..a881d94cd9f 100644 --- a/python/ql/src/Security/CWE-730/ReDoS.qhelp +++ b/python/ql/src/Security/CWE-730/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

    - ^_(__|.)+_$ - +^_(__|.)+_$

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two diff --git a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp index 901315cba72..4c19e2bb6fe 100644 --- a/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp +++ b/ruby/ql/src/queries/security/cwe-1333/ReDoS.qhelp @@ -4,8 +4,7 @@

    Consider this regular expression:

    - /^_(__|.)+_$/ - +/^_(__|.)+_$/

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the From 5e66885a8e81ea9c0eac71df0cab0621e066f8f9 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 25 May 2023 14:00:04 +0200 Subject: [PATCH 104/210] Swift: add change note --- .../2023-05-25-fix-ast-and-cfg-inconsistencies.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md diff --git a/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md new file mode 100644 index 00000000000..d7806a38360 --- /dev/null +++ b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md @@ -0,0 +1,14 @@ +--- +category: fix +--- + +* Fixed some AST printing inconsistencies leading to a non-tree AST. In particular: + * `getOpaqueExpr()` is not considered a child of `OpenExistentialExpr` anymore, as it is + actually a reference to an expression nested within `getSubExpr()`; + * fixed some corner cases involving synthesized `PatternBindingDecl`s for variables wrapped with + property wrappers. +* Fixed some control flow graph inconsistencies leading to multiple successors and dead ends. + In particular: + * fixed the corner cases mentioned above for AST printing, which were a problem also for the + control graph; + * fixed an inconsistency caused by an unneeded special treatment of `TapExpr`. From 791ba81403721610f45f8d601413f78d2245d5a5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 25 May 2023 13:23:52 +0100 Subject: [PATCH 105/210] Swift: Add change note. --- .../change-notes/2023-05-25-string-length-conflation-fp.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md diff --git a/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md new file mode 100644 index 00000000000..937ebd4b41a --- /dev/null +++ b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md @@ -0,0 +1,4 @@ +— +category: minorAnalysis +— +* Fixed some false positive results from the `swift/string-length-conflation` query, caused by imprecise sinks. From 93678e5d363d059b09092b228729dde84edb1a07 Mon Sep 17 00:00:00 2001 From: Asger F Date: Thu, 25 May 2023 12:51:26 +0200 Subject: [PATCH 106/210] Ruby: fix name of super calls in singleton methods --- ruby/ql/lib/codeql/ruby/ast/internal/Call.qll | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll b/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll index 74acef8e860..e3faf292023 100644 --- a/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll +++ b/ruby/ql/lib/codeql/ruby/ast/internal/Call.qll @@ -121,13 +121,15 @@ private Ruby::AstNode getSuperParent(Ruby::Super sup) { result = sup or result = getSuperParent(sup).getParent() and - not result instanceof Ruby::Method + not result instanceof Ruby::Method and + not result instanceof Ruby::SingletonMethod } private string getSuperMethodName(Ruby::Super sup) { - exists(Ruby::Method meth | - meth = getSuperParent(sup).getParent() and + exists(Ruby::AstNode meth | meth = getSuperParent(sup).getParent() | result = any(Method c | toGenerated(c) = meth).getName() + or + result = any(SingletonMethod c | toGenerated(c) = meth).getName() ) } From 9e8cef5e1b994c9c112ee97ea74605de981f4956 Mon Sep 17 00:00:00 2001 From: Asger F Date: Thu, 25 May 2023 15:02:29 +0200 Subject: [PATCH 107/210] Ruby: fix type-tracking flow-through for new->initialize calls --- .../ruby/typetracking/TypeTrackerSpecific.qll | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll index 7283ffedf09..55ec26258d6 100644 --- a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll @@ -89,12 +89,23 @@ private predicate flowThrough(DataFlowPublic::ParameterNode param) { ) } +/** Holds if there is flow from `arg` to `p` via the call `call`, not counting `new -> initialize` call steps. */ +pragma[nomagic] +predicate callStepNoInitialize( + ExprNodes::CallCfgNode call, Node arg, DataFlowPrivate::ParameterNodeImpl p +) { + exists(DataFlowDispatch::ParameterPosition pos | + argumentPositionMatch(call, arg, pos) and + p.isSourceParameterOf(DataFlowDispatch::getTarget(call), pos) + ) +} + /** Holds if there is a level step from `nodeFrom` to `nodeTo`, which may depend on the call graph. */ pragma[nomagic] predicate levelStepCall(Node nodeFrom, Node nodeTo) { exists(DataFlowPublic::ParameterNode param | flowThrough(param) and - callStep(nodeTo.asExpr(), nodeFrom, param) + callStepNoInitialize(nodeTo.asExpr(), nodeFrom, param) ) } From 5dfb07ce370182d4defbed8283f25406cc1eea27 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 24 May 2023 17:47:13 +0100 Subject: [PATCH 108/210] Swift: Test DataProtocol. --- .../dataflow/taint/libraries/data.swift | 109 +++++++++++------- 1 file changed, 66 insertions(+), 43 deletions(-) diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift index 60732f704d2..178f4864992 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift @@ -7,7 +7,19 @@ protocol SortComparator { associatedtype Compared } -struct Data : RangeReplaceableCollection +protocol DataProtocol { +} +extension DataProtocol { + func copyBytes(to: UnsafeMutableRawBufferPointer) {} + func copyBytes(to: UnsafeMutablePointer, count: Int) {} + func copyBytes(to: UnsafeMutablePointer, from: Range) {} +} +extension UnsafeRawBufferPointer : DataProtocol { } +extension Array : DataProtocol where Element == UInt8 { } + +protocol MutableDataProtocol : DataProtocol, RangeReplaceableCollection { } + +struct Data : MutableDataProtocol { struct Base64EncodingOptions : OptionSet { let rawValue: Int } struct Base64DecodingOptions : OptionSet { let rawValue: Int } @@ -82,182 +94,193 @@ func taintThroughData() { let dataTainted2 = Data(dataTainted) sink(arg: dataClean) - sink(arg: dataTainted) // $ tainted=81 - sink(arg: dataTainted2) // $ tainted=81 + sink(arg: dataTainted) // $ tainted=93 + sink(arg: dataTainted2) // $ tainted=93 // ";Data;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint", let dataTainted3 = Data(base64Encoded: source() as! Data, options: []) - sink(arg: dataTainted3) // $ tainted=89 + sink(arg: dataTainted3) // $ tainted=101 // ";Data;true;init(buffer:);;;Argument[0];ReturnValue;taint", let dataTainted4 = Data(buffer: source() as! UnsafeBufferPointer) - sink(arg: dataTainted4) // $ tainted=93 + sink(arg: dataTainted4) // $ tainted=105 let dataTainted5 = Data(buffer: source() as! UnsafeMutablePointer) - sink(arg: dataTainted5) // $ tainted=95 + sink(arg: dataTainted5) // $ tainted=107 // ";Data;true;init(bytes:count:);;;Argument[0];ReturnValue;taint", let dataTainted6 = Data(bytes: source() as! UnsafeRawPointer, count: 0) - sink(arg: dataTainted6) // $ tainted=99 + sink(arg: dataTainted6) // $ tainted=111 // ";Data;true;init(bytesNoCopy:count:deallocator:);;;Argument[0];ReturnValue;taint", let dataTainted7 = Data(bytesNoCopy: source() as! UnsafeRawPointer, count: 0, deallocator: Data.Deallocator.none) - sink(arg: dataTainted7) // $ tainted=103 + sink(arg: dataTainted7) // $ tainted=115 // ";Data;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint", let urlTainted8 = source() as! URL let dataTainted8 = Data(contentsOf: urlTainted8, options: []) - sink(arg: dataTainted8) // $ tainted=107 + sink(arg: dataTainted8) // $ tainted=119 // ";Data;true;init(referencing:);;;Argument[0];ReturnValue;taint", let dataTainted9 = Data(referencing: source() as! NSData) - sink(arg: dataTainted9) // $ tainted=112 + sink(arg: dataTainted9) // $ tainted=124 // ";Data;true;append(_:);;;Argument[0];Argument[-1];taint", let dataTainted10 = Data("") dataTainted10.append(source() as! Data) - sink(arg: dataTainted10) // $ tainted=117 + sink(arg: dataTainted10) // $ tainted=129 let dataTainted11 = Data("") dataTainted11.append(source() as! UInt8) - sink(arg: dataTainted11) // $ tainted=121 + sink(arg: dataTainted11) // $ tainted=133 let dataTainted12 = Data("") dataTainted12.append(source() as! UnsafeBufferPointer) - sink(arg: dataTainted12) // $ tainted=125 + sink(arg: dataTainted12) // $ tainted=137 // ";Data;true;append(_:count:);;;Argument[0];Argument[-1];taint", let dataTainted13 = Data("") dataTainted13.append(source() as! UnsafePointer, count: 0) - sink(arg: dataTainted13) // $ tainted=130 + sink(arg: dataTainted13) // $ tainted=142 // ";Data;true;append(contentsOf:);;;Argument[0];Argument[-1];taint", let dataTainted14 = Data("") dataTainted14.append(contentsOf: source() as! [UInt8]) - sink(arg: dataTainted14) // $ tainted=135 + sink(arg: dataTainted14) // $ tainted=147 // ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint", let dataTainted15 = source() as! Data - sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=139 + sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=151 // ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint", let dataTainted16 = source() as! Data - sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=143 + sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=155 // ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint", let dataTainted17 = source() as! Data let compactMapped: [Int] = dataTainted17.compactMap { str in Int(str) } - sink(arg: compactMapped) // $ tainted=147 + sink(arg: compactMapped) // $ tainted=159 // ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", let dataTainted18 = source() as! Data let pointerTainted18 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) dataTainted18.copyBytes(to: pointerTainted18) - sink(arg: pointerTainted18) // $ tainted=152 + sink(arg: pointerTainted18) // $ tainted=164 // ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", let dataTainted19 = source() as! Data let pointerTainted19 = UnsafeMutablePointer.allocate(capacity: 0) dataTainted19.copyBytes(to: pointerTainted19, count: 0) - sink(arg: pointerTainted19) // $ tainted=158 + sink(arg: pointerTainted19) // $ tainted=170 // ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", let dataTainted20 = source() as! Data let pointerTainted20 = UnsafeMutablePointer.allocate(capacity: 0) dataTainted20.copyBytes(to: pointerTainted20, from: 0..<1) - sink(arg: pointerTainted20) // $ tainted=164 + sink(arg: pointerTainted20) // $ tainted=176 // ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint", let dataTainted21 = source() as! Data let flatMapped = dataTainted21.flatMap { Array(repeating: $0, count: 0) } - sink(arg: flatMapped) // $ tainted=170 + sink(arg: flatMapped) // $ tainted=182 let dataTainted22 = source() as! Data let flatMapped2 = dataTainted22.flatMap { str in Int(str) } - sink(arg: flatMapped2) // $ tainted=174 + sink(arg: flatMapped2) // $ tainted=186 // ";Data;true;insert(_:at:);;;Argument[0];Argument[-1];taint", let dataTainted23 = Data("") dataTainted23.insert(source() as! UInt8, at: 0) - sink(arg: dataTainted23) // $ tainted=180 + sink(arg: dataTainted23) // $ tainted=192 // ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint", let dataTainted24 = Data("") dataTainted24.insert(contentsOf: source() as! [UInt8], at: 0) - sink(arg: dataTainted24) // $ tainted=185 + sink(arg: dataTainted24) // $ tainted=197 // ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint", let dataTainted25 = source() as! Data let mapped = dataTainted25.map { $0 } - sink(arg: mapped) // $ tainted=189 + sink(arg: mapped) // $ tainted=201 // ";Data;true;reduce(into:_:);;;Argument[-1];ReturnValue;taint", let dataTainted26 = source() as! Data let reduced = dataTainted26.reduce(into: [:]) { c, i in c[i, default: 0] += 1 } - sink(arg: reduced) // $ tainted=194 + sink(arg: reduced) // $ tainted=206 // ";Data;true;replace(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted27 = Data("") dataTainted27.replace([0], with: source() as! [UInt8], maxReplacements: .max) - sink(arg: dataTainted27) // $ tainted=200 + sink(arg: dataTainted27) // $ tainted=212 // ";Data;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint", let dataTainted28 = Data("") dataTainted28.replaceSubrange(1..<3, with: source() as! Data) - sink(arg: dataTainted28) // $ tainted=205 + sink(arg: dataTainted28) // $ tainted=217 let dataTainted29 = Data("") dataTainted29.replaceSubrange(1..<3, with: source() as! [UInt8]) - sink(arg: dataTainted29) // $ tainted=209 + sink(arg: dataTainted29) // $ tainted=221 let dataTainted30 = Data("") dataTainted30.replaceSubrange(1..<3, with: source() as! UnsafeBufferPointer) - sink(arg: dataTainted30) // $ tainted=213 + sink(arg: dataTainted30) // $ tainted=225 // ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint", let dataTainted31 = Data("") dataTainted31.replaceSubrange(1..<3, with: source() as! UnsafeRawPointer, count: 0) - sink(arg: dataTainted31) // $ tainted=218 + sink(arg: dataTainted31) // $ tainted=230 // ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted32 = Data("") let _ = dataTainted32.replacing([0], with: source() as! [UInt8], maxReplacements: 0) - sink(arg: dataTainted32) // $ tainted=223 + sink(arg: dataTainted32) // $ tainted=235 // ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint", let dataTainted33 = Data("") let _ = dataTainted33.replacing([0], with: source() as! [UInt8], subrange: 1..<3, maxReplacements: 0) - sink(arg: dataTainted33) // $ tainted=228 + sink(arg: dataTainted33) // $ tainted=240 // ";Data;true;reversed();;;Argument[-1];ReturnValue;taint", let dataTainted34 = source() as! Data - sink(arg: dataTainted34.reversed()) // $ tainted=232 + sink(arg: dataTainted34.reversed()) // $ tainted=244 // ";Data;true;sorted();;;Argument[-1];ReturnValue;taint", let dataTainted35 = source() as! Data - sink(arg: dataTainted35.sorted()) // $ tainted=236 + sink(arg: dataTainted35.sorted()) // $ tainted=248 // ";Data;true;sorted(by:);;;Argument[-1];ReturnValue;taint", let dataTainted36 = source() as! Data - sink(arg: dataTainted36.sorted{ _,_ in return false }) // $ tainted=240 + sink(arg: dataTainted36.sorted{ _,_ in return false }) // $ tainted=252 // ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint", let dataTainted37 = source() as! Data - sink(arg: dataTainted37.sorted(using: cmp()!)) // $ tainted=244 + sink(arg: dataTainted37.sorted(using: cmp()!)) // $ tainted=256 // ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint", let dataTainted38 = source() as! Data - sink(arg: dataTainted38.shuffled()) // $ tainted=248 + sink(arg: dataTainted38.shuffled()) // $ tainted=260 // ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint", let dataTainted39 = source() as! Data - var rng = rng()! - sink(arg: dataTainted39.shuffled(using: &rng)) // $ tainted=252 + var myRng = rng()! + sink(arg: dataTainted39.shuffled(using: &myRng)) // $ tainted=264 // ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint", let dataTainted40 = source() as! Data - sink(arg: dataTainted40.trimmingPrefix([0])) // $ tainted=257 + sink(arg: dataTainted40.trimmingPrefix([0])) // $ tainted=269 // ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint" let dataTainted41 = source() as! Data - sink(arg: dataTainted41.trimmingPrefix { _ in false }) // $ tainted=261 + sink(arg: dataTainted41.trimmingPrefix { _ in false }) // $ tainted=273 + + // ";DataProtocol;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", + let dataTainted43 = source() as! UnsafeRawBufferPointer + let pointerTainted43 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) + dataTainted43.copyBytes(to: pointerTainted43) + sink(arg: pointerTainted43) // $ MISSING: tainted=277 + + let dataTainted44 = source() as! Array + let pointerTainted44 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) + dataTainted44.copyBytes(to: pointerTainted44) + sink(arg: pointerTainted44) // $ MISSING: tainted=282 } From 51321a218b0ec9032a5b1613c686d9d1a2955acf Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 24 May 2023 17:09:06 +0100 Subject: [PATCH 109/210] Swift: Correct models in Data.qll. --- .../ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll | 6 +++--- .../test/library-tests/dataflow/taint/libraries/data.swift | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll index d1ede40a14d..c057293f00e 100644 --- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll +++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll @@ -26,9 +26,9 @@ private class DataSummaries extends SummaryModelCsv { ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint", ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint", ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint", - ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", - ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", - ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint", + ";DataProtocol;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint", ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint", ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint", ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint", diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift index 178f4864992..2437e91981f 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/data.swift @@ -277,10 +277,10 @@ func taintThroughData() { let dataTainted43 = source() as! UnsafeRawBufferPointer let pointerTainted43 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) dataTainted43.copyBytes(to: pointerTainted43) - sink(arg: pointerTainted43) // $ MISSING: tainted=277 + sink(arg: pointerTainted43) // $ tainted=277 let dataTainted44 = source() as! Array let pointerTainted44 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0) dataTainted44.copyBytes(to: pointerTainted44) - sink(arg: pointerTainted44) // $ MISSING: tainted=282 + sink(arg: pointerTainted44) // $ tainted=282 } From 98e5f0fc4fe611bd3001356a20536c93bfb931d5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 25 May 2023 16:04:18 +0100 Subject: [PATCH 110/210] Swift: Add change note. --- swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md diff --git a/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md b/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md new file mode 100644 index 00000000000..6e26484f5dc --- /dev/null +++ b/swift/ql/lib/change-notes/2023-05-25-dataprotocol-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Some models for the `Data` class have been generalized to `DataProtocol` so that they apply more widely. \ No newline at end of file From 85a1ab0264e62bef86b7564a7808b6d73220de66 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 25 May 2023 16:10:31 +0100 Subject: [PATCH 111/210] Swift: Undo autocorrect. --- .../change-notes/2023-05-25-string-length-conflation-fp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md index 937ebd4b41a..7166b5e9ed7 100644 --- a/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md +++ b/swift/ql/src/change-notes/2023-05-25-string-length-conflation-fp.md @@ -1,4 +1,4 @@ -— +--- category: minorAnalysis -— +--- * Fixed some false positive results from the `swift/string-length-conflation` query, caused by imprecise sinks. From 3f3a5d39e5b76622b700d7f77cbde897f746ef45 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 25 May 2023 17:13:51 +0100 Subject: [PATCH 112/210] Swift: Fix the SQL injection test. --- .../ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift index d04dec0debc..8498d89d68d 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift +++ b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift @@ -6,8 +6,8 @@ struct URL init?(string: String) {} init?(string: String, relativeTo: URL?) {} } - -struct Data { +protocol DataProtocol { } +struct Data : DataProtocol { init(_ elements: S) { count = 0 } var count: Int From 609319da20d11128fb6d838ca239bc48b57a366b Mon Sep 17 00:00:00 2001 From: Alex Ford Date: Thu, 25 May 2023 17:53:01 +0100 Subject: [PATCH 113/210] ruby: update TaintStep.ql test output --- ruby/ql/test/library-tests/dataflow/local/TaintStep.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected index 890bef5720e..b04315cfc88 100644 --- a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected +++ b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected @@ -2814,6 +2814,7 @@ | file://:0:0:0:0 | parameter position 0 of File.realdirpath | file://:0:0:0:0 | [summary] to write: return (return) in File.realdirpath | | file://:0:0:0:0 | parameter position 0 of File.realpath | file://:0:0:0:0 | [summary] to write: return (return) in File.realpath | | file://:0:0:0:0 | parameter position 0 of Hash[] | file://:0:0:0:0 | [summary] read: argument position 0.any element in Hash[] | +| file://:0:0:0:0 | parameter position 0 of PG.new() | file://:0:0:0:0 | [summary] to write: return (return) in PG.new() | | file://:0:0:0:0 | parameter position 0 of String.try_convert | file://:0:0:0:0 | [summary] to write: return (return) in String.try_convert | | file://:0:0:0:0 | parameter position 0 of \| | file://:0:0:0:0 | [summary] read: argument position 0.any element in \| | | file://:0:0:0:0 | parameter position 1.. of File.join | file://:0:0:0:0 | [summary] to write: return (return) in File.join | From a7252e625effd27f9f739296d9cc7e9ce7d52f19 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 11:12:01 -0700 Subject: [PATCH 114/210] C++: Fix result duplication on 'cpp/unbounded-write' on 'kirxkirx/vast'. --- .../code/cpp/ir/dataflow/internal/DataFlowUtil.qll | 14 +++++++++----- .../dataflow/internal/DefaultTaintTrackingImpl.qll | 4 ++-- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index 7f32a27287b..12f91b6f2c0 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -1640,8 +1640,11 @@ predicate localInstructionFlow(Instruction e1, Instruction e2) { localFlow(instructionNode(e1), instructionNode(e2)) } +/** + * INTERNAL: Do not use. + */ cached -private module ExprFlowCached { +module ExprFlowCached { /** * Holds if `n` is an indirect operand of a `PointerArithmeticInstruction`, and * `e` is the result of loading from the `PointerArithmeticInstruction`. @@ -1692,7 +1695,8 @@ private module ExprFlowCached { * `x[i]` steps to the expression `x[i - 1]` without traversing the * entire chain. */ - private Expr asExpr(Node n) { + cached + Expr asExprInternal(Node n) { isIndirectBaseOfArrayAccess(n, result) or not isIndirectBaseOfArrayAccess(n, _) and @@ -1704,7 +1708,7 @@ private module ExprFlowCached { * dataflow step. */ private predicate localStepFromNonExpr(Node n1, Node n2) { - not exists(asExpr(n1)) and + not exists(asExprInternal(n1)) and localFlowStep(n1, n2) } @@ -1715,7 +1719,7 @@ private module ExprFlowCached { pragma[nomagic] private predicate localStepsToExpr(Node n1, Node n2, Expr e2) { localStepFromNonExpr*(n1, n2) and - e2 = asExpr(n2) + e2 = asExprInternal(n2) } /** @@ -1726,7 +1730,7 @@ private module ExprFlowCached { exists(Node mid | localFlowStep(n1, mid) and localStepsToExpr(mid, n2, e2) and - e1 = asExpr(n1) + e1 = asExprInternal(n1) ) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll index e21a83fcb54..960b373b4fa 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll @@ -60,7 +60,7 @@ private DataFlow::Node getNodeForSource(Expr source) { } private DataFlow::Node getNodeForExpr(Expr node) { - result = DataFlow::exprNode(node) + node = DataFlow::ExprFlowCached::asExprInternal(result) or // Some of the sources in `isUserInput` are intended to match the value of // an expression, while others (those modeled below) are intended to match @@ -221,7 +221,7 @@ private module Cached { predicate nodeIsBarrierIn(DataFlow::Node node) { // don't use dataflow into taint sources, as this leads to duplicate results. exists(Expr source | isUserInput(source, _) | - node = DataFlow::exprNode(source) + source = DataFlow::ExprFlowCached::asExprInternal(node) or // This case goes together with the similar (but not identical) rule in // `getNodeForSource`. From c3fdc83af67165a01ace101f576d692e2c689bfa Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 12:23:50 -0700 Subject: [PATCH 115/210] C++: Also add an out barrier on all sinks. --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 4 ++++ .../constant-size/ConstantSizeArrayOffByOne.expected | 11 ----------- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 82bdb8c5d42..88db396f2cf 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -97,6 +97,8 @@ module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { predicate isBarrierIn(DataFlow::Node node) { isSource(node) } + predicate isBarrierOut(DataFlow::Node node) { isSink(node) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } @@ -134,6 +136,8 @@ module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { predicate isBarrierIn(DataFlow::Node node) { isSource(node, _) } + predicate isBarrierOut(DataFlow::Node node) { isSink(node, _) } + predicate isAdditionalFlowStep( DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 ) { diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index 6ff343ea369..7d3df8cb7cb 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -6,12 +6,8 @@ edges | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | -| test.cpp:66:32:66:32 | p | test.cpp:66:32:66:32 | p | -| test.cpp:66:32:66:32 | p | test.cpp:67:5:67:6 | * ... | -| test.cpp:66:32:66:32 | p | test.cpp:67:6:67:6 | p | | test.cpp:70:33:70:33 | p | test.cpp:72:5:72:15 | access to array | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | | test.cpp:77:32:77:34 | buf | test.cpp:77:26:77:44 | & ... | | test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | | test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | @@ -31,10 +27,6 @@ nodes | test.cpp:61:9:61:19 | access to array | semmle.label | access to array | | test.cpp:61:14:61:16 | buf | semmle.label | buf | | test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:67:5:67:6 | * ... | semmle.label | * ... | -| test.cpp:67:6:67:6 | p | semmle.label | p | | test.cpp:70:33:70:33 | p | semmle.label | p | | test.cpp:72:5:72:15 | access to array | semmle.label | access to array | | test.cpp:77:26:77:44 | & ... | semmle.label | & ... | @@ -52,6 +44,3 @@ subpaths | test.cpp:61:9:61:19 | PointerAdd: access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | | test.cpp:72:5:72:15 | PointerAdd: access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | | test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | From 384ca0c31f9a8ae0c7d3d91afac8e242beffabdd Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 13:50:35 -0700 Subject: [PATCH 116/210] C++: Respond to review comments. --- .../lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index 12f91b6f2c0..eaac9437b77 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -1642,6 +1642,10 @@ predicate localInstructionFlow(Instruction e1, Instruction e2) { /** * INTERNAL: Do not use. + * + * Ideally this module would be private, but the `asExprInternal` predicate is + * needed in `DefaultTaintTrackingImpl`. Once `DefaultTaintTrackingImpl` is gone + * we can make this module private again. */ cached module ExprFlowCached { From e7f82a3571fc83017fe39d2c54600c8a7b6a6cd9 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 13:56:01 -0700 Subject: [PATCH 117/210] Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com> --- .../lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index eaac9437b77..9a3fd679f23 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -1645,7 +1645,7 @@ predicate localInstructionFlow(Instruction e1, Instruction e2) { * * Ideally this module would be private, but the `asExprInternal` predicate is * needed in `DefaultTaintTrackingImpl`. Once `DefaultTaintTrackingImpl` is gone - * we can make this module private again. + * we can make this module private. */ cached module ExprFlowCached { From 960e6521a40f2efa143117fc0e650be7ff0d1835 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 15:21:09 -0700 Subject: [PATCH 118/210] Revert "C++: Whitespace commit to make qhelp show up in diff." This reverts commit ec192d621c12577ae1b224f1a235e78b891d75a7. --- .../CWE/CWE-119/OverrunWriteProductFlow.qhelp | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp index 4da7e2a3c94..302340a3c2c 100644 --- a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp @@ -1,29 +1,29 @@ - - - -

    You must ensure that you do not exceed the size of an allocation during write and read operations. - If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. - Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. -

    + + + +

    You must ensure that you do not exceed the size of an allocation during write and read operations. +If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. +Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. +

    -     - -

    - Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. -

    + + +

    +Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. +

    -     - +     + - - + + -
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • -
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • +
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • +
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • -     - + + From 0d1d20c75b9c088fa5dea8d50565a2026485af2e Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 25 May 2023 15:50:29 -0700 Subject: [PATCH 119/210] C++: Change range-analysis test to not use 'getAst'. This was creating confusing test expectation annotations. --- .../ir/range-analysis/RangeAnalysis.ql | 9 +- .../SimpleRangeAnalysis_tests.cpp | 114 +++++++++--------- .../library-tests/ir/range-analysis/test.cpp | 12 +- 3 files changed, 64 insertions(+), 71 deletions(-) diff --git a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql index 84437827d0d..eadf0b90ef5 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql @@ -40,14 +40,7 @@ bindingset[delta] private string getBoundString(SemBound b, float delta) { b instanceof SemZeroBound and result = delta.toString() or - result = - strictconcat(b.(SemSsaBound) - .getAVariable() - .(SemanticExprConfig::SsaVariable) - .asInstruction() - .getAst() - .toString(), ":" - ) + getOffsetString(delta) + result = strictconcat(b.(SemSsaBound).getAVariable().toString(), ":") + getOffsetString(delta) } private string getARangeString(SemExpr e) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp index eed0a7d7e47..92e197115b7 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp @@ -8,7 +8,7 @@ int test1(struct List* p) { int count = 0; for (; p; p = p->next) { count = count+1; - range(count); // $ range===count:p+1 + range(count); // $ range="==Phi: p:Store: count+1" } range(count); return count; @@ -18,7 +18,7 @@ int test2(struct List* p) { int count = 0; for (; p; p = p->next) { count = (count+1) % 10; - range(count); // $ range=<=9 range=>=-9 range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Phi: p:Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -29,7 +29,7 @@ int test3(struct List* p) { for (; p; p = p->next) { range(count++); // $ range=>=-9 range=<=9 count = count % 10; - range(count); // $ range=<=9 range=>=-9 range="<=... +++0" range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Store: ... +++0" range="<=Phi: p:Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -42,11 +42,11 @@ int test4() { range(i); // $ range=<=1 range=>=0 range(total); total += i; - range(total); // $ range=<=i+1 range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -57,11 +57,11 @@ int test5() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -72,7 +72,7 @@ int test6() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } return total + i; } @@ -93,12 +93,12 @@ int test8(int x, int y) { if (-1000 < y && y < 10) { range(y); // $ range=<=9 range=>=-999 if (x < y-2) { - range(x); // $ range=<=6 range=<=y-3 - range(y); // $ range=<=9 range=>=-999 range=>=x+3 + range(x); // $ range=<=6 range="<=InitializeParameter: y:Store: y-3" + range(y); // $ range=<=9 range=>=-999 range=">=InitializeParameter: x:Store: x+3" return x; } - range(x); // $ range=>=-1001 range=>=y-2 - range(y); // $ range=<=9 range=<=x+2 range=>=-999 + range(x); // $ range=>=-1001 range=">=InitializeParameter: y:Store: y-2" + range(y); // $ range=<=9 range="<=InitializeParameter: x:Store: x+2" range=>=-999 } range(x); range(y); @@ -127,12 +127,12 @@ int test10(int x, int y) { if (y > 7) { range(y); // $ range=>=8 if (x < y) { - range(x); // $ range=<=y-1 - range(y); // $ range=>=8 range=>=x+1 + range(x); // $ range="<=InitializeParameter: y-1" + range(y); // $ range=>=8 range=">=InitializeParameter: x:Store: x+1" return 0; } - range(x); // $ range=>=8 range=>=y+0 - range(y); // $ range=<=x+0 range=>=8 + range(x); // $ range=>=8 range=">=InitializeParameter: y+0" + range(y); // $ range="<=InitializeParameter: x:Store: x+0" range=>=8 return x; } range(y); // $ range=<=7 @@ -145,7 +145,7 @@ int test11(char *p) { range(*p); if (c != '\0') { *p++ = '\0'; - range(p); // $ range===p+1 + range(p); // $ range="==InitializeParameter: p+1" range(*p); } if (c == ':') { @@ -155,7 +155,7 @@ int test11(char *p) { if (c != '\0') { range(c); *p++ = '\0'; - range(p); // $ range=<=p+2 range===c+1 range=>=p+1 + range(p); // $ range="<=InitializeParameter: p+2" range="==Phi: c+1" range=">=InitializeParameter: p+1" } if (c != ',') { return 1; @@ -193,7 +193,7 @@ int test13(char c, int i) { unsigned int y = x-1; // $ overflow=- range(y); // $ range===-1 overflow=- int z = i+1; // $ overflow=+ - range(z); // $ range===i+1 + range(z); // $ range="==InitializeParameter: i+1" range(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- MISSING: range=>=1 range((double)(c + i + uc + x + y + z)); // $ overflow=+ overflow=+- overflow=- MISSING: range=>=1 return (double)(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- @@ -245,7 +245,7 @@ int test_unary(int a) { range(c); // $ range=<=0 range=>=-11 range(b+c); // $ range=<=11 range=>=-11 MISSING:range=">=- ...+0" total += b+c; - range(total); // $ range=<=0+11 range=<=19 range=>=0-11 range=>=-19 + range(total); // $ range="<=Phi: 0+11" range=<=19 range=">=Phi: 0-11" range=>=-19 } if (-7 <= a && a <= 11) { range(a); // $ range=<=11 range=>=-7 @@ -255,7 +255,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-11 range(b+c); // $ range=<=18 range=>=-18 total += b+c; - range(total); // $ range="<=- ...+18" range=">=- ...-18" range=<=0+29 range=<=37 range=>=0-29 range=>=-37 + range(total); // $ range="<=Phi: - ...+18" range=">=Phi: - ...-18" range="<=Phi: 0+29" range=<=37 range=">=Phi: 0-29" range=>=-37 } if (-7 <= a && a <= 1) { range(a); // $ range=<=1 range=>=-7 @@ -265,7 +265,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-1 range(b+c); // $ range=<=8 range=>=-8 total += b+c; - range(total); // $ range="<=- ...+8" range="<=- ...+26" range=">=- ...-8" range=">=- ...-26" range=<=0+37 range=<=45 range=>=0-37 range=>=-45 + range(total); // $ range="<=Phi: - ...+8" range="<=Phi: - ...+26" range=">=Phi: - ...-8" range=">=Phi: - ...-26" range="<=Phi: 0+37" range=<=45 range=">=Phi: 0-37" range=>=-45 } if (-7 <= a && a <= 0) { range(a); // $ range=<=0 range=>=-7 @@ -275,7 +275,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=0 range(b+c); // $ range=>=-7 range=<=7 MISSING:range="<=- ...+0" total += b+c; - range(total); // $ range="<=- ...+7" range="<=- ...+15" range="<=- ...+33" range=">=- ...-7" range=">=- ...-15" range=">=- ...-33" range=<=0+44 range=<=52 range=>=0-44 range=>=-52 + range(total); // $ range="<=Phi: - ...+7" range="<=Phi: - ...+15" range="<=Phi: - ...+33" range=">=Phi: - ...-7" range=">=Phi: - ...-15" range=">=Phi: - ...-33" range="<=Phi: 0+44" range=<=52 Unexpected result: range=">=Phi: 0-44" range=>=-52 } if (-7 <= a && a <= -2) { range(a); // $ range=<=-2 range=>=-7 @@ -285,9 +285,9 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=2 range(b+c); // $ range=<=5 range=>=-5 total += b+c; - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 } - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 return total; } @@ -310,7 +310,7 @@ int test_mult01(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=<=3+253 range=<=506 range=>=0 range=>=3+0 + range(total); // $ range="<=Phi: 3+253" range=<=506 range=>=0 range=">=Phi: 3+0" } if (3 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -326,7 +326,7 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=3-143 + range(total); // $ range=">=Phi: 3-143" } if (3 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=3 @@ -334,9 +334,9 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. -21 range(r); // $ range=<=-21 range=>=-143 total += r; - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" } - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" return total; } @@ -358,7 +358,7 @@ int test_mult02(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=>=0 range=>=0+0 range=<=0+253 range=<=506 + range(total); // $ range=>=0 range=">=Phi: 0+0" range="<=Phi: 0+253" range=<=506 } if (0 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=0 @@ -374,7 +374,7 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 + range(total); // $ range=">=Phi: 0-143" } if (0 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=0 @@ -382,9 +382,9 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 range=>=0-286 + range(total); // $ range=">=Phi: 0-143" range=">=Phi: 0-286" } - range(total); // $range=>=0-143 range=>=0-286 + range(total); // $range=">=Phi: 0-143" range=">=Phi: 0-286" return total; } @@ -453,7 +453,7 @@ int test_mult04(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= 0 && -13 <= b && b <= 23) { range(a); // $ range=<=0 range=>=-17 @@ -469,7 +469,7 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= 0 && -13 <= b && b <= -7) { range(a); // $ range=<=0 range=>=-17 @@ -477,9 +477,9 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -501,7 +501,7 @@ int test_mult05(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= -2 && -13 <= b && b <= 23) { range(a); // $ range=<=-2 range=>=-17 @@ -517,7 +517,7 @@ int test_mult05(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= -2 && -13 <= b && b <= -7) { range(a); // $ range=<=-2 range=>=-17 @@ -525,9 +525,9 @@ int test_mult05(int a, int b) { int r = a*b; // 14 .. 221 range(r); // $ range=<=221 range=>=14 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -541,7 +541,7 @@ int test16(int x) { while (i < 3) { range(i); // $ range=<=2 range=>=0 i++; - range(i); // $ range=<=3 range=>=1 range="==... = ...:i+1" SPURIOUS:range="==... = ...:i+1" + range(i); // $ range=<=3 range=>=1 range="==Phi: i:Store: ... = ...+1" } range(d); d = i; @@ -640,14 +640,14 @@ unsigned int test_comma01(unsigned int x) { unsigned int y1; unsigned int y2; y1 = (++y, y); - range(y1); // $ range=<=101 range="==... ? ... : ...+1" + range(y1); // $ range=<=101 range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+1" y2 = (y++, - range(y), // $ range=<=102 range="==++ ...:... = ...+1" range="==... ? ... : ...+2" + range(y), // $ range=<=102 range="==Store: ++ ...:Store: ... = ...+1" range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+2" y += 3, - range(y), // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" + range(y), // $ range=<=105 range="==Store: ++ ...:Store: ... = ...+4" range="==Store: ... +++3" range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+5" y); - range(y2); // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" - range(y1 + y2); // $ range=<=206 range="<=... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" + range(y2); // $ range=<=105 range="==Store: ++ ...:Store: ... = ...+4" range="==Store: ... +++3" Unexpected result: range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+5" + range(y1 + y2); // $ range=<=206 range="<=Phi: ... ? ... : ...:Store: ... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" return y1 + y2; } @@ -672,7 +672,7 @@ void test17() { range(i); // $ range===50 i = 20 + (j -= 10); - range(i); // $ range="==... += ...:... = ...+10" range===60 + range(i); // $ range="==Store: ... += ...:Store: ... = ...+10" range===60 } // Tests for unsigned multiplication. @@ -693,7 +693,7 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 0 .. 253 range(r);// $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range=<=506 range="<=(unsigned int)...+253" + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range=<=506 range="<=Phi: (unsigned int)...+253" } if (3 <= a && a <= 11 && 13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -701,9 +701,9 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 39 .. 253 range(r); // $ range=>=39 range=<=253 total += r; - range(total); // $ range=>=39 range=<=759 range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+39" + range(total); // $ range=>=39 range=<=759 range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+39" } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -722,16 +722,16 @@ int test_unsigned_mult02(unsigned b) { int r = 11*b; // 0 .. 253 range(r); // $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range="<=(unsigned int)...+253" range=<=506 + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range="<=Phi: (unsigned int)...+253" range=<=506 } if (13 <= b && b <= 23) { range(b); // $ range=<=23 range=>=13 int r = 11*b; // 143 .. 253 range(r); // $ range=>=143 range=<=253 total += r; - range(total); // $ range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+143" range=>=143 range=<=759 + range(total); // $ range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+143" range=>=143 range=<=759 } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -851,7 +851,7 @@ int notequal_type_endpoint(unsigned n) { n--; // 1 .. } - range(n); // $ range=<=n+0 // 0 .. 0 + range(n); // $ range="<=InitializeParameter: n+0" // 0 .. 0 } void notequal_refinement(short n) { @@ -946,7 +946,7 @@ void widen_recursive_expr() { for (s = 0; s < 10; s++) { range(s); // $ range=<=9 range=>=0 int result = s + s; - range(result); // $ range=<=18 range=<=s+9 range=>=0 range=>=s+0 + range(result); // $ range=<=18 Unexpected result: range="<=Phi: s+9" range=>=0 Unexpected result: range=">=Phi: s+0" } } @@ -974,7 +974,7 @@ void test_mod_neg(int s) { void test_mod_ternary(int s, bool b) { int s2 = s % (b ? 5 : 500); - range(s2); // $ range=>=-499 range=<=499 range="<=... ? ... : ...-1" + range(s2); // $ range=>=-499 range=<=499 range="<=Phi: ... ? ... : ...-1" } void test_mod_ternary2(int s, bool b1, bool b2) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp index 10b4c1a9a22..5d816f3cda4 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp @@ -16,8 +16,8 @@ int sum = x + y; // $ overflow=+- } else { if (y > 300) { - range(x); // $ range=>=302 range=<=400 range=<=y+1 MISSING: range===y+1 - range(y); // $ range=>=301 range=<=399 range===x-1 + range(x); // $ range=>=302 range=<=400 range="<=InitializeParameter: y+1" MISSING: range===y+1 + range(y); // $ range=>=301 range=<=399 range="==InitializeParameter: x:Store: x-1" int sum = x + y; } } @@ -39,9 +39,9 @@ } if (y == x - 1 && y > 300 && y + 2 == z && z == 350) { // $ overflow=+ overflow=- - range(x); // $ range===349 range===y+1 range===z-1 - range(y); // $ range===348 range=>=x-1 range===z-2 MISSING: range===x-1 - range(z); // $ range===350 range=<=y+2 MISSING: range===x+1 range===y+2 + range(x); // $ range===349 range="==InitializeParameter: y+1" range="==InitializeParameter: z-1" + range(y); // $ range===348 range=">=InitializeParameter: x:Store: x-1" range="==InitializeParameter: z-2" MISSING: range===x-1 + range(z); // $ range===350 range="<=InitializeParameter: y+2" MISSING: range===x+1 range===y+2 return x + y + z; } } @@ -56,7 +56,7 @@ while (f3_get(n)) n+=2; for (int i = 0; i < n; i += 2) { - range(i); // $ range=>=0 SPURIOUS: range="<=call to f3_get-1" range="<=call to f3_get-2" + range(i); // $ range=>=0 SPURIOUS: range="<=Phi: call to f3_get-1" range="<=Phi: call to f3_get-2" } } From 4ab389bf1af93131b7e6dd9e3210444de50f5ba3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 26 May 2023 04:02:31 +0000 Subject: [PATCH 120/210] Bump regex from 1.8.2 to 1.8.3 in /ql Bumps [regex](https://github.com/rust-lang/regex) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/rust-lang/regex/releases) - [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md) - [Commits](https://github.com/rust-lang/regex/compare/1.8.2...1.8.3) --- updated-dependencies: - dependency-name: regex dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- ql/Cargo.lock | Bin 31708 -> 31708 bytes ql/buramu/Cargo.toml | 2 +- ql/extractor/Cargo.toml | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ql/Cargo.lock b/ql/Cargo.lock index 92a590787a3f772ef6e5e357797587f0c4a73faf..60a0ad5919a43dba84fa52a6aa9930bd588cf198 100644 GIT binary patch delta 87 zcmV~$I~9O13;@8_0SoLnXwpy8iJ=0}kk9Lcn@Yd{g6e~nyY+?jg_n9r6SnJQFo}(& nF@kzQuZnp%D@66kFfw^+hDgLFLxhST7m|urQ=7-VKdbW(#zh*h delta 86 zcmV~$+YNvq3;@6ocW{nEDbPO?7I1}@$3E&J8rQ)&{M5Vgn(>-5=51e>YK2&-rpB?h mh8Q?#w^&Fei6%mC3xH$ix(X0LV01ybcupMsaZU66 Date: Fri, 26 May 2023 08:20:58 +0200 Subject: [PATCH 121/210] Swift: simplify change note Co-authored-by: Mathias Vorreiter Pedersen --- .../2023-05-25-fix-ast-and-cfg-inconsistencies.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md index d7806a38360..208486b8f27 100644 --- a/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md +++ b/swift/ql/lib/change-notes/2023-05-25-fix-ast-and-cfg-inconsistencies.md @@ -2,13 +2,4 @@ category: fix --- -* Fixed some AST printing inconsistencies leading to a non-tree AST. In particular: - * `getOpaqueExpr()` is not considered a child of `OpenExistentialExpr` anymore, as it is - actually a reference to an expression nested within `getSubExpr()`; - * fixed some corner cases involving synthesized `PatternBindingDecl`s for variables wrapped with - property wrappers. -* Fixed some control flow graph inconsistencies leading to multiple successors and dead ends. - In particular: - * fixed the corner cases mentioned above for AST printing, which were a problem also for the - control graph; - * fixed an inconsistency caused by an unneeded special treatment of `TapExpr`. +* Fixed a number of inconsistencies in the abstract syntax tree (AST) and in the control-flow graph (CFG). This may lead to more results in queries that use these libraries, or libraries that depend on them (such as dataflow). From 74a585222cb287157232a743bcd01f47f1933fe8 Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Thu, 25 May 2023 15:52:56 +0200 Subject: [PATCH 122/210] C#: Extract source files generated by source generators --- .../Semmle.Extraction.CSharp/Extractor/Extractor.cs | 11 ++++++++++- csharp/tools/tracing-config.lua | 9 +++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs index ec4f44c21c7..79855875d02 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs @@ -381,8 +381,17 @@ namespace Semmle.Extraction.CSharp references => ResolveReferences(compilerArguments, analyser, canonicalPathCache, references), (analyser, syntaxTrees) => { + var paths = compilerArguments.SourceFiles + .Select(src => src.Path) + .ToList(); + + if (compilerArguments.GeneratedFilesOutputDirectory is not null) + { + paths.AddRange(Directory.GetFiles(compilerArguments.GeneratedFilesOutputDirectory, "*.cs", SearchOption.AllDirectories)); + } + return ReadSyntaxTrees( - compilerArguments.SourceFiles.Select(src => canonicalPathCache.GetCanonicalPath(src.Path)), + paths.Select(canonicalPathCache.GetCanonicalPath), analyser, compilerArguments.ParseOptions, compilerArguments.Encoding, diff --git a/csharp/tools/tracing-config.lua b/csharp/tools/tracing-config.lua index 2db04d83524..79b2ea2ca1c 100644 --- a/csharp/tools/tracing-config.lua +++ b/csharp/tools/tracing-config.lua @@ -63,7 +63,7 @@ function RegisterExtractorPack(id) end end if match then - local injections = { '-p:UseSharedCompilation=false' } + local injections = { '-p:UseSharedCompilation=false', '-p:EmitCompilerGeneratedFiles=true' } if dotnetRunNeedsSeparator then table.insert(injections, '--') end @@ -118,7 +118,8 @@ function RegisterExtractorPack(id) compilerArguments, nil, { '/p:UseSharedCompilation=false', - '/p:MvcBuildViews=true' + '/p:MvcBuildViews=true', + '/p:EmitCompilerGeneratedFiles=true', }) } @@ -154,7 +155,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { @@ -194,7 +195,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { From 918cfd6f44ca7f2b7931fbf6e6ebaff2096c41ab Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Fri, 26 May 2023 09:50:06 +0200 Subject: [PATCH 123/210] Add integration test --- .../all-platforms/cshtml/Files.expected | 6 ++++++ .../all-platforms/cshtml/Files.ql | 5 +++++ .../all-platforms/cshtml/Program.cs | 1 + .../all-platforms/cshtml/Views/Home/Index.cshtml | 8 ++++++++ .../all-platforms/cshtml/cshtml.csproj | 14 ++++++++++++++ .../integration-tests/all-platforms/cshtml/test.py | 3 +++ 6 files changed, 37 insertions(+) create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/Files.expected create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/Files.ql create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/Program.cs create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj create mode 100644 csharp/ql/integration-tests/all-platforms/cshtml/test.py diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected new file mode 100644 index 00000000000..86a8cd34b88 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected @@ -0,0 +1,6 @@ +| Program.cs:0:0:0:0 | Program.cs | +| obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs:0:0:0:0 | obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs | +| obj/Debug/net7.0/cshtml.AssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.AssemblyInfo.cs | +| obj/Debug/net7.0/cshtml.GlobalUsings.g.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.GlobalUsings.g.cs | +| obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs | +| obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs:0:0:0:0 | obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs | diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql new file mode 100644 index 00000000000..bea5557a25f --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql @@ -0,0 +1,5 @@ +import csharp + +from File f +where f.fromSource() +select f diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs new file mode 100644 index 00000000000..47eee48cc79 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs @@ -0,0 +1 @@ +var dummy = "dummy"; \ No newline at end of file diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml new file mode 100644 index 00000000000..52ffe012e42 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml @@ -0,0 +1,8 @@ +@{ + ViewData["Title"] = "Home Page"; +} + + diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj new file mode 100644 index 00000000000..01d15e87dc4 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj @@ -0,0 +1,14 @@ + + + + Exe + net7.0 + enable + enable + + + + + + + diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/test.py b/csharp/ql/integration-tests/all-platforms/cshtml/test.py new file mode 100644 index 00000000000..24cc83b4f2d --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/test.py @@ -0,0 +1,3 @@ +from create_database_utils import * + +run_codeql_database_create(['dotnet build'], lang="csharp", extra_args=["--extractor-option=cil=false"]) From 903fdb0cb80ea99c455cb55a4d13f49efeeb5362 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 26 May 2023 10:23:43 +0200 Subject: [PATCH 124/210] Java: Add models for the Play Framework --- .../2023-05-26-play-framework-models.md | 4 ++ java/ql/lib/ext/play.libs.ws.model.yml | 7 +++ java/ql/lib/ext/play.mvc.model.yml | 45 +++++++++++++++++-- .../dataflow/taintsources/PlayMvc.java | 25 +++++++++++ .../security/CWE-918/mad/Test.java | 12 +++++ .../test/query-tests/security/CWE-918/options | 2 +- .../play/libs/ws/StandaloneWSClient.java | 9 ++++ .../play/libs/ws/StandaloneWSRequest.java | 5 +++ .../play/libs/ws/WSClient.java | 9 ++++ .../play/libs/ws/WSRequest.java | 5 +++ 10 files changed, 118 insertions(+), 5 deletions(-) create mode 100644 java/ql/lib/change-notes/2023-05-26-play-framework-models.md create mode 100644 java/ql/lib/ext/play.libs.ws.model.yml create mode 100644 java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java create mode 100644 java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java create mode 100644 java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java create mode 100644 java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java create mode 100644 java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java diff --git a/java/ql/lib/change-notes/2023-05-26-play-framework-models.md b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md new file mode 100644 index 00000000000..69db10413eb --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added more dataflow models for the Play Framework. diff --git a/java/ql/lib/ext/play.libs.ws.model.yml b/java/ql/lib/ext/play.libs.ws.model.yml new file mode 100644 index 00000000000..ab905bc463a --- /dev/null +++ b/java/ql/lib/ext/play.libs.ws.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["play.libs.ws", "WSClient", True, "url", "", "", "Argument[0]", "open-url", "manual"] + - ["play.libs.ws", "StandaloneWSClient", True, "url", "", "", "Argument[0]", "open-url", "manual"] diff --git a/java/ql/lib/ext/play.mvc.model.yml b/java/ql/lib/ext/play.mvc.model.yml index a1f8dc60fe0..ba9a11c3f78 100644 --- a/java/ql/lib/ext/play.mvc.model.yml +++ b/java/ql/lib/ext/play.mvc.model.yml @@ -3,7 +3,44 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["play.mvc", "Http$RequestHeader", False, "getHeader", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "getQueryString", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "header", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$Request", True, "body", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookie", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookies", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "getHeader", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "getHeaders", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "getQueryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "header", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "headers", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "host", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "path", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "remoteAddress", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "uri", "", "", "ReturnValue", "remote", "manual"] + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["play.mvc", "Http$RequestBody", True, "as", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestBody", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asMultipartFormData", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asRaw", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asText", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asXml", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "parseJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFiles", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getContentType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getDispositionType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.4.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFilename", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getKey", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getRef", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RawBuffer", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RawBuffer", True, "asFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "name", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "value", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "getCookie", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x diff --git a/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java new file mode 100644 index 00000000000..55087a6596b --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java @@ -0,0 +1,25 @@ +import play.mvc.Http; + +public class PlayMvc { + + private Http.Request request; + private Http.RequestHeader header; + + private static void sink(Object o) {} + + public void test() throws Exception { + sink(request.body()); // $ hasRemoteValueFlow + sink(header.cookie(null)); // $ hasRemoteValueFlow + sink(header.cookies()); // $ hasRemoteValueFlow + sink(header.getHeader(null)); // $ hasRemoteValueFlow + sink(header.getHeaders()); // $ hasRemoteValueFlow + sink(header.getQueryString(null)); // $ hasRemoteValueFlow + sink(header.header(null)); // $ hasRemoteValueFlow + sink(header.headers()); // $ hasRemoteValueFlow + sink(header.host()); // $ hasRemoteValueFlow + sink(header.path()); // $ hasRemoteValueFlow + sink(header.queryString()); // $ hasRemoteValueFlow + sink(header.remoteAddress()); // $ hasRemoteValueFlow + sink(header.uri()); // $ hasRemoteValueFlow + } +} diff --git a/java/ql/test/query-tests/security/CWE-918/mad/Test.java b/java/ql/test/query-tests/security/CWE-918/mad/Test.java index 8666e821fd0..6c224b65d31 100644 --- a/java/ql/test/query-tests/security/CWE-918/mad/Test.java +++ b/java/ql/test/query-tests/security/CWE-918/mad/Test.java @@ -9,6 +9,8 @@ import javafx.scene.web.WebEngine; import org.apache.commons.jelly.JellyContext; import org.codehaus.cargo.container.installer.ZipURLInstaller; import org.kohsuke.stapler.HttpResponses; +import play.libs.ws.WSClient; +import play.libs.ws.StandaloneWSClient; public class Test { @@ -74,4 +76,14 @@ public class Test { r.staticResource((URL) source()); // $ SSRF } + public void test(WSClient c) { + // "play.libs.ws;WSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + + public void test(StandaloneWSClient c) { + // "play.libs.ws;StandaloneWSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + } diff --git a/java/ql/test/query-tests/security/CWE-918/options b/java/ql/test/query-tests/security/CWE-918/options index c8147ece2a9..82a3894bc18 100644 --- a/java/ql/test/query-tests/security/CWE-918/options +++ b/java/ql/test/query-tests/security/CWE-918/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5 +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5:${testdir}/../../../stubs/playframework-2.6.x diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java new file mode 100644 index 00000000000..5a75fc16132 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class StandaloneWSClient { + + public StandaloneWSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java new file mode 100644 index 00000000000..2266d2cc24a --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class StandaloneWSRequest { + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java new file mode 100644 index 00000000000..22b3546dddf --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class WSClient { + + public WSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java new file mode 100644 index 00000000000..8dbd4521b06 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class WSRequest { + +} From 1c7f6dc32ea43e2f7c66208e557280a698b04d85 Mon Sep 17 00:00:00 2001 From: Asger F Date: Fri, 26 May 2023 11:34:23 +0200 Subject: [PATCH 125/210] Ruby: add meta-query for calls to summarized callables --- .../queries/meta/SummarizedCallableCallSites.ql | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql diff --git a/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql b/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql new file mode 100644 index 00000000000..abfadea9107 --- /dev/null +++ b/ruby/ql/src/queries/meta/SummarizedCallableCallSites.ql @@ -0,0 +1,16 @@ +/** + * @name Summarized callable call sites + * @description A call site for which we have a summarized callable + * @kind problem + * @problem.severity recommendation + * @id rb/meta/summarized-callable-call-sites + * @tags meta + * @precision very-low + */ + +import codeql.ruby.AST +import codeql.ruby.dataflow.FlowSummary + +from Call invoke, SummarizedCallable f +where f.getACall() = invoke or f.getACallSimple() = invoke +select invoke, "Call to " + f From 75fd20b3b83bcbfa2c6e5c82be026f16b4fbfa19 Mon Sep 17 00:00:00 2001 From: Asger F Date: Fri, 26 May 2023 11:40:58 +0200 Subject: [PATCH 126/210] Python: add meta-query for calls to summarized callables --- .../SummarizedCallableCallSites.ql | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql diff --git a/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql b/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql new file mode 100644 index 00000000000..600d067da76 --- /dev/null +++ b/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql @@ -0,0 +1,24 @@ +/** + * @name Summarized callable call sites + * @description A call site for which we have a summarized callable + * @kind problem + * @problem.severity recommendation + * @id py/meta/summarized-callable-call-sites + * @tags meta + * @precision very-low + */ + +import python +import semmle.python.dataflow.new.DataFlow +import semmle.python.dataflow.new.FlowSummary +import meta.MetaMetrics + +from DataFlow::Node useSite, SummarizedCallable target, string kind +where + ( + useSite = target.getACall() and kind = "Call" + or + useSite = target.getACallback() and kind = "Callback" + ) and + not useSite.getLocation().getFile() instanceof IgnoredFile +select useSite, kind + " to " + target From 066554cee6e0a7437a5cc9701a5c23a89635af54 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:22:57 +0200 Subject: [PATCH 127/210] C#: Re-factor getComponent. --- .../code/csharp/dataflow/internal/FlowSummaryImpl.qll | 9 ++------- .../csharp/dataflow/internal/FlowSummaryImplSpecific.qll | 4 ++-- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll index b86601e6b54..97a27c65ef0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll @@ -198,8 +198,8 @@ string getComponentSpecific(SummaryComponent sc) { or exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + rk + "]" and - not rk instanceof NormalReturnKind + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk + "]" ) } From b7a8660375ccb246d9de751b9878ecf02fdd1de7 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:26:43 +0200 Subject: [PATCH 128/210] Java: Re-factor getComponent. --- .../code/java/dataflow/internal/FlowSummaryImpl.qll | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ From b79462733580dbf96c3501e867a19133d9fd900b Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:32:56 +0200 Subject: [PATCH 129/210] Go: Re-factor getComponent. --- .../lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll | 9 ++------- .../go/dataflow/internal/FlowSummaryImplSpecific.qll | 6 +++--- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll index acaa34f943e..7afdb314929 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll @@ -111,10 +111,10 @@ private string getContentSpecific(Content c) { string getComponentSpecific(SummaryComponent sc) { exists(Content c | sc = TContentSummaryComponent(c) and result = getContentSpecific(c)) or - exists(ReturnKind rk, int n | n = rk.getIndex() | + exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + n + "]" and - n != 0 + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk.getIndex() + "]" ) } From 811eee1f0d01ce91bec166e9f19fe02449e4a9ae Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:35:46 +0200 Subject: [PATCH 130/210] Python: Re-factor getComponent. --- .../python/dataflow/new/internal/FlowSummaryImpl.qll | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ From 58fcbc136cca0f5bf6fcf55fec86ea0460e6540e Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:40:18 +0200 Subject: [PATCH 131/210] Ruby: Re-factor getComponent. --- .../codeql/ruby/dataflow/internal/FlowSummaryImpl.qll | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ From 783d560e7dd3b76e54845608595b7e89a4dd1c32 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 23 May 2023 16:49:34 +0200 Subject: [PATCH 132/210] Swift: Re-factor getComponent. --- .../codeql/swift/dataflow/internal/FlowSummaryImpl.qll | 9 ++------- .../swift/dataflow/internal/FlowSummaryImplSpecific.qll | 4 ++-- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..ce63ac5ef90 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -166,15 +166,10 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and ( exists(ArgumentPosition pos | sc = TParameterSummaryComponent(pos) and @@ -185,9 +180,9 @@ module Public { sc = TArgumentSummaryComponent(pos) and result = "Argument[" + getParameterPosition(pos) + "]" ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll index e13636a911e..d5306461784 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll @@ -117,8 +117,8 @@ string getComponentSpecific(SummaryComponent sc) { or exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + rk + "]" and - not rk instanceof NormalReturnKind + not rk = getReturnValueKind() and + result = "ReturnValue" + "[" + rk + "]" ) } From 915042a8819fdf8b87d52655d02b611958ec964c Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 24 May 2023 11:23:42 +0200 Subject: [PATCH 133/210] Minor cleanup and sync files. --- .../dataflow/internal/FlowSummaryImpl.qll | 18 ++++++++---------- .../go/dataflow/internal/FlowSummaryImpl.qll | 18 ++++++++---------- .../java/dataflow/internal/FlowSummaryImpl.qll | 18 ++++++++---------- .../dataflow/new/internal/FlowSummaryImpl.qll | 18 ++++++++---------- .../ruby/dataflow/internal/FlowSummaryImpl.qll | 18 ++++++++---------- .../dataflow/internal/FlowSummaryImpl.qll | 18 ++++++++---------- 6 files changed, 48 insertions(+), 60 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index ce63ac5ef90..e6379f6a170 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -170,16 +170,14 @@ module Public { private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" + ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" ) or sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" From 8e16a0d144e6baca0876c1731a076bcd7a7ae52d Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 26 May 2023 12:43:58 +0200 Subject: [PATCH 134/210] Add tests and stubs for the summaries --- .../frameworks/play/mad/Test.java | 194 ++++++++++++++++++ .../frameworks/play/test.expected | 0 .../library-tests/frameworks/play/test.ql | 2 + .../play/api/mvc/Cookie.java | 131 ++++++++++++ .../playframework-2.6.x/play/mvc/Http.java | 86 ++++---- 5 files changed, 365 insertions(+), 48 deletions(-) create mode 100644 java/ql/test/library-tests/frameworks/play/mad/Test.java create mode 100644 java/ql/test/library-tests/frameworks/play/test.expected create mode 100644 java/ql/test/library-tests/frameworks/play/test.ql create mode 100644 java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java diff --git a/java/ql/test/library-tests/frameworks/play/mad/Test.java b/java/ql/test/library-tests/frameworks/play/mad/Test.java new file mode 100644 index 00000000000..cb7fb123a62 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/mad/Test.java @@ -0,0 +1,194 @@ +package generatedtest; + +import akka.util.ByteString; +import com.fasterxml.jackson.databind.JsonNode; +import java.io.File; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import org.w3c.dom.Document; +import play.mvc.Http; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + Object source() { + return null; + } + + void sink(Object o) {} + + public void test() throws Exception { + + { + // "play.mvc;Http$Cookie;true;name;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.name(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookie;true;value;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.value(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;get;;;Argument[this];ReturnValue;taint;manual" + Http.Cookie out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.get(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;getCookie;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.getCookie(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getContentType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getContentType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getDispositionType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getDispositionType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getFilename;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getFilename(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getKey;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getKey(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getRef;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getRef(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFile;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData.FilePart out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFile(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFiles;;;Argument[this];ReturnValue;taint;manual" + List out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFiles(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(0); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asFile;;;Argument[this];ReturnValue;taint;manual" + File out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asFile(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;as;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.as(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asJson;;;Argument[this];ReturnValue;taint;manual" + JsonNode out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asJson(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asMultipartFormData;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asMultipartFormData(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asRaw;;;Argument[this];ReturnValue;taint;manual" + Http.RawBuffer out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asRaw(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asText;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asText(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asXml;;;Argument[this];ReturnValue;taint;manual" + Document out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asXml(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;parseJson;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.parseJson(null); + sink(out); // $ hasTaintFlow + } + + } + +} diff --git a/java/ql/test/library-tests/frameworks/play/test.expected b/java/ql/test/library-tests/frameworks/play/test.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/java/ql/test/library-tests/frameworks/play/test.ql b/java/ql/test/library-tests/frameworks/play/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java new file mode 100644 index 00000000000..1b8377af641 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java @@ -0,0 +1,131 @@ +// Generated automatically from play.api.mvc.Cookie for testing purposes + +package play.api.mvc; + +import play.mvc.Http; + +public class Cookie { + protected Cookie() {} + + abstract static public class SameSite { + protected SameSite() {} + + public Http.Cookie.SameSite asJava() { + return null; + } + + public SameSite(String p0) {} + + public String value() { + return null; + } + + public boolean play$api$mvc$Cookie$SameSite$$matches(String p0) { + return false; + } + } + + public Http.Cookie asJava() { + return null; + } + + public Object productElement(int p0) { + return null; + } + + public String copy$default$1() { + return null; + } + + public String copy$default$2() { + return null; + } + + public String copy$default$4() { + return null; + } + + public String name() { + return null; + } + + public String path() { + return null; + } + + public String productPrefix() { + return null; + } + + public String toString() { + return null; + } + + public String value() { + return null; + } + + public boolean canEqual(Object p0) { + return false; + } + + public boolean copy$default$6() { + return false; + } + + public boolean copy$default$7() { + return false; + } + + public boolean equals(Object p0) { + return false; + } + + public boolean httpOnly() { + return false; + } + + public boolean secure() { + return false; + } + + public int hashCode() { + return 0; + } + + public int productArity() { + return 0; + } + + public static String $lessinit$greater$default$4() { + return null; + } + + public static String apply$default$4() { + return null; + } + + public static boolean $lessinit$greater$default$6() { + return false; + } + + public static boolean $lessinit$greater$default$7() { + return false; + } + + public static boolean apply$default$6() { + return false; + } + + public static boolean apply$default$7() { + return false; + } + + public static int DiscardedMaxAge() { + return 0; + } + + public static play.api.mvc.Cookie validatePrefix(play.api.mvc.Cookie p0) { + return null; + } +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java index 99e22cb5987..b4668362e6c 100644 --- a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java +++ b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java @@ -1,5 +1,6 @@ package play.mvc; +import akka.util.ByteString; import com.fasterxml.jackson.databind.JsonNode; import java.io.File; import java.net.URI; @@ -32,24 +33,12 @@ public class Http { public Context(Request request, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Map sessionData, - Map flashData, - Map args, + public Context(Long id, play.api.mvc.RequestHeader header, Request request, + Map sessionData, Map flashData, Map args, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Response response, - Session session, - Flash flash, - Map args, - JavaContextComponents components) {} + public Context(Long id, play.api.mvc.RequestHeader header, Request request, Response response, + Session session, Flash flash, Map args, JavaContextComponents components) {} public Long id() { return 0L; @@ -328,8 +317,8 @@ public class Http { return null; } - public RequestBuilder bodyMultipart( - List data, Files.TemporaryFileCreator temporaryFileCreator, String mat) { + public RequestBuilder bodyMultipart(List data, + Files.TemporaryFileCreator temporaryFileCreator, String mat) { return null; } @@ -536,6 +525,10 @@ public class Http { public abstract static class RawBuffer { + public abstract ByteString asBytes(); + + public abstract ByteString asBytes(int maxLength); + public abstract Long size(); public abstract File asFile(); @@ -559,7 +552,8 @@ public class Http { } } - public interface Part {} + public interface Part { + } public static class FilePart implements Part { @@ -577,9 +571,17 @@ public class Http { return ""; } + public String getDispositionType() { + return ""; + } + public A getFile() { return null; } + + public A getRef() { + return null; + } } public static class DataPart { @@ -608,6 +610,10 @@ public class Http { public RequestBody(Object body) {} + public ByteString asBytes() { + return null; + } + public MultipartFormData asMultipartFormData() { return null; } @@ -640,6 +646,10 @@ public class Http { return null; } + public Optional parseJson(Class clazz) { + return null; + } + public String toString() { return ""; } @@ -657,15 +667,8 @@ public class Http { public void setContentType(String contentType) {} @Deprecated - public void setCookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public void setCookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} public void setCookie(Cookie cookie) {} @@ -734,25 +737,12 @@ public class Http { public static class Cookie { - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} @Deprecated - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly) {} public static CookieBuilder builder(String name, String value) { return null; @@ -791,9 +781,7 @@ public class Http { } public enum SameSite { - STRICT("Strict"), - LAX("Lax"), - NONE("None"); + STRICT("Strict"), LAX("Lax"), NONE("None"); SameSite(String value) {} @@ -856,6 +844,8 @@ public class Http { public interface Cookies extends Iterable { Cookie get(String name); + + Optional getCookie(String name); } public interface HeaderNames { From 4dfc9b13cd2938219f913855158ae94faaadc75f Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 26 May 2023 12:44:53 +0200 Subject: [PATCH 135/210] Java: Fix performance issue in the stub generator --- java/ql/src/utils/stub-generator/Stubs.qll | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/java/ql/src/utils/stub-generator/Stubs.qll b/java/ql/src/utils/stub-generator/Stubs.qll index 785f621cba0..a42a806455e 100644 --- a/java/ql/src/utils/stub-generator/Stubs.qll +++ b/java/ql/src/utils/stub-generator/Stubs.qll @@ -285,14 +285,19 @@ private string stubQualifier(RefType t) { else result = "" } +pragma[nomagic] +private predicate needsPackageNameHelper(RefType t, GeneratedTopLevel top, string name) { + t.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and + name = t.getName() +} + /** * Holds if `t` may clash with another type of the same name, so should be referred to using the fully qualified name */ private predicate needsPackageName(RefType t) { - exists(GeneratedTopLevel top, RefType other | - t.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - other.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - t.getName() = other.getName() and + exists(GeneratedTopLevel top, RefType other, string name | + needsPackageNameHelper(t, top, name) and + needsPackageNameHelper(other, top, name) and t != other ) } From c5cee0d4199ceb8b02326805a7e5ee8be7bd4a85 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Fri, 26 May 2023 10:05:35 +0000 Subject: [PATCH 136/210] Swift: exclude targets ending in `Tests` or `Test` from autobuilding --- .../Foo.xcodeproj/project.pbxproj | 2062 +++++++++++++++++ .../contents.xcworkspacedata | 7 + .../commands.expected | 1 + swift/xcode-autobuilder/xcode-autobuilder.cpp | 20 +- 4 files changed, 2084 insertions(+), 6 deletions(-) create mode 100644 swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj create mode 100644 swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata create mode 100644 swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj new file mode 100644 index 00000000000..bb2ebc13d66 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.pbxproj @@ -0,0 +1,2062 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 52; + objects = { + +/* Begin PBXAggregateTarget section */ + "Foo::FooPackageTests::ProductTarget" /* FooPackageTests */ = { + isa = PBXAggregateTarget; + buildConfigurationList = OBJ_529 /* Build configuration list for PBXAggregateTarget "FooPackageTests" */; + buildPhases = ( + ); + dependencies = ( + OBJ_532 /* PBXTargetDependency */, + ); + name = FooPackageTests; + productName = FooPackageTests; + }; +/* End PBXAggregateTarget section */ + +/* Begin PBXBuildFile section */ + 8405567023527E280064EC7D /* ActionSheetItemCells.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */; }; + 8422CB60239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */; }; + 8422CB63239DAFBC00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */; }; + 8422CB66239DB70C00251D31 /* ActionSheetPresenterBaseTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */; }; + 8422CB68239DC27500251D31 /* NonDismissableMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */; }; + 8422CB6A239DC2C400251D31 /* BackgroundDismissableMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */; }; + 8422CB71239DC82C00251D31 /* ContextMenu+ConfigurationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */; }; + 8422CB72239DC85300251D31 /* ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */; }; + 8422CB73239DC85900251D31 /* ContextMenu+Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */; }; + 8422CB76239DCBFD00251D31 /* Menu+Deprecations.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */; }; + 8422CB7A239E1FB600251D31 /* DestructiveItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB78239E1E6800251D31 /* DestructiveItem.swift */; }; + 8422CB7D239E20E100251D31 /* DestructiveItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */; }; + 8422CB82239E21FF00251D31 /* DestructiveItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */; }; + 843C3B0F25271DE30055BFE6 /* DemoMultilineItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */; }; + 843C3B1925271FEC0055BFE6 /* DemoMultilineItemMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */; }; + 846703A1234A3C4500355331 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 8467039F234A3C4500355331 /* Main.storyboard */; }; + 846703A6234A3C4600355331 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 846703A4234A3C4600355331 /* LaunchScreen.storyboard */; }; + 846703E6234A3CF100355331 /* FoodOption+ActionSheetItems.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */; }; + 846703E7234A3CF100355331 /* FoodOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AD234A3CF000355331 /* FoodOption.swift */; }; + 846703E8234A3CF100355331 /* MenuOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AE234A3CF000355331 /* MenuOption.swift */; }; + 846703E9234A3CF100355331 /* AppearanceOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703AF234A3CF000355331 /* AppearanceOption.swift */; }; + 846703EA234A3CF100355331 /* ActionSheetOption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B0234A3CF000355331 /* ActionSheetOption.swift */; }; + 846703EC234A3CF100355331 /* ViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B3234A3CF000355331 /* ViewController.swift */; }; + 846703ED234A3CF100355331 /* ViewController+Appearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B4234A3CF000355331 /* ViewController+Appearance.swift */; }; + 846703EE234A3CF100355331 /* ViewController+Menus.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B5234A3CF000355331 /* ViewController+Menus.swift */; }; + 846703EF234A3CF100355331 /* ViewController+Alert.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B6234A3CF000355331 /* ViewController+Alert.swift */; }; + 846703F0234A3CF100355331 /* ViewController+ActionSheets.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */; }; + 846703F1234A3CF100355331 /* ViewController+TableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B8234A3CF000355331 /* ViewController+TableView.swift */; }; + 846703F2234A3CF100355331 /* ContextMenuViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703B9234A3CF000355331 /* ContextMenuViewController.swift */; }; + 846703F3234A3CF100355331 /* AppearanceViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BA234A3CF000355331 /* AppearanceViewController.swift */; }; + 846703F4234A3CF100355331 /* DemoCustomViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */; }; + 846703F5234A3CF100355331 /* DemoCollectionViewCell.xib in Resources */ = {isa = PBXBuildFile; fileRef = 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */; }; + 846703F6234A3CF100355331 /* DemoCustomViewCell.xib in Resources */ = {isa = PBXBuildFile; fileRef = 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */; }; + 846703F7234A3CF100355331 /* DemoCollectionViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */; }; + 846703F8234A3CF100355331 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C0234A3CF000355331 /* AppDelegate.swift */; }; + 846703F9234A3CF100355331 /* SceneDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C1234A3CF000355331 /* SceneDelegate.swift */; }; + 846703FA234A3CF100355331 /* DemoAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C3234A3CF000355331 /* DemoAppearance.swift */; }; + 846703FB234A3CF100355331 /* ColorAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C4234A3CF000355331 /* ColorAppearance.swift */; }; + 846703FC234A3CF100355331 /* DemoFonts.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C5234A3CF000355331 /* DemoFonts.swift */; }; + 846703FD234A3CF100355331 /* FoodActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C7234A3CF000355331 /* FoodActionSheet.swift */; }; + 846703FE234A3CF100355331 /* CollectionActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703C8234A3CF000355331 /* CollectionActionSheet.swift */; }; + 846703FF234A3CF100355331 /* title-image.png in Resources */ = {isa = PBXBuildFile; fileRef = 846703CB234A3CF100355331 /* title-image.png */; }; + 84670400234A3CF100355331 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 846703CC234A3CF100355331 /* Assets.xcassets */; }; + 84670401234A3CF100355331 /* Roboto-Medium.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703CF234A3CF100355331 /* Roboto-Medium.ttf */; }; + 84670402234A3CF100355331 /* Roboto-Light.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D0234A3CF100355331 /* Roboto-Light.ttf */; }; + 84670403234A3CF100355331 /* Roboto-Regular.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D1234A3CF100355331 /* Roboto-Regular.ttf */; }; + 84670404234A3CF100355331 /* Roboto-MediumItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */; }; + 84670405234A3CF100355331 /* Roboto-ThinItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */; }; + 84670406234A3CF100355331 /* Roboto-BoldItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */; }; + 84670407234A3CF100355331 /* Roboto-LightItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */; }; + 84670408234A3CF100355331 /* Roboto-Italic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D6234A3CF100355331 /* Roboto-Italic.ttf */; }; + 84670409234A3CF100355331 /* LICENSE.txt in Resources */ = {isa = PBXBuildFile; fileRef = 846703D7234A3CF100355331 /* LICENSE.txt */; }; + 8467040A234A3CF100355331 /* Roboto-BlackItalic.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */; }; + 8467040B234A3CF100355331 /* Roboto-Bold.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703D9234A3CF100355331 /* Roboto-Bold.ttf */; }; + 8467040C234A3CF100355331 /* Roboto-Thin.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703DA234A3CF100355331 /* Roboto-Thin.ttf */; }; + 8467040D234A3CF100355331 /* Roboto-Black.ttf in Resources */ = {isa = PBXBuildFile; fileRef = 846703DB234A3CF100355331 /* Roboto-Black.ttf */; }; + 8467040E234A3CF100355331 /* FoodMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DD234A3CF100355331 /* FoodMenu.swift */; }; + 8467040F234A3CF100355331 /* LinkMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DE234A3CF100355331 /* LinkMenu.swift */; }; + 84670410234A3CF100355331 /* SingleSelectMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703DF234A3CF100355331 /* SingleSelectMenu.swift */; }; + 84670411234A3CF100355331 /* DestructiveMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E0234A3CF100355331 /* DestructiveMenu.swift */; }; + 84670412234A3CF100355331 /* MultiSelectMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E1234A3CF100355331 /* MultiSelectMenu.swift */; }; + 84670413234A3CF100355331 /* ItemMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E2234A3CF100355331 /* ItemMenu.swift */; }; + 84670414234A3CF100355331 /* CustomMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E3234A3CF100355331 /* CustomMenu.swift */; }; + 84670415234A3CF100355331 /* SectionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E4234A3CF100355331 /* SectionMenu.swift */; }; + 84670416234A3CF100355331 /* CollectionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 846703E5234A3CF100355331 /* CollectionMenu.swift */; }; + 84670419234A3E9C00355331 /* Foo.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; }; + 8467041A234A3E9C00355331 /* Foo.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + 847E09ED239DA5E70058179D /* ActionSheetPresenterBase.swift in Sources */ = {isa = PBXBuildFile; fileRef = 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */; }; + 84A24ECB236C64F200DB060C /* SecondaryActionItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */; }; + 84A24ECE236C670D00DB060C /* SecondaryActionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */; }; + 84A24ED0236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */; }; + 84A24ED2236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */; }; + 84A24ED5236C6DCD00DB060C /* ActionSheetSecondaryActionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */; }; + 84A24ED9236C724100DB060C /* SecondaryActionItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */; }; + 84A24EDB236C72C900DB060C /* SecondaryActionMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */; }; + 84A24EDD236C84D900DB060C /* MenuCreator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84A24EDC236C84D900DB060C /* MenuCreator.swift */; }; + 84D3AF2E2434B1420007BE9B /* Quick in Frameworks */ = {isa = PBXBuildFile; productRef = 84D3AF2D2434B1420007BE9B /* Quick */; }; + 84D3AF312434B1510007BE9B /* Nimble in Frameworks */ = {isa = PBXBuildFile; productRef = 84D3AF302434B1510007BE9B /* Nimble */; }; + 84F64BA1239D8FEF000290D1 /* ActionSheet+Header.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */; }; + 84F64BA3239D9630000290D1 /* ActionSheet+Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */; }; + 84F64BA5239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */; }; + 84F64BA8239D9CD7000290D1 /* ActionSheet+Deprecations.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */; }; + A9FA9D3A26A17AC40047114E /* MockingKit in Frameworks */ = {isa = PBXBuildFile; productRef = A9FA9D3926A17AC40047114E /* MockingKit */; }; + OBJ_442 /* ActionSheet+Presenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_10 /* ActionSheet+Presenter.swift */; }; + OBJ_443 /* ActionSheet+Scroll.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_11 /* ActionSheet+Scroll.swift */; }; + OBJ_444 /* ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_12 /* ActionSheet.swift */; }; + OBJ_445 /* ActionSheetItemHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_13 /* ActionSheetItemHandler.swift */; }; + OBJ_446 /* ActionSheetMargin.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_14 /* ActionSheetMargin.swift */; }; + OBJ_447 /* ActionSheet+Appearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_16 /* ActionSheet+Appearance.swift */; }; + OBJ_448 /* ActionSheetAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_17 /* ActionSheetAppearance.swift */; }; + OBJ_449 /* ActionSheetColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_18 /* ActionSheetColor.swift */; }; + OBJ_450 /* UIColor+ActionSheetColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_19 /* UIColor+ActionSheetColor.swift */; }; + OBJ_451 /* UIEdgeInsets+Hidden.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_21 /* UIEdgeInsets+Hidden.swift */; }; + OBJ_452 /* UIView+Subviews.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_22 /* UIView+Subviews.swift */; }; + OBJ_453 /* UIViewController+RootViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_23 /* UIViewController+RootViewController.swift */; }; + OBJ_454 /* CancelButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_26 /* CancelButton+ActionSheet.swift */; }; + OBJ_455 /* DestructiveButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_27 /* DestructiveButton+ActionSheet.swift */; }; + OBJ_456 /* MenuButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_28 /* MenuButton+ActionSheet.swift */; }; + OBJ_457 /* OkButton+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_29 /* OkButton+ActionSheet.swift */; }; + OBJ_458 /* CollectionItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_31 /* CollectionItem+ActionSheet.swift */; }; + OBJ_459 /* CustomItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_32 /* CustomItem+ActionSheet.swift */; }; + OBJ_460 /* LinkItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_33 /* LinkItem+ActionSheet.swift */; }; + OBJ_461 /* MultiSelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_34 /* MultiSelectItem+ActionSheet.swift */; }; + OBJ_462 /* MultiSelectToggleItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */; }; + OBJ_463 /* SelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_36 /* SelectItem+ActionSheet.swift */; }; + OBJ_464 /* SingleSelectItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_37 /* SingleSelectItem+ActionSheet.swift */; }; + OBJ_465 /* Menu+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_38 /* Menu+ActionSheet.swift */; }; + OBJ_466 /* MenuItem+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_39 /* MenuItem+ActionSheet.swift */; }; + OBJ_467 /* MenuTitle+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_41 /* MenuTitle+ActionSheet.swift */; }; + OBJ_468 /* SectionMargin+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_42 /* SectionMargin+ActionSheet.swift */; }; + OBJ_469 /* SectionTitle+ActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_43 /* SectionTitle+ActionSheet.swift */; }; + OBJ_470 /* ActionSheetPopoverPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_45 /* ActionSheetPopoverPresenter.swift */; }; + OBJ_471 /* ActionSheetPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_46 /* ActionSheetPresenter.swift */; }; + OBJ_472 /* ActionSheetStandardPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_47 /* ActionSheetStandardPresenter.swift */; }; + OBJ_473 /* ActionSheetBackgroundView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_49 /* ActionSheetBackgroundView.swift */; }; + OBJ_474 /* ActionSheetButtonTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_50 /* ActionSheetButtonTableView.swift */; }; + OBJ_475 /* ActionSheetHeaderContainerView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_51 /* ActionSheetHeaderContainerView.swift */; }; + OBJ_476 /* ActionSheetItemTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_52 /* ActionSheetItemTableView.swift */; }; + OBJ_477 /* ActionSheetStackView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_53 /* ActionSheetStackView.swift */; }; + OBJ_478 /* ActionSheetTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_54 /* ActionSheetTableView.swift */; }; + OBJ_480 /* ActionSheetItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_57 /* ActionSheetItemCell.swift */; }; + OBJ_484 /* ActionSheetCollectionItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_63 /* ActionSheetCollectionItemCell.swift */; }; + OBJ_485 /* ActionSheetCollectionItemCellHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */; }; + OBJ_486 /* ActionSheetLinkItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_65 /* ActionSheetLinkItemCell.swift */; }; + OBJ_488 /* ActionSheetMultiSelectToggleItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */; }; + OBJ_489 /* ActionSheetSelectItemCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_68 /* ActionSheetSelectItemCell.swift */; }; + OBJ_494 /* AlertControllerConversionError.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_75 /* AlertControllerConversionError.swift */; }; + OBJ_495 /* Menu+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_76 /* Menu+AlertController.swift */; }; + OBJ_496 /* MenuItem+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_77 /* MenuItem+AlertController.swift */; }; + OBJ_497 /* UIViewController+AlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_78 /* UIViewController+AlertController.swift */; }; + OBJ_498 /* ContextMenuConversionError.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_80 /* ContextMenuConversionError.swift */; }; + OBJ_499 /* ContextMenuDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_81 /* ContextMenuDelegate.swift */; }; + OBJ_500 /* ContextMenuDelegateRetainer.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_82 /* ContextMenuDelegateRetainer.swift */; }; + OBJ_501 /* MenuCreator+ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_83 /* MenuCreator+ContextMenu.swift */; }; + OBJ_502 /* MenuItem+ContextMenu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_84 /* MenuItem+ContextMenu.swift */; }; + OBJ_503 /* NSObject+ClassName.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_86 /* NSObject+ClassName.swift */; }; + OBJ_504 /* CancelButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_89 /* CancelButton.swift */; }; + OBJ_505 /* DestructiveButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_90 /* DestructiveButton.swift */; }; + OBJ_506 /* MenuButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_91 /* MenuButton.swift */; }; + OBJ_507 /* OkButton.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_92 /* OkButton.swift */; }; + OBJ_508 /* CollectionItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_94 /* CollectionItem.swift */; }; + OBJ_509 /* CustomItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_95 /* CustomItem.swift */; }; + OBJ_510 /* LinkItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_96 /* LinkItem.swift */; }; + OBJ_511 /* MultiSelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_97 /* MultiSelectItem.swift */; }; + OBJ_512 /* MultiSelectToggleItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_98 /* MultiSelectToggleItem.swift */; }; + OBJ_513 /* SelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_99 /* SelectItem.swift */; }; + OBJ_514 /* SingleSelectItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_100 /* SingleSelectItem.swift */; }; + OBJ_515 /* Menu.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_101 /* Menu.swift */; }; + OBJ_517 /* MenuItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_103 /* MenuItem.swift */; }; + OBJ_518 /* MenuTitle.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_105 /* MenuTitle.swift */; }; + OBJ_519 /* SectionMagin.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_106 /* SectionMagin.swift */; }; + OBJ_520 /* SectionTitle.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_107 /* SectionTitle.swift */; }; + OBJ_527 /* Package.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_6 /* Package.swift */; }; + OBJ_538 /* ActionSheet+PresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_111 /* ActionSheet+PresenterTests.swift */; }; + OBJ_539 /* ActionSheetItemHandlerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_112 /* ActionSheetItemHandlerTests.swift */; }; + OBJ_540 /* ActionSheetMarginTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_113 /* ActionSheetMarginTests.swift */; }; + OBJ_541 /* ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_114 /* ActionSheetTests.swift */; }; + OBJ_542 /* ActionSheet+AppearanceTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_116 /* ActionSheet+AppearanceTests.swift */; }; + OBJ_543 /* ActionSheetAppearanceTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_117 /* ActionSheetAppearanceTests.swift */; }; + OBJ_544 /* ActionSheetColorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_118 /* ActionSheetColorTests.swift */; }; + OBJ_545 /* UIColor+ActionSheetColorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_119 /* UIColor+ActionSheetColorTests.swift */; }; + OBJ_546 /* UIEdgeInsets+HiddenTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_121 /* UIEdgeInsets+HiddenTests.swift */; }; + OBJ_547 /* UIView+SubviewsTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_122 /* UIView+SubviewsTests.swift */; }; + OBJ_548 /* UIViewController+RootViewControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_123 /* UIViewController+RootViewControllerTests.swift */; }; + OBJ_549 /* CancelButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_126 /* CancelButton+ActionSheetTests.swift */; }; + OBJ_550 /* DestructiveButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_127 /* DestructiveButton+ActionSheetTests.swift */; }; + OBJ_551 /* MenuButtonTests+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */; }; + OBJ_552 /* OkButton+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_129 /* OkButton+ActionSheetTests.swift */; }; + OBJ_553 /* CollectionItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_131 /* CollectionItem+ActionSheetTests.swift */; }; + OBJ_554 /* CustomItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_132 /* CustomItem+ActionSheetTests.swift */; }; + OBJ_555 /* LinkItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_133 /* LinkItem+ActionSheetTests.swift */; }; + OBJ_556 /* MultiSelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */; }; + OBJ_557 /* MultiSelectToggleItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */; }; + OBJ_558 /* SelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_136 /* SelectItem+ActionSheetTests.swift */; }; + OBJ_559 /* SingleSelectItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */; }; + OBJ_560 /* MenuItem+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_138 /* MenuItem+ActionSheetTests.swift */; }; + OBJ_561 /* MenuTitle+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_140 /* MenuTitle+ActionSheetTests.swift */; }; + OBJ_562 /* SectionMargin+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_141 /* SectionMargin+ActionSheetTests.swift */; }; + OBJ_563 /* SectionTitle+ActionSheetTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_142 /* SectionTitle+ActionSheetTests.swift */; }; + OBJ_564 /* MockActionSheet.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_144 /* MockActionSheet.swift */; }; + OBJ_565 /* MockActionSheetAppearance.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_145 /* MockActionSheetAppearance.swift */; }; + OBJ_566 /* MockActionSheetPresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_146 /* MockActionSheetPresenter.swift */; }; + OBJ_567 /* MockNotificationCenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_147 /* MockNotificationCenter.swift */; }; + OBJ_568 /* MockTableView.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_148 /* MockTableView.swift */; }; + OBJ_569 /* MockViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_149 /* MockViewController.swift */; }; + OBJ_570 /* ActionSheetPopoverPresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_151 /* ActionSheetPopoverPresenterTests.swift */; }; + OBJ_571 /* ActionSheetStandardPresenterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_152 /* ActionSheetStandardPresenterTests.swift */; }; + OBJ_572 /* ActionSheetBackgroundViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_154 /* ActionSheetBackgroundViewTests.swift */; }; + OBJ_573 /* ActionSheetHeaderContainerViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */; }; + OBJ_574 /* ActionSheetStackViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_156 /* ActionSheetStackViewTests.swift */; }; + OBJ_575 /* ActionSheetTableViewTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_157 /* ActionSheetTableViewTests.swift */; }; + OBJ_577 /* ActionSheetItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_160 /* ActionSheetItemCellTests.swift */; }; + OBJ_578 /* ActionSheetLinkItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_162 /* ActionSheetLinkItemCellTests.swift */; }; + OBJ_579 /* ActionSheetSelectItemCellTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_163 /* ActionSheetSelectItemCellTests.swift */; }; + OBJ_580 /* Menu+AlertControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_165 /* Menu+AlertControllerTests.swift */; }; + OBJ_581 /* MenuItem+AlertControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_166 /* MenuItem+AlertControllerTests.swift */; }; + OBJ_582 /* ContextMenuDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_168 /* ContextMenuDelegateTests.swift */; }; + OBJ_583 /* Menu+ContextMenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_169 /* Menu+ContextMenuTests.swift */; }; + OBJ_584 /* MenuItem+ContextMenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_170 /* MenuItem+ContextMenuTests.swift */; }; + OBJ_586 /* NSObject+ClassNameTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_173 /* NSObject+ClassNameTests.swift */; }; + OBJ_587 /* CancelButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_176 /* CancelButtonTests.swift */; }; + OBJ_588 /* DestructiveButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_177 /* DestructiveButtonTests.swift */; }; + OBJ_589 /* MenuButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_178 /* MenuButtonTests.swift */; }; + OBJ_590 /* OkButtonTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_179 /* OkButtonTests.swift */; }; + OBJ_591 /* CollectionItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_181 /* CollectionItemTests.swift */; }; + OBJ_592 /* CustomItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_182 /* CustomItemTests.swift */; }; + OBJ_593 /* LinkItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_183 /* LinkItemTests.swift */; }; + OBJ_594 /* MultiSelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_184 /* MultiSelectItemTests.swift */; }; + OBJ_595 /* MultiSelectToggleItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_185 /* MultiSelectToggleItemTests.swift */; }; + OBJ_596 /* SelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_186 /* SelectItemTests.swift */; }; + OBJ_597 /* SingleSelectItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_187 /* SingleSelectItemTests.swift */; }; + OBJ_599 /* MenuItemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_189 /* MenuItemTests.swift */; }; + OBJ_600 /* MenuTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_190 /* MenuTests.swift */; }; + OBJ_601 /* MockMenuItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_192 /* MockMenuItem.swift */; }; + OBJ_602 /* MenuTitleTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_194 /* MenuTitleTests.swift */; }; + OBJ_603 /* SectionMarginTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_195 /* SectionMarginTests.swift */; }; + OBJ_604 /* SectionTitleTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = OBJ_196 /* SectionTitleTests.swift */; }; + OBJ_611 /* Foo.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = "Foo::Foo::Product" /* Foo.framework */; }; +/* End PBXBuildFile section */ + +/* Begin PBXContainerItemProxy section */ + 8467041B234A3E9C00355331 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::Foo"; + remoteInfo = Foo; + }; + 84BDF8AF2347D41300D35F93 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::Foo"; + remoteInfo = Foo; + }; + 84BDF8B02347D41500D35F93 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = OBJ_1 /* Project object */; + proxyType = 1; + remoteGlobalIDString = "Foo::FooTests"; + remoteInfo = FooTests; + }; +/* End PBXContainerItemProxy section */ + +/* Begin PBXCopyFilesBuildPhase section */ + 8467041D234A3E9C00355331 /* Embed Frameworks */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = ""; + dstSubfolderSpec = 10; + files = ( + 8467041A234A3E9C00355331 /* Foo.framework in Embed Frameworks */, + ); + name = "Embed Frameworks"; + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXCopyFilesBuildPhase section */ + +/* Begin PBXFileReference section */ + 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCells.swift; sourceTree = ""; }; + 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheetPopoverPresenter+PresentationDelegate.swift"; sourceTree = ""; }; + 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheetPopoverPresenter+PresentationDelegateTests.swift"; sourceTree = ""; }; + 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenterBaseTests.swift; sourceTree = ""; }; + 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NonDismissableMenu.swift; sourceTree = ""; }; + 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BackgroundDismissableMenu.swift; sourceTree = ""; }; + 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ContextMenu+Configuration.swift"; sourceTree = ""; }; + 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenu.swift; sourceTree = ""; }; + 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ContextMenu+ConfigurationTests.swift"; sourceTree = ""; }; + 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+Deprecations.swift"; sourceTree = ""; }; + 8422CB78239E1E6800251D31 /* DestructiveItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveItem.swift; sourceTree = ""; }; + 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveItem+ActionSheet.swift"; sourceTree = ""; }; + 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveItem+ActionSheetTests.swift"; sourceTree = ""; }; + 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DemoMultilineItem.swift; sourceTree = ""; }; + 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DemoMultilineItemMenu.swift; sourceTree = ""; }; + 84670397234A3C4500355331 /* FooDemo.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = FooDemo.app; sourceTree = BUILT_PRODUCTS_DIR; }; + 846703A0234A3C4500355331 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = ""; }; + 846703A5234A3C4600355331 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; + 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "FoodOption+ActionSheetItems.swift"; sourceTree = ""; }; + 846703AD234A3CF000355331 /* FoodOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodOption.swift; sourceTree = ""; }; + 846703AE234A3CF000355331 /* MenuOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MenuOption.swift; sourceTree = ""; }; + 846703AF234A3CF000355331 /* AppearanceOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppearanceOption.swift; sourceTree = ""; }; + 846703B0234A3CF000355331 /* ActionSheetOption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ActionSheetOption.swift; sourceTree = ""; }; + 846703B1234A3CF000355331 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; + 846703B3234A3CF000355331 /* ViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ViewController.swift; sourceTree = ""; }; + 846703B4234A3CF000355331 /* ViewController+Appearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Appearance.swift"; sourceTree = ""; }; + 846703B5234A3CF000355331 /* ViewController+Menus.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Menus.swift"; sourceTree = ""; }; + 846703B6234A3CF000355331 /* ViewController+Alert.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+Alert.swift"; sourceTree = ""; }; + 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+ActionSheets.swift"; sourceTree = ""; }; + 846703B8234A3CF000355331 /* ViewController+TableView.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "ViewController+TableView.swift"; sourceTree = ""; }; + 846703B9234A3CF000355331 /* ContextMenuViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ContextMenuViewController.swift; sourceTree = ""; }; + 846703BA234A3CF000355331 /* AppearanceViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppearanceViewController.swift; sourceTree = ""; }; + 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoCustomViewCell.swift; sourceTree = ""; }; + 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = DemoCollectionViewCell.xib; sourceTree = ""; }; + 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = DemoCustomViewCell.xib; sourceTree = ""; }; + 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoCollectionViewCell.swift; sourceTree = ""; }; + 846703C0234A3CF000355331 /* AppDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; + 846703C1234A3CF000355331 /* SceneDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SceneDelegate.swift; sourceTree = ""; }; + 846703C3234A3CF000355331 /* DemoAppearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoAppearance.swift; sourceTree = ""; }; + 846703C4234A3CF000355331 /* ColorAppearance.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ColorAppearance.swift; sourceTree = ""; }; + 846703C5234A3CF000355331 /* DemoFonts.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DemoFonts.swift; sourceTree = ""; }; + 846703C7234A3CF000355331 /* FoodActionSheet.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodActionSheet.swift; sourceTree = ""; }; + 846703C8234A3CF000355331 /* CollectionActionSheet.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CollectionActionSheet.swift; sourceTree = ""; }; + 846703CB234A3CF100355331 /* title-image.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "title-image.png"; sourceTree = ""; }; + 846703CC234A3CF100355331 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; + 846703CF234A3CF100355331 /* Roboto-Medium.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Medium.ttf"; sourceTree = ""; }; + 846703D0234A3CF100355331 /* Roboto-Light.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Light.ttf"; sourceTree = ""; }; + 846703D1234A3CF100355331 /* Roboto-Regular.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Regular.ttf"; sourceTree = ""; }; + 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-MediumItalic.ttf"; sourceTree = ""; }; + 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-ThinItalic.ttf"; sourceTree = ""; }; + 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-BoldItalic.ttf"; sourceTree = ""; }; + 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-LightItalic.ttf"; sourceTree = ""; }; + 846703D6234A3CF100355331 /* Roboto-Italic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Italic.ttf"; sourceTree = ""; }; + 846703D7234A3CF100355331 /* LICENSE.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = LICENSE.txt; sourceTree = ""; }; + 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-BlackItalic.ttf"; sourceTree = ""; }; + 846703D9234A3CF100355331 /* Roboto-Bold.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Bold.ttf"; sourceTree = ""; }; + 846703DA234A3CF100355331 /* Roboto-Thin.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Thin.ttf"; sourceTree = ""; }; + 846703DB234A3CF100355331 /* Roboto-Black.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Roboto-Black.ttf"; sourceTree = ""; }; + 846703DD234A3CF100355331 /* FoodMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FoodMenu.swift; sourceTree = ""; }; + 846703DE234A3CF100355331 /* LinkMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = LinkMenu.swift; sourceTree = ""; }; + 846703DF234A3CF100355331 /* SingleSelectMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SingleSelectMenu.swift; sourceTree = ""; }; + 846703E0234A3CF100355331 /* DestructiveMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DestructiveMenu.swift; sourceTree = ""; }; + 846703E1234A3CF100355331 /* MultiSelectMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MultiSelectMenu.swift; sourceTree = ""; }; + 846703E2234A3CF100355331 /* ItemMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ItemMenu.swift; sourceTree = ""; }; + 846703E3234A3CF100355331 /* CustomMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CustomMenu.swift; sourceTree = ""; }; + 846703E4234A3CF100355331 /* SectionMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SectionMenu.swift; sourceTree = ""; }; + 846703E5234A3CF100355331 /* CollectionMenu.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CollectionMenu.swift; sourceTree = ""; }; + 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenterBase.swift; sourceTree = ""; }; + 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionItem.swift; sourceTree = ""; }; + 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionItemTests.swift; sourceTree = ""; }; + 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SecondaryActionItem+ActionSheet.swift"; sourceTree = ""; }; + 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSecondaryActionItemCell.swift; sourceTree = ""; }; + 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSecondaryActionItemTests.swift; sourceTree = ""; }; + 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SecondaryActionItem+ActionSheetTests.swift"; sourceTree = ""; }; + 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecondaryActionMenu.swift; sourceTree = ""; }; + 84A24EDC236C84D900DB060C /* MenuCreator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuCreator.swift; sourceTree = ""; }; + 84BDF8B22347D43F00D35F93 /* .swiftlint.yml */ = {isa = PBXFileReference; lastKnownFileType = text.yaml; path = .swiftlint.yml; sourceTree = ""; }; + 84BDF8B32347D43F00D35F93 /* .gitignore */ = {isa = PBXFileReference; lastKnownFileType = text; path = .gitignore; sourceTree = ""; }; + 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Header.swift"; sourceTree = ""; }; + 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Configuration.swift"; sourceTree = ""; }; + 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+ConfigurationTests.swift"; sourceTree = ""; }; + 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Deprecations.swift"; sourceTree = ""; }; + A963E2AF24A9D22900665C6B /* Package.resolved */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = Package.resolved; sourceTree = ""; }; + OBJ_10 /* ActionSheet+Presenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Presenter.swift"; sourceTree = ""; }; + OBJ_100 /* SingleSelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SingleSelectItem.swift; sourceTree = ""; }; + OBJ_101 /* Menu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Menu.swift; sourceTree = ""; }; + OBJ_103 /* MenuItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuItem.swift; sourceTree = ""; }; + OBJ_105 /* MenuTitle.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTitle.swift; sourceTree = ""; }; + OBJ_106 /* SectionMagin.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionMagin.swift; sourceTree = ""; }; + OBJ_107 /* SectionTitle.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionTitle.swift; sourceTree = ""; }; + OBJ_11 /* ActionSheet+Scroll.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Scroll.swift"; sourceTree = ""; }; + OBJ_111 /* ActionSheet+PresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+PresenterTests.swift"; sourceTree = ""; }; + OBJ_112 /* ActionSheetItemHandlerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemHandlerTests.swift; sourceTree = ""; }; + OBJ_113 /* ActionSheetMarginTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMarginTests.swift; sourceTree = ""; }; + OBJ_114 /* ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTests.swift; sourceTree = ""; }; + OBJ_116 /* ActionSheet+AppearanceTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+AppearanceTests.swift"; sourceTree = ""; }; + OBJ_117 /* ActionSheetAppearanceTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetAppearanceTests.swift; sourceTree = ""; }; + OBJ_118 /* ActionSheetColorTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetColorTests.swift; sourceTree = ""; }; + OBJ_119 /* UIColor+ActionSheetColorTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIColor+ActionSheetColorTests.swift"; sourceTree = ""; }; + OBJ_12 /* ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheet.swift; sourceTree = ""; }; + OBJ_121 /* UIEdgeInsets+HiddenTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIEdgeInsets+HiddenTests.swift"; sourceTree = ""; }; + OBJ_122 /* UIView+SubviewsTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIView+SubviewsTests.swift"; sourceTree = ""; }; + OBJ_123 /* UIViewController+RootViewControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+RootViewControllerTests.swift"; sourceTree = ""; }; + OBJ_126 /* CancelButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CancelButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_127 /* DestructiveButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuButtonTests+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_129 /* OkButton+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "OkButton+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_13 /* ActionSheetItemHandler.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemHandler.swift; sourceTree = ""; }; + OBJ_131 /* CollectionItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CollectionItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_132 /* CustomItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CustomItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_133 /* LinkItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "LinkItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectToggleItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_136 /* SelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SingleSelectItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_138 /* MenuItem+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_14 /* ActionSheetMargin.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMargin.swift; sourceTree = ""; }; + OBJ_140 /* MenuTitle+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuTitle+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_141 /* SectionMargin+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionMargin+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_142 /* SectionTitle+ActionSheetTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionTitle+ActionSheetTests.swift"; sourceTree = ""; }; + OBJ_144 /* MockActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheet.swift; sourceTree = ""; }; + OBJ_145 /* MockActionSheetAppearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheetAppearance.swift; sourceTree = ""; }; + OBJ_146 /* MockActionSheetPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockActionSheetPresenter.swift; sourceTree = ""; }; + OBJ_147 /* MockNotificationCenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockNotificationCenter.swift; sourceTree = ""; }; + OBJ_148 /* MockTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockTableView.swift; sourceTree = ""; }; + OBJ_149 /* MockViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockViewController.swift; sourceTree = ""; }; + OBJ_151 /* ActionSheetPopoverPresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPopoverPresenterTests.swift; sourceTree = ""; }; + OBJ_152 /* ActionSheetStandardPresenterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStandardPresenterTests.swift; sourceTree = ""; }; + OBJ_154 /* ActionSheetBackgroundViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetBackgroundViewTests.swift; sourceTree = ""; }; + OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetHeaderContainerViewTests.swift; sourceTree = ""; }; + OBJ_156 /* ActionSheetStackViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStackViewTests.swift; sourceTree = ""; }; + OBJ_157 /* ActionSheetTableViewTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTableViewTests.swift; sourceTree = ""; }; + OBJ_16 /* ActionSheet+Appearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "ActionSheet+Appearance.swift"; sourceTree = ""; }; + OBJ_160 /* ActionSheetItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCellTests.swift; sourceTree = ""; }; + OBJ_162 /* ActionSheetLinkItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetLinkItemCellTests.swift; sourceTree = ""; }; + OBJ_163 /* ActionSheetSelectItemCellTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSelectItemCellTests.swift; sourceTree = ""; }; + OBJ_165 /* Menu+AlertControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+AlertControllerTests.swift"; sourceTree = ""; }; + OBJ_166 /* MenuItem+AlertControllerTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+AlertControllerTests.swift"; sourceTree = ""; }; + OBJ_168 /* ContextMenuDelegateTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegateTests.swift; sourceTree = ""; }; + OBJ_169 /* Menu+ContextMenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+ContextMenuTests.swift"; sourceTree = ""; }; + OBJ_17 /* ActionSheetAppearance.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetAppearance.swift; sourceTree = ""; }; + OBJ_170 /* MenuItem+ContextMenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ContextMenuTests.swift"; sourceTree = ""; }; + OBJ_173 /* NSObject+ClassNameTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSObject+ClassNameTests.swift"; sourceTree = ""; }; + OBJ_176 /* CancelButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CancelButtonTests.swift; sourceTree = ""; }; + OBJ_177 /* DestructiveButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveButtonTests.swift; sourceTree = ""; }; + OBJ_178 /* MenuButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuButtonTests.swift; sourceTree = ""; }; + OBJ_179 /* OkButtonTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OkButtonTests.swift; sourceTree = ""; }; + OBJ_18 /* ActionSheetColor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetColor.swift; sourceTree = ""; }; + OBJ_181 /* CollectionItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CollectionItemTests.swift; sourceTree = ""; }; + OBJ_182 /* CustomItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomItemTests.swift; sourceTree = ""; }; + OBJ_183 /* LinkItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LinkItemTests.swift; sourceTree = ""; }; + OBJ_184 /* MultiSelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectItemTests.swift; sourceTree = ""; }; + OBJ_185 /* MultiSelectToggleItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectToggleItemTests.swift; sourceTree = ""; }; + OBJ_186 /* SelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SelectItemTests.swift; sourceTree = ""; }; + OBJ_187 /* SingleSelectItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SingleSelectItemTests.swift; sourceTree = ""; }; + OBJ_189 /* MenuItemTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuItemTests.swift; sourceTree = ""; }; + OBJ_19 /* UIColor+ActionSheetColor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIColor+ActionSheetColor.swift"; sourceTree = ""; }; + OBJ_190 /* MenuTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTests.swift; sourceTree = ""; }; + OBJ_192 /* MockMenuItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockMenuItem.swift; sourceTree = ""; }; + OBJ_194 /* MenuTitleTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuTitleTests.swift; sourceTree = ""; }; + OBJ_195 /* SectionMarginTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionMarginTests.swift; sourceTree = ""; }; + OBJ_196 /* SectionTitleTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SectionTitleTests.swift; sourceTree = ""; }; + OBJ_21 /* UIEdgeInsets+Hidden.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIEdgeInsets+Hidden.swift"; sourceTree = ""; }; + OBJ_22 /* UIView+Subviews.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIView+Subviews.swift"; sourceTree = ""; }; + OBJ_23 /* UIViewController+RootViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+RootViewController.swift"; sourceTree = ""; }; + OBJ_26 /* CancelButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CancelButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_27 /* DestructiveButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "DestructiveButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_28 /* MenuButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_29 /* OkButton+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "OkButton+ActionSheet.swift"; sourceTree = ""; }; + OBJ_304 /* Resources */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Resources; sourceTree = SOURCE_ROOT; }; + OBJ_306 /* Fastlane */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Fastlane; sourceTree = SOURCE_ROOT; }; + OBJ_307 /* Readmes */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Readmes; sourceTree = SOURCE_ROOT; }; + OBJ_308 /* LICENSE */ = {isa = PBXFileReference; lastKnownFileType = text; path = LICENSE; sourceTree = ""; }; + OBJ_309 /* Foo.podspec */ = {isa = PBXFileReference; lastKnownFileType = text; path = Foo.podspec; sourceTree = ""; }; + OBJ_31 /* CollectionItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CollectionItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_310 /* README.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = ""; }; + OBJ_311 /* RELEASE_NOTES.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = RELEASE_NOTES.md; sourceTree = ""; }; + OBJ_32 /* CustomItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CustomItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_33 /* LinkItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "LinkItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_34 /* MultiSelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MultiSelectToggleItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_36 /* SelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_37 /* SingleSelectItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SingleSelectItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_38 /* Menu+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+ActionSheet.swift"; sourceTree = ""; }; + OBJ_39 /* MenuItem+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ActionSheet.swift"; sourceTree = ""; }; + OBJ_41 /* MenuTitle+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuTitle+ActionSheet.swift"; sourceTree = ""; }; + OBJ_42 /* SectionMargin+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionMargin+ActionSheet.swift"; sourceTree = ""; }; + OBJ_43 /* SectionTitle+ActionSheet.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SectionTitle+ActionSheet.swift"; sourceTree = ""; }; + OBJ_45 /* ActionSheetPopoverPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPopoverPresenter.swift; sourceTree = ""; }; + OBJ_46 /* ActionSheetPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetPresenter.swift; sourceTree = ""; }; + OBJ_47 /* ActionSheetStandardPresenter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStandardPresenter.swift; sourceTree = ""; }; + OBJ_49 /* ActionSheetBackgroundView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetBackgroundView.swift; sourceTree = ""; }; + OBJ_50 /* ActionSheetButtonTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetButtonTableView.swift; sourceTree = ""; }; + OBJ_51 /* ActionSheetHeaderContainerView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetHeaderContainerView.swift; sourceTree = ""; }; + OBJ_52 /* ActionSheetItemTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemTableView.swift; sourceTree = ""; }; + OBJ_53 /* ActionSheetStackView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetStackView.swift; sourceTree = ""; }; + OBJ_54 /* ActionSheetTableView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetTableView.swift; sourceTree = ""; }; + OBJ_57 /* ActionSheetItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetItemCell.swift; sourceTree = ""; }; + OBJ_6 /* Package.swift */ = {isa = PBXFileReference; explicitFileType = sourcecode.swift; path = Package.swift; sourceTree = ""; }; + OBJ_63 /* ActionSheetCollectionItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetCollectionItemCell.swift; sourceTree = ""; }; + OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetCollectionItemCellHandler.swift; sourceTree = ""; }; + OBJ_65 /* ActionSheetLinkItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetLinkItemCell.swift; sourceTree = ""; }; + OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetMultiSelectToggleItemCell.swift; sourceTree = ""; }; + OBJ_68 /* ActionSheetSelectItemCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ActionSheetSelectItemCell.swift; sourceTree = ""; }; + OBJ_75 /* AlertControllerConversionError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AlertControllerConversionError.swift; sourceTree = ""; }; + OBJ_76 /* Menu+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "Menu+AlertController.swift"; sourceTree = ""; }; + OBJ_77 /* MenuItem+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+AlertController.swift"; sourceTree = ""; }; + OBJ_78 /* UIViewController+AlertController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIViewController+AlertController.swift"; sourceTree = ""; }; + OBJ_80 /* ContextMenuConversionError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuConversionError.swift; sourceTree = ""; }; + OBJ_81 /* ContextMenuDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegate.swift; sourceTree = ""; }; + OBJ_82 /* ContextMenuDelegateRetainer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContextMenuDelegateRetainer.swift; sourceTree = ""; }; + OBJ_83 /* MenuCreator+ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuCreator+ContextMenu.swift"; sourceTree = ""; }; + OBJ_84 /* MenuItem+ContextMenu.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MenuItem+ContextMenu.swift"; sourceTree = ""; }; + OBJ_86 /* NSObject+ClassName.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSObject+ClassName.swift"; sourceTree = ""; }; + OBJ_89 /* CancelButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CancelButton.swift; sourceTree = ""; }; + OBJ_90 /* DestructiveButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DestructiveButton.swift; sourceTree = ""; }; + OBJ_91 /* MenuButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MenuButton.swift; sourceTree = ""; }; + OBJ_92 /* OkButton.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OkButton.swift; sourceTree = ""; }; + OBJ_94 /* CollectionItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CollectionItem.swift; sourceTree = ""; }; + OBJ_95 /* CustomItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomItem.swift; sourceTree = ""; }; + OBJ_96 /* LinkItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LinkItem.swift; sourceTree = ""; }; + OBJ_97 /* MultiSelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectItem.swift; sourceTree = ""; }; + OBJ_98 /* MultiSelectToggleItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MultiSelectToggleItem.swift; sourceTree = ""; }; + OBJ_99 /* SelectItem.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SelectItem.swift; sourceTree = ""; }; + "Foo::Foo::Product" /* Foo.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; path = Foo.framework; sourceTree = BUILT_PRODUCTS_DIR; }; + "Foo::FooTests::Product" /* FooTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; path = FooTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + 84670394234A3C4500355331 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 84670419234A3E9C00355331 /* Foo.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_521 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 0; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_606 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 0; + files = ( + 84D3AF312434B1510007BE9B /* Nimble in Frameworks */, + A9FA9D3A26A17AC40047114E /* MockingKit in Frameworks */, + 84D3AF2E2434B1420007BE9B /* Quick in Frameworks */, + OBJ_611 /* Foo.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 8422CB77239DCC6900251D31 /* Deprecations */ = { + isa = PBXGroup; + children = ( + 84F64BA6239D9CB5000290D1 /* ActionSheet+Deprecations.swift */, + 8422CB74239DCBEB00251D31 /* Menu+Deprecations.swift */, + ); + path = Deprecations; + sourceTree = ""; + }; + 84670398234A3C4500355331 /* FooDemo */ = { + isa = PBXGroup; + children = ( + 846703C6234A3CF000355331 /* ActionSheets */, + 84670417234A3D0800355331 /* App */, + 846703C2234A3CF000355331 /* Appearance */, + 846703C9234A3CF100355331 /* Assets */, + 846703BB234A3CF000355331 /* Items */, + 846703DC234A3CF100355331 /* Menus */, + 846703AB234A3CF000355331 /* Options */, + 846703B2234A3CF000355331 /* ViewControllers */, + ); + path = FooDemo; + sourceTree = ""; + }; + 846703AB234A3CF000355331 /* Options */ = { + isa = PBXGroup; + children = ( + 846703B0234A3CF000355331 /* ActionSheetOption.swift */, + 846703AF234A3CF000355331 /* AppearanceOption.swift */, + 846703AD234A3CF000355331 /* FoodOption.swift */, + 846703AC234A3CF000355331 /* FoodOption+ActionSheetItems.swift */, + 846703AE234A3CF000355331 /* MenuOption.swift */, + ); + path = Options; + sourceTree = ""; + }; + 846703B2234A3CF000355331 /* ViewControllers */ = { + isa = PBXGroup; + children = ( + 846703BA234A3CF000355331 /* AppearanceViewController.swift */, + 846703B9234A3CF000355331 /* ContextMenuViewController.swift */, + 846703B3234A3CF000355331 /* ViewController.swift */, + 846703B7234A3CF000355331 /* ViewController+ActionSheets.swift */, + 846703B6234A3CF000355331 /* ViewController+Alert.swift */, + 846703B4234A3CF000355331 /* ViewController+Appearance.swift */, + 846703B5234A3CF000355331 /* ViewController+Menus.swift */, + 846703B8234A3CF000355331 /* ViewController+TableView.swift */, + ); + path = ViewControllers; + sourceTree = ""; + }; + 846703BB234A3CF000355331 /* Items */ = { + isa = PBXGroup; + children = ( + 846703BC234A3CF000355331 /* DemoCustomViewCell.swift */, + 846703BD234A3CF000355331 /* DemoCollectionViewCell.xib */, + 846703BE234A3CF000355331 /* DemoCustomViewCell.xib */, + 846703BF234A3CF000355331 /* DemoCollectionViewCell.swift */, + 843C3B0E25271DE30055BFE6 /* DemoMultilineItem.swift */, + ); + path = Items; + sourceTree = ""; + }; + 846703C2234A3CF000355331 /* Appearance */ = { + isa = PBXGroup; + children = ( + 846703C4234A3CF000355331 /* ColorAppearance.swift */, + 846703C3234A3CF000355331 /* DemoAppearance.swift */, + 846703C5234A3CF000355331 /* DemoFonts.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + 846703C6234A3CF000355331 /* ActionSheets */ = { + isa = PBXGroup; + children = ( + 846703C7234A3CF000355331 /* FoodActionSheet.swift */, + 846703C8234A3CF000355331 /* CollectionActionSheet.swift */, + ); + path = ActionSheets; + sourceTree = ""; + }; + 846703C9234A3CF100355331 /* Assets */ = { + isa = PBXGroup; + children = ( + 846703CA234A3CF100355331 /* Images */, + 846703CC234A3CF100355331 /* Assets.xcassets */, + 846703CD234A3CF100355331 /* Fonts */, + ); + path = Assets; + sourceTree = ""; + }; + 846703CA234A3CF100355331 /* Images */ = { + isa = PBXGroup; + children = ( + 846703CB234A3CF100355331 /* title-image.png */, + ); + path = Images; + sourceTree = ""; + }; + 846703CD234A3CF100355331 /* Fonts */ = { + isa = PBXGroup; + children = ( + 846703CE234A3CF100355331 /* Roboto */, + ); + path = Fonts; + sourceTree = ""; + }; + 846703CE234A3CF100355331 /* Roboto */ = { + isa = PBXGroup; + children = ( + 846703CF234A3CF100355331 /* Roboto-Medium.ttf */, + 846703D0234A3CF100355331 /* Roboto-Light.ttf */, + 846703D1234A3CF100355331 /* Roboto-Regular.ttf */, + 846703D2234A3CF100355331 /* Roboto-MediumItalic.ttf */, + 846703D3234A3CF100355331 /* Roboto-ThinItalic.ttf */, + 846703D4234A3CF100355331 /* Roboto-BoldItalic.ttf */, + 846703D5234A3CF100355331 /* Roboto-LightItalic.ttf */, + 846703D6234A3CF100355331 /* Roboto-Italic.ttf */, + 846703D7234A3CF100355331 /* LICENSE.txt */, + 846703D8234A3CF100355331 /* Roboto-BlackItalic.ttf */, + 846703D9234A3CF100355331 /* Roboto-Bold.ttf */, + 846703DA234A3CF100355331 /* Roboto-Thin.ttf */, + 846703DB234A3CF100355331 /* Roboto-Black.ttf */, + ); + path = Roboto; + sourceTree = ""; + }; + 846703DC234A3CF100355331 /* Menus */ = { + isa = PBXGroup; + children = ( + 846703DD234A3CF100355331 /* FoodMenu.swift */, + 846703E2234A3CF100355331 /* ItemMenu.swift */, + 846703E5234A3CF100355331 /* CollectionMenu.swift */, + 846703E3234A3CF100355331 /* CustomMenu.swift */, + 843C3B1825271FEC0055BFE6 /* DemoMultilineItemMenu.swift */, + 846703E0234A3CF100355331 /* DestructiveMenu.swift */, + 846703DE234A3CF100355331 /* LinkMenu.swift */, + 846703E1234A3CF100355331 /* MultiSelectMenu.swift */, + 84A24EDA236C72C900DB060C /* SecondaryActionMenu.swift */, + 846703E4234A3CF100355331 /* SectionMenu.swift */, + 846703DF234A3CF100355331 /* SingleSelectMenu.swift */, + 8422CB67239DC27500251D31 /* NonDismissableMenu.swift */, + 8422CB69239DC2C400251D31 /* BackgroundDismissableMenu.swift */, + ); + path = Menus; + sourceTree = ""; + }; + 84670417234A3D0800355331 /* App */ = { + isa = PBXGroup; + children = ( + 846703C0234A3CF000355331 /* AppDelegate.swift */, + 846703B1234A3CF000355331 /* Info.plist */, + 846703C1234A3CF000355331 /* SceneDelegate.swift */, + 8467039F234A3C4500355331 /* Main.storyboard */, + 846703A4234A3C4600355331 /* LaunchScreen.storyboard */, + ); + name = App; + sourceTree = ""; + }; + 84670418234A3E9C00355331 /* Frameworks */ = { + isa = PBXGroup; + children = ( + ); + name = Frameworks; + sourceTree = ""; + }; + 84BDF8B12347D42700D35F93 /* Project Files */ = { + isa = PBXGroup; + children = ( + A963E2AF24A9D22900665C6B /* Package.resolved */, + 84BDF8B32347D43F00D35F93 /* .gitignore */, + 84BDF8B22347D43F00D35F93 /* .swiftlint.yml */, + OBJ_308 /* LICENSE */, + OBJ_309 /* Foo.podspec */, + OBJ_310 /* README.md */, + OBJ_311 /* RELEASE_NOTES.md */, + ); + name = "Project Files"; + sourceTree = ""; + }; + OBJ_104 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_105 /* MenuTitle.swift */, + OBJ_106 /* SectionMagin.swift */, + OBJ_107 /* SectionTitle.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_108 /* Tests */ = { + isa = PBXGroup; + children = ( + OBJ_109 /* FooTests */, + ); + name = Tests; + sourceTree = SOURCE_ROOT; + }; + OBJ_109 /* FooTests */ = { + isa = PBXGroup; + children = ( + OBJ_110 /* ActionSheet */, + OBJ_164 /* AlertController */, + OBJ_167 /* ContextMenu */, + OBJ_172 /* Extensions */, + OBJ_174 /* Menu */, + ); + name = FooTests; + path = Tests/FooTests; + sourceTree = SOURCE_ROOT; + }; + OBJ_110 /* ActionSheet */ = { + isa = PBXGroup; + children = ( + OBJ_115 /* Appearance */, + OBJ_158 /* Cells */, + OBJ_120 /* Extensions */, + OBJ_124 /* Menu */, + OBJ_143 /* Mocks */, + OBJ_150 /* Presenters */, + OBJ_153 /* Views */, + 84F64BA4239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift */, + OBJ_111 /* ActionSheet+PresenterTests.swift */, + OBJ_112 /* ActionSheetItemHandlerTests.swift */, + OBJ_113 /* ActionSheetMarginTests.swift */, + OBJ_114 /* ActionSheetTests.swift */, + ); + path = ActionSheet; + sourceTree = ""; + }; + OBJ_115 /* Appearance */ = { + isa = PBXGroup; + children = ( + OBJ_116 /* ActionSheet+AppearanceTests.swift */, + OBJ_117 /* ActionSheetAppearanceTests.swift */, + OBJ_118 /* ActionSheetColorTests.swift */, + OBJ_119 /* UIColor+ActionSheetColorTests.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + OBJ_120 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_121 /* UIEdgeInsets+HiddenTests.swift */, + OBJ_122 /* UIView+SubviewsTests.swift */, + OBJ_123 /* UIViewController+RootViewControllerTests.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_124 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_138 /* MenuItem+ActionSheetTests.swift */, + OBJ_125 /* Buttons */, + OBJ_130 /* Items */, + OBJ_139 /* Titles */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_125 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_126 /* CancelButton+ActionSheetTests.swift */, + OBJ_127 /* DestructiveButton+ActionSheetTests.swift */, + OBJ_128 /* MenuButtonTests+ActionSheetTests.swift */, + OBJ_129 /* OkButton+ActionSheetTests.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_130 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_131 /* CollectionItem+ActionSheetTests.swift */, + OBJ_132 /* CustomItem+ActionSheetTests.swift */, + 8422CB80239E21FC00251D31 /* DestructiveItem+ActionSheetTests.swift */, + OBJ_133 /* LinkItem+ActionSheetTests.swift */, + OBJ_134 /* MultiSelectItem+ActionSheetTests.swift */, + OBJ_135 /* MultiSelectToggleItem+ActionSheetTests.swift */, + 84A24ED7236C6FAF00DB060C /* SecondaryActionItem+ActionSheetTests.swift */, + OBJ_136 /* SelectItem+ActionSheetTests.swift */, + OBJ_137 /* SingleSelectItem+ActionSheetTests.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_139 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_140 /* MenuTitle+ActionSheetTests.swift */, + OBJ_141 /* SectionMargin+ActionSheetTests.swift */, + OBJ_142 /* SectionTitle+ActionSheetTests.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_143 /* Mocks */ = { + isa = PBXGroup; + children = ( + OBJ_144 /* MockActionSheet.swift */, + OBJ_145 /* MockActionSheetAppearance.swift */, + OBJ_146 /* MockActionSheetPresenter.swift */, + OBJ_147 /* MockNotificationCenter.swift */, + OBJ_148 /* MockTableView.swift */, + OBJ_149 /* MockViewController.swift */, + ); + path = Mocks; + sourceTree = ""; + }; + OBJ_15 /* Appearance */ = { + isa = PBXGroup; + children = ( + OBJ_16 /* ActionSheet+Appearance.swift */, + OBJ_17 /* ActionSheetAppearance.swift */, + OBJ_18 /* ActionSheetColor.swift */, + OBJ_19 /* UIColor+ActionSheetColor.swift */, + ); + path = Appearance; + sourceTree = ""; + }; + OBJ_150 /* Presenters */ = { + isa = PBXGroup; + children = ( + OBJ_151 /* ActionSheetPopoverPresenterTests.swift */, + 8422CB61239DAF9B00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift */, + OBJ_152 /* ActionSheetStandardPresenterTests.swift */, + 8422CB64239DB6F600251D31 /* ActionSheetPresenterBaseTests.swift */, + ); + path = Presenters; + sourceTree = ""; + }; + OBJ_153 /* Views */ = { + isa = PBXGroup; + children = ( + OBJ_154 /* ActionSheetBackgroundViewTests.swift */, + OBJ_155 /* ActionSheetHeaderContainerViewTests.swift */, + OBJ_156 /* ActionSheetStackViewTests.swift */, + OBJ_157 /* ActionSheetTableViewTests.swift */, + ); + path = Views; + sourceTree = ""; + }; + OBJ_158 /* Cells */ = { + isa = PBXGroup; + children = ( + OBJ_160 /* ActionSheetItemCellTests.swift */, + OBJ_162 /* ActionSheetLinkItemCellTests.swift */, + OBJ_163 /* ActionSheetSelectItemCellTests.swift */, + 84A24ED3236C6DB500DB060C /* ActionSheetSecondaryActionItemTests.swift */, + ); + path = Cells; + sourceTree = ""; + }; + OBJ_164 /* AlertController */ = { + isa = PBXGroup; + children = ( + OBJ_165 /* Menu+AlertControllerTests.swift */, + OBJ_166 /* MenuItem+AlertControllerTests.swift */, + ); + path = AlertController; + sourceTree = ""; + }; + OBJ_167 /* ContextMenu */ = { + isa = PBXGroup; + children = ( + 8422CB6F239DC81800251D31 /* ContextMenu+ConfigurationTests.swift */, + OBJ_168 /* ContextMenuDelegateTests.swift */, + OBJ_169 /* Menu+ContextMenuTests.swift */, + OBJ_170 /* MenuItem+ContextMenuTests.swift */, + ); + path = ContextMenu; + sourceTree = ""; + }; + OBJ_172 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_173 /* NSObject+ClassNameTests.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_174 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_175 /* Buttons */, + OBJ_180 /* Items */, + OBJ_191 /* Mocks */, + OBJ_193 /* Titles */, + OBJ_189 /* MenuItemTests.swift */, + OBJ_190 /* MenuTests.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_175 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_176 /* CancelButtonTests.swift */, + OBJ_177 /* DestructiveButtonTests.swift */, + OBJ_178 /* MenuButtonTests.swift */, + OBJ_179 /* OkButtonTests.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_180 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_181 /* CollectionItemTests.swift */, + OBJ_182 /* CustomItemTests.swift */, + OBJ_183 /* LinkItemTests.swift */, + OBJ_184 /* MultiSelectItemTests.swift */, + OBJ_185 /* MultiSelectToggleItemTests.swift */, + OBJ_186 /* SelectItemTests.swift */, + OBJ_187 /* SingleSelectItemTests.swift */, + 84A24ECC236C66CD00DB060C /* SecondaryActionItemTests.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_191 /* Mocks */ = { + isa = PBXGroup; + children = ( + OBJ_192 /* MockMenuItem.swift */, + ); + path = Mocks; + sourceTree = ""; + }; + OBJ_193 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_194 /* MenuTitleTests.swift */, + OBJ_195 /* SectionMarginTests.swift */, + OBJ_196 /* SectionTitleTests.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_20 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_21 /* UIEdgeInsets+Hidden.swift */, + OBJ_22 /* UIView+Subviews.swift */, + OBJ_23 /* UIViewController+RootViewController.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_24 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_25 /* Buttons */, + OBJ_30 /* Items */, + OBJ_40 /* Titles */, + OBJ_38 /* Menu+ActionSheet.swift */, + OBJ_39 /* MenuItem+ActionSheet.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_25 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_26 /* CancelButton+ActionSheet.swift */, + OBJ_27 /* DestructiveButton+ActionSheet.swift */, + OBJ_28 /* MenuButton+ActionSheet.swift */, + OBJ_29 /* OkButton+ActionSheet.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_297 /* Products */ = { + isa = PBXGroup; + children = ( + "Foo::Foo::Product" /* Foo.framework */, + "Foo::FooTests::Product" /* FooTests.xctest */, + 84670397234A3C4500355331 /* FooDemo.app */, + ); + name = Products; + sourceTree = BUILT_PRODUCTS_DIR; + }; + OBJ_30 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_31 /* CollectionItem+ActionSheet.swift */, + OBJ_32 /* CustomItem+ActionSheet.swift */, + 8422CB7B239E209C00251D31 /* DestructiveItem+ActionSheet.swift */, + OBJ_33 /* LinkItem+ActionSheet.swift */, + OBJ_34 /* MultiSelectItem+ActionSheet.swift */, + OBJ_35 /* MultiSelectToggleItem+ActionSheet.swift */, + 84A24ECF236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift */, + OBJ_36 /* SelectItem+ActionSheet.swift */, + OBJ_37 /* SingleSelectItem+ActionSheet.swift */, + ); + path = Items; + sourceTree = ""; + }; + OBJ_40 /* Titles */ = { + isa = PBXGroup; + children = ( + OBJ_41 /* MenuTitle+ActionSheet.swift */, + OBJ_42 /* SectionMargin+ActionSheet.swift */, + OBJ_43 /* SectionTitle+ActionSheet.swift */, + ); + path = Titles; + sourceTree = ""; + }; + OBJ_44 /* Presenters */ = { + isa = PBXGroup; + children = ( + OBJ_45 /* ActionSheetPopoverPresenter.swift */, + 8422CB5F239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift */, + OBJ_46 /* ActionSheetPresenter.swift */, + 847E09EC239DA5E70058179D /* ActionSheetPresenterBase.swift */, + OBJ_47 /* ActionSheetStandardPresenter.swift */, + ); + path = Presenters; + sourceTree = ""; + }; + OBJ_48 /* Views */ = { + isa = PBXGroup; + children = ( + OBJ_49 /* ActionSheetBackgroundView.swift */, + OBJ_50 /* ActionSheetButtonTableView.swift */, + OBJ_51 /* ActionSheetHeaderContainerView.swift */, + OBJ_52 /* ActionSheetItemTableView.swift */, + OBJ_53 /* ActionSheetStackView.swift */, + OBJ_54 /* ActionSheetTableView.swift */, + ); + path = Views; + sourceTree = ""; + }; + OBJ_5 = { + isa = PBXGroup; + children = ( + OBJ_6 /* Package.swift */, + OBJ_7 /* Sources */, + OBJ_108 /* Tests */, + 84670398234A3C4500355331 /* FooDemo */, + OBJ_297 /* Products */, + OBJ_304 /* Resources */, + OBJ_306 /* Fastlane */, + OBJ_307 /* Readmes */, + 84BDF8B12347D42700D35F93 /* Project Files */, + 84670418234A3E9C00355331 /* Frameworks */, + ); + sourceTree = ""; + }; + OBJ_55 /* Cells */ = { + isa = PBXGroup; + children = ( + OBJ_63 /* ActionSheetCollectionItemCell.swift */, + OBJ_64 /* ActionSheetCollectionItemCellHandler.swift */, + OBJ_57 /* ActionSheetItemCell.swift */, + 8405566E23527E1E0064EC7D /* ActionSheetItemCells.swift */, + OBJ_65 /* ActionSheetLinkItemCell.swift */, + OBJ_67 /* ActionSheetMultiSelectToggleItemCell.swift */, + 84A24ED1236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift */, + OBJ_68 /* ActionSheetSelectItemCell.swift */, + ); + path = Cells; + sourceTree = ""; + }; + OBJ_7 /* Sources */ = { + isa = PBXGroup; + children = ( + OBJ_8 /* Foo */, + ); + name = Sources; + sourceTree = SOURCE_ROOT; + }; + OBJ_74 /* AlertController */ = { + isa = PBXGroup; + children = ( + OBJ_75 /* AlertControllerConversionError.swift */, + OBJ_76 /* Menu+AlertController.swift */, + OBJ_77 /* MenuItem+AlertController.swift */, + OBJ_78 /* UIViewController+AlertController.swift */, + ); + path = AlertController; + sourceTree = ""; + }; + OBJ_79 /* ContextMenu */ = { + isa = PBXGroup; + children = ( + 8422CB6D239DC6DA00251D31 /* ContextMenu.swift */, + 8422CB6B239DC6B100251D31 /* ContextMenu+Configuration.swift */, + OBJ_80 /* ContextMenuConversionError.swift */, + OBJ_81 /* ContextMenuDelegate.swift */, + OBJ_82 /* ContextMenuDelegateRetainer.swift */, + OBJ_83 /* MenuCreator+ContextMenu.swift */, + OBJ_84 /* MenuItem+ContextMenu.swift */, + ); + path = ContextMenu; + sourceTree = ""; + }; + OBJ_8 /* Foo */ = { + isa = PBXGroup; + children = ( + OBJ_9 /* ActionSheet */, + OBJ_74 /* AlertController */, + OBJ_79 /* ContextMenu */, + 8422CB77239DCC6900251D31 /* Deprecations */, + OBJ_85 /* Extensions */, + OBJ_87 /* Menu */, + ); + name = Foo; + path = Sources/Foo; + sourceTree = SOURCE_ROOT; + }; + OBJ_85 /* Extensions */ = { + isa = PBXGroup; + children = ( + OBJ_86 /* NSObject+ClassName.swift */, + ); + path = Extensions; + sourceTree = ""; + }; + OBJ_87 /* Menu */ = { + isa = PBXGroup; + children = ( + OBJ_88 /* Buttons */, + OBJ_93 /* Items */, + OBJ_104 /* Titles */, + OBJ_101 /* Menu.swift */, + 84A24EDC236C84D900DB060C /* MenuCreator.swift */, + OBJ_103 /* MenuItem.swift */, + ); + path = Menu; + sourceTree = ""; + }; + OBJ_88 /* Buttons */ = { + isa = PBXGroup; + children = ( + OBJ_89 /* CancelButton.swift */, + OBJ_90 /* DestructiveButton.swift */, + OBJ_91 /* MenuButton.swift */, + OBJ_92 /* OkButton.swift */, + ); + path = Buttons; + sourceTree = ""; + }; + OBJ_9 /* ActionSheet */ = { + isa = PBXGroup; + children = ( + OBJ_15 /* Appearance */, + OBJ_55 /* Cells */, + OBJ_20 /* Extensions */, + OBJ_24 /* Menu */, + OBJ_44 /* Presenters */, + OBJ_48 /* Views */, + OBJ_12 /* ActionSheet.swift */, + 84F64BA2239D9630000290D1 /* ActionSheet+Configuration.swift */, + OBJ_10 /* ActionSheet+Presenter.swift */, + OBJ_11 /* ActionSheet+Scroll.swift */, + 84F64BA0239D8FEF000290D1 /* ActionSheet+Header.swift */, + OBJ_13 /* ActionSheetItemHandler.swift */, + OBJ_14 /* ActionSheetMargin.swift */, + ); + path = ActionSheet; + sourceTree = ""; + }; + OBJ_93 /* Items */ = { + isa = PBXGroup; + children = ( + OBJ_94 /* CollectionItem.swift */, + OBJ_95 /* CustomItem.swift */, + 8422CB78239E1E6800251D31 /* DestructiveItem.swift */, + OBJ_96 /* LinkItem.swift */, + OBJ_97 /* MultiSelectItem.swift */, + OBJ_98 /* MultiSelectToggleItem.swift */, + 84A24ECA236C64F200DB060C /* SecondaryActionItem.swift */, + OBJ_99 /* SelectItem.swift */, + OBJ_100 /* SingleSelectItem.swift */, + ); + path = Items; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + 84670396234A3C4500355331 /* FooDemo */ = { + isa = PBXNativeTarget; + buildConfigurationList = 846703AA234A3C4600355331 /* Build configuration list for PBXNativeTarget "FooDemo" */; + buildPhases = ( + 84670393234A3C4500355331 /* Sources */, + 84670394234A3C4500355331 /* Frameworks */, + 84670395234A3C4500355331 /* Resources */, + 8467041D234A3E9C00355331 /* Embed Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + 8467041C234A3E9C00355331 /* PBXTargetDependency */, + ); + name = FooDemo; + productName = FooDemo; + productReference = 84670397234A3C4500355331 /* FooDemo.app */; + productType = "com.apple.product-type.application"; + }; + "Foo::Foo" /* Foo */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_438 /* Build configuration list for PBXNativeTarget "Foo" */; + buildPhases = ( + OBJ_441 /* Sources */, + OBJ_521 /* Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = Foo; + productName = Foo; + productReference = "Foo::Foo::Product" /* Foo.framework */; + productType = "com.apple.product-type.framework"; + }; + "Foo::FooTests" /* FooTests */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_534 /* Build configuration list for PBXNativeTarget "FooTests" */; + buildPhases = ( + OBJ_537 /* Sources */, + OBJ_606 /* Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + OBJ_616 /* PBXTargetDependency */, + ); + name = FooTests; + packageProductDependencies = ( + 84D3AF2D2434B1420007BE9B /* Quick */, + 84D3AF302434B1510007BE9B /* Nimble */, + A9FA9D3926A17AC40047114E /* MockingKit */, + ); + productName = FooTests; + productReference = "Foo::FooTests::Product" /* FooTests.xctest */; + productType = "com.apple.product-type.bundle.unit-test"; + }; + "Foo::SwiftPMPackageDescription" /* FooPackageDescription */ = { + isa = PBXNativeTarget; + buildConfigurationList = OBJ_523 /* Build configuration list for PBXNativeTarget "FooPackageDescription" */; + buildPhases = ( + OBJ_526 /* Sources */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = FooPackageDescription; + productName = FooPackageDescription; + productType = "com.apple.product-type.framework"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + OBJ_1 /* Project object */ = { + isa = PBXProject; + attributes = { + LastSwiftMigration = 9999; + LastSwiftUpdateCheck = 1100; + LastUpgradeCheck = 9999; + ORGANIZATIONNAME = "Daniel Saidi"; + TargetAttributes = { + 84670396234A3C4500355331 = { + CreatedOnToolsVersion = 11.0; + DevelopmentTeam = PMEDFW438U; + LastSwiftMigration = 1100; + ProvisioningStyle = Automatic; + }; + }; + }; + buildConfigurationList = OBJ_2 /* Build configuration list for PBXProject "Foo" */; + compatibilityVersion = "Xcode 3.2"; + developmentRegion = en; + hasScannedForEncodings = 0; + knownRegions = ( + en, + Base, + ); + mainGroup = OBJ_5; + packageReferences = ( + 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */, + 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */, + A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */, + ); + productRefGroup = OBJ_297 /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + "Foo::Foo" /* Foo */, + "Foo::SwiftPMPackageDescription" /* FooPackageDescription */, + "Foo::FooPackageTests::ProductTarget" /* FooPackageTests */, + "Foo::FooTests" /* FooTests */, + 84670396234A3C4500355331 /* FooDemo */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXResourcesBuildPhase section */ + 84670395234A3C4500355331 /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 84670405234A3CF100355331 /* Roboto-ThinItalic.ttf in Resources */, + 84670401234A3CF100355331 /* Roboto-Medium.ttf in Resources */, + 8467040A234A3CF100355331 /* Roboto-BlackItalic.ttf in Resources */, + 84670407234A3CF100355331 /* Roboto-LightItalic.ttf in Resources */, + 846703FF234A3CF100355331 /* title-image.png in Resources */, + 84670403234A3CF100355331 /* Roboto-Regular.ttf in Resources */, + 84670406234A3CF100355331 /* Roboto-BoldItalic.ttf in Resources */, + 8467040D234A3CF100355331 /* Roboto-Black.ttf in Resources */, + 846703A6234A3C4600355331 /* LaunchScreen.storyboard in Resources */, + 84670408234A3CF100355331 /* Roboto-Italic.ttf in Resources */, + 846703A1234A3C4500355331 /* Main.storyboard in Resources */, + 84670400234A3CF100355331 /* Assets.xcassets in Resources */, + 846703F6234A3CF100355331 /* DemoCustomViewCell.xib in Resources */, + 84670409234A3CF100355331 /* LICENSE.txt in Resources */, + 8467040C234A3CF100355331 /* Roboto-Thin.ttf in Resources */, + 8467040B234A3CF100355331 /* Roboto-Bold.ttf in Resources */, + 846703F5234A3CF100355331 /* DemoCollectionViewCell.xib in Resources */, + 84670404234A3CF100355331 /* Roboto-MediumItalic.ttf in Resources */, + 84670402234A3CF100355331 /* Roboto-Light.ttf in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXResourcesBuildPhase section */ + +/* Begin PBXSourcesBuildPhase section */ + 84670393234A3C4500355331 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 846703EF234A3CF100355331 /* ViewController+Alert.swift in Sources */, + 846703F7234A3CF100355331 /* DemoCollectionViewCell.swift in Sources */, + 846703ED234A3CF100355331 /* ViewController+Appearance.swift in Sources */, + 846703EC234A3CF100355331 /* ViewController.swift in Sources */, + 8467040F234A3CF100355331 /* LinkMenu.swift in Sources */, + 84670412234A3CF100355331 /* MultiSelectMenu.swift in Sources */, + 843C3B1925271FEC0055BFE6 /* DemoMultilineItemMenu.swift in Sources */, + 846703F2234A3CF100355331 /* ContextMenuViewController.swift in Sources */, + 846703EA234A3CF100355331 /* ActionSheetOption.swift in Sources */, + 84670410234A3CF100355331 /* SingleSelectMenu.swift in Sources */, + 846703E7234A3CF100355331 /* FoodOption.swift in Sources */, + 846703F9234A3CF100355331 /* SceneDelegate.swift in Sources */, + 846703FB234A3CF100355331 /* ColorAppearance.swift in Sources */, + 84670416234A3CF100355331 /* CollectionMenu.swift in Sources */, + 8422CB6A239DC2C400251D31 /* BackgroundDismissableMenu.swift in Sources */, + 84670415234A3CF100355331 /* SectionMenu.swift in Sources */, + 84670411234A3CF100355331 /* DestructiveMenu.swift in Sources */, + 84A24EDB236C72C900DB060C /* SecondaryActionMenu.swift in Sources */, + 846703E8234A3CF100355331 /* MenuOption.swift in Sources */, + 846703F8234A3CF100355331 /* AppDelegate.swift in Sources */, + 843C3B0F25271DE30055BFE6 /* DemoMultilineItem.swift in Sources */, + 8422CB68239DC27500251D31 /* NonDismissableMenu.swift in Sources */, + 846703FE234A3CF100355331 /* CollectionActionSheet.swift in Sources */, + 846703F3234A3CF100355331 /* AppearanceViewController.swift in Sources */, + 84670413234A3CF100355331 /* ItemMenu.swift in Sources */, + 846703F4234A3CF100355331 /* DemoCustomViewCell.swift in Sources */, + 846703FA234A3CF100355331 /* DemoAppearance.swift in Sources */, + 846703E6234A3CF100355331 /* FoodOption+ActionSheetItems.swift in Sources */, + 8467040E234A3CF100355331 /* FoodMenu.swift in Sources */, + 846703E9234A3CF100355331 /* AppearanceOption.swift in Sources */, + 84670414234A3CF100355331 /* CustomMenu.swift in Sources */, + 846703F0234A3CF100355331 /* ViewController+ActionSheets.swift in Sources */, + 846703FD234A3CF100355331 /* FoodActionSheet.swift in Sources */, + 846703FC234A3CF100355331 /* DemoFonts.swift in Sources */, + 846703F1234A3CF100355331 /* ViewController+TableView.swift in Sources */, + 846703EE234A3CF100355331 /* ViewController+Menus.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_441 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_442 /* ActionSheet+Presenter.swift in Sources */, + OBJ_443 /* ActionSheet+Scroll.swift in Sources */, + OBJ_444 /* ActionSheet.swift in Sources */, + OBJ_445 /* ActionSheetItemHandler.swift in Sources */, + OBJ_446 /* ActionSheetMargin.swift in Sources */, + OBJ_447 /* ActionSheet+Appearance.swift in Sources */, + OBJ_448 /* ActionSheetAppearance.swift in Sources */, + OBJ_449 /* ActionSheetColor.swift in Sources */, + OBJ_450 /* UIColor+ActionSheetColor.swift in Sources */, + OBJ_451 /* UIEdgeInsets+Hidden.swift in Sources */, + OBJ_452 /* UIView+Subviews.swift in Sources */, + OBJ_453 /* UIViewController+RootViewController.swift in Sources */, + OBJ_454 /* CancelButton+ActionSheet.swift in Sources */, + OBJ_455 /* DestructiveButton+ActionSheet.swift in Sources */, + OBJ_456 /* MenuButton+ActionSheet.swift in Sources */, + OBJ_457 /* OkButton+ActionSheet.swift in Sources */, + 84F64BA3239D9630000290D1 /* ActionSheet+Configuration.swift in Sources */, + OBJ_458 /* CollectionItem+ActionSheet.swift in Sources */, + OBJ_459 /* CustomItem+ActionSheet.swift in Sources */, + OBJ_460 /* LinkItem+ActionSheet.swift in Sources */, + OBJ_461 /* MultiSelectItem+ActionSheet.swift in Sources */, + OBJ_462 /* MultiSelectToggleItem+ActionSheet.swift in Sources */, + OBJ_463 /* SelectItem+ActionSheet.swift in Sources */, + OBJ_464 /* SingleSelectItem+ActionSheet.swift in Sources */, + OBJ_465 /* Menu+ActionSheet.swift in Sources */, + OBJ_466 /* MenuItem+ActionSheet.swift in Sources */, + OBJ_467 /* MenuTitle+ActionSheet.swift in Sources */, + 8422CB72239DC85300251D31 /* ContextMenu.swift in Sources */, + OBJ_468 /* SectionMargin+ActionSheet.swift in Sources */, + 84A24EDD236C84D900DB060C /* MenuCreator.swift in Sources */, + OBJ_469 /* SectionTitle+ActionSheet.swift in Sources */, + OBJ_470 /* ActionSheetPopoverPresenter.swift in Sources */, + OBJ_471 /* ActionSheetPresenter.swift in Sources */, + 8405567023527E280064EC7D /* ActionSheetItemCells.swift in Sources */, + OBJ_472 /* ActionSheetStandardPresenter.swift in Sources */, + 84A24ECB236C64F200DB060C /* SecondaryActionItem.swift in Sources */, + 8422CB7A239E1FB600251D31 /* DestructiveItem.swift in Sources */, + 84A24ED0236C6C5B00DB060C /* SecondaryActionItem+ActionSheet.swift in Sources */, + OBJ_473 /* ActionSheetBackgroundView.swift in Sources */, + OBJ_474 /* ActionSheetButtonTableView.swift in Sources */, + OBJ_475 /* ActionSheetHeaderContainerView.swift in Sources */, + 84F64BA1239D8FEF000290D1 /* ActionSheet+Header.swift in Sources */, + OBJ_476 /* ActionSheetItemTableView.swift in Sources */, + 8422CB7D239E20E100251D31 /* DestructiveItem+ActionSheet.swift in Sources */, + OBJ_477 /* ActionSheetStackView.swift in Sources */, + OBJ_478 /* ActionSheetTableView.swift in Sources */, + OBJ_480 /* ActionSheetItemCell.swift in Sources */, + OBJ_484 /* ActionSheetCollectionItemCell.swift in Sources */, + OBJ_485 /* ActionSheetCollectionItemCellHandler.swift in Sources */, + 8422CB73239DC85900251D31 /* ContextMenu+Configuration.swift in Sources */, + OBJ_486 /* ActionSheetLinkItemCell.swift in Sources */, + OBJ_488 /* ActionSheetMultiSelectToggleItemCell.swift in Sources */, + OBJ_489 /* ActionSheetSelectItemCell.swift in Sources */, + OBJ_494 /* AlertControllerConversionError.swift in Sources */, + OBJ_495 /* Menu+AlertController.swift in Sources */, + 8422CB60239DAF5600251D31 /* ActionSheetPopoverPresenter+PresentationDelegate.swift in Sources */, + OBJ_496 /* MenuItem+AlertController.swift in Sources */, + OBJ_497 /* UIViewController+AlertController.swift in Sources */, + OBJ_498 /* ContextMenuConversionError.swift in Sources */, + OBJ_499 /* ContextMenuDelegate.swift in Sources */, + OBJ_500 /* ContextMenuDelegateRetainer.swift in Sources */, + OBJ_501 /* MenuCreator+ContextMenu.swift in Sources */, + OBJ_502 /* MenuItem+ContextMenu.swift in Sources */, + OBJ_503 /* NSObject+ClassName.swift in Sources */, + OBJ_504 /* CancelButton.swift in Sources */, + OBJ_505 /* DestructiveButton.swift in Sources */, + OBJ_506 /* MenuButton.swift in Sources */, + OBJ_507 /* OkButton.swift in Sources */, + OBJ_508 /* CollectionItem.swift in Sources */, + 8422CB76239DCBFD00251D31 /* Menu+Deprecations.swift in Sources */, + OBJ_509 /* CustomItem.swift in Sources */, + OBJ_510 /* LinkItem.swift in Sources */, + OBJ_511 /* MultiSelectItem.swift in Sources */, + OBJ_512 /* MultiSelectToggleItem.swift in Sources */, + 847E09ED239DA5E70058179D /* ActionSheetPresenterBase.swift in Sources */, + OBJ_513 /* SelectItem.swift in Sources */, + OBJ_514 /* SingleSelectItem.swift in Sources */, + OBJ_515 /* Menu.swift in Sources */, + 84F64BA8239D9CD7000290D1 /* ActionSheet+Deprecations.swift in Sources */, + OBJ_517 /* MenuItem.swift in Sources */, + OBJ_518 /* MenuTitle.swift in Sources */, + 84A24ED2236C6CA200DB060C /* ActionSheetSecondaryActionItemCell.swift in Sources */, + OBJ_519 /* SectionMagin.swift in Sources */, + OBJ_520 /* SectionTitle.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_526 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_527 /* Package.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + OBJ_537 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 0; + files = ( + OBJ_538 /* ActionSheet+PresenterTests.swift in Sources */, + OBJ_539 /* ActionSheetItemHandlerTests.swift in Sources */, + OBJ_540 /* ActionSheetMarginTests.swift in Sources */, + OBJ_541 /* ActionSheetTests.swift in Sources */, + OBJ_542 /* ActionSheet+AppearanceTests.swift in Sources */, + OBJ_543 /* ActionSheetAppearanceTests.swift in Sources */, + OBJ_544 /* ActionSheetColorTests.swift in Sources */, + OBJ_545 /* UIColor+ActionSheetColorTests.swift in Sources */, + OBJ_546 /* UIEdgeInsets+HiddenTests.swift in Sources */, + OBJ_547 /* UIView+SubviewsTests.swift in Sources */, + 84F64BA5239D99D6000290D1 /* ActionSheet+ConfigurationTests.swift in Sources */, + OBJ_548 /* UIViewController+RootViewControllerTests.swift in Sources */, + OBJ_549 /* CancelButton+ActionSheetTests.swift in Sources */, + OBJ_550 /* DestructiveButton+ActionSheetTests.swift in Sources */, + OBJ_551 /* MenuButtonTests+ActionSheetTests.swift in Sources */, + OBJ_552 /* OkButton+ActionSheetTests.swift in Sources */, + OBJ_553 /* CollectionItem+ActionSheetTests.swift in Sources */, + OBJ_554 /* CustomItem+ActionSheetTests.swift in Sources */, + OBJ_555 /* LinkItem+ActionSheetTests.swift in Sources */, + OBJ_556 /* MultiSelectItem+ActionSheetTests.swift in Sources */, + 84A24ED9236C724100DB060C /* SecondaryActionItem+ActionSheetTests.swift in Sources */, + OBJ_557 /* MultiSelectToggleItem+ActionSheetTests.swift in Sources */, + OBJ_558 /* SelectItem+ActionSheetTests.swift in Sources */, + OBJ_559 /* SingleSelectItem+ActionSheetTests.swift in Sources */, + OBJ_560 /* MenuItem+ActionSheetTests.swift in Sources */, + OBJ_561 /* MenuTitle+ActionSheetTests.swift in Sources */, + OBJ_562 /* SectionMargin+ActionSheetTests.swift in Sources */, + 8422CB66239DB70C00251D31 /* ActionSheetPresenterBaseTests.swift in Sources */, + OBJ_563 /* SectionTitle+ActionSheetTests.swift in Sources */, + 8422CB63239DAFBC00251D31 /* ActionSheetPopoverPresenter+PresentationDelegateTests.swift in Sources */, + OBJ_564 /* MockActionSheet.swift in Sources */, + OBJ_565 /* MockActionSheetAppearance.swift in Sources */, + OBJ_566 /* MockActionSheetPresenter.swift in Sources */, + OBJ_567 /* MockNotificationCenter.swift in Sources */, + OBJ_568 /* MockTableView.swift in Sources */, + OBJ_569 /* MockViewController.swift in Sources */, + OBJ_570 /* ActionSheetPopoverPresenterTests.swift in Sources */, + OBJ_571 /* ActionSheetStandardPresenterTests.swift in Sources */, + OBJ_572 /* ActionSheetBackgroundViewTests.swift in Sources */, + OBJ_573 /* ActionSheetHeaderContainerViewTests.swift in Sources */, + 8422CB82239E21FF00251D31 /* DestructiveItem+ActionSheetTests.swift in Sources */, + OBJ_574 /* ActionSheetStackViewTests.swift in Sources */, + OBJ_575 /* ActionSheetTableViewTests.swift in Sources */, + OBJ_577 /* ActionSheetItemCellTests.swift in Sources */, + OBJ_578 /* ActionSheetLinkItemCellTests.swift in Sources */, + 8422CB71239DC82C00251D31 /* ContextMenu+ConfigurationTests.swift in Sources */, + OBJ_579 /* ActionSheetSelectItemCellTests.swift in Sources */, + OBJ_580 /* Menu+AlertControllerTests.swift in Sources */, + OBJ_581 /* MenuItem+AlertControllerTests.swift in Sources */, + OBJ_582 /* ContextMenuDelegateTests.swift in Sources */, + OBJ_583 /* Menu+ContextMenuTests.swift in Sources */, + OBJ_584 /* MenuItem+ContextMenuTests.swift in Sources */, + OBJ_586 /* NSObject+ClassNameTests.swift in Sources */, + 84A24ED5236C6DCD00DB060C /* ActionSheetSecondaryActionItemTests.swift in Sources */, + OBJ_587 /* CancelButtonTests.swift in Sources */, + OBJ_588 /* DestructiveButtonTests.swift in Sources */, + OBJ_589 /* MenuButtonTests.swift in Sources */, + 84A24ECE236C670D00DB060C /* SecondaryActionItemTests.swift in Sources */, + OBJ_590 /* OkButtonTests.swift in Sources */, + OBJ_591 /* CollectionItemTests.swift in Sources */, + OBJ_592 /* CustomItemTests.swift in Sources */, + OBJ_593 /* LinkItemTests.swift in Sources */, + OBJ_594 /* MultiSelectItemTests.swift in Sources */, + OBJ_595 /* MultiSelectToggleItemTests.swift in Sources */, + OBJ_596 /* SelectItemTests.swift in Sources */, + OBJ_597 /* SingleSelectItemTests.swift in Sources */, + OBJ_599 /* MenuItemTests.swift in Sources */, + OBJ_600 /* MenuTests.swift in Sources */, + OBJ_601 /* MockMenuItem.swift in Sources */, + OBJ_602 /* MenuTitleTests.swift in Sources */, + OBJ_603 /* SectionMarginTests.swift in Sources */, + OBJ_604 /* SectionTitleTests.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin PBXTargetDependency section */ + 8467041C234A3E9C00355331 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::Foo" /* Foo */; + targetProxy = 8467041B234A3E9C00355331 /* PBXContainerItemProxy */; + }; + OBJ_532 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::FooTests" /* FooTests */; + targetProxy = 84BDF8B02347D41500D35F93 /* PBXContainerItemProxy */; + }; + OBJ_616 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = "Foo::Foo" /* Foo */; + targetProxy = 84BDF8AF2347D41300D35F93 /* PBXContainerItemProxy */; + }; +/* End PBXTargetDependency section */ + +/* Begin PBXVariantGroup section */ + 8467039F234A3C4500355331 /* Main.storyboard */ = { + isa = PBXVariantGroup; + children = ( + 846703A0234A3C4500355331 /* Base */, + ); + name = Main.storyboard; + sourceTree = ""; + }; + 846703A4234A3C4600355331 /* LaunchScreen.storyboard */ = { + isa = PBXVariantGroup; + children = ( + 846703A5234A3C4600355331 /* Base */, + ); + name = LaunchScreen.storyboard; + sourceTree = ""; + }; +/* End PBXVariantGroup section */ + +/* Begin XCBuildConfiguration section */ + 846703A8234A3C4600355331 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_STYLE = Automatic; + DEVELOPMENT_TEAM = PMEDFW438U; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + INFOPLIST_FILE = FooDemo/Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = com.danielsaidi.FooDemo; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + SWIFT_VERSION = 5.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Debug; + }; + 846703A9234A3C4600355331 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_STYLE = Automatic; + COPY_PHASE_STRIP = NO; + DEVELOPMENT_TEAM = PMEDFW438U; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + INFOPLIST_FILE = FooDemo/Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + MTL_ENABLE_DEBUG_INFO = NO; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = com.danielsaidi.FooDemo; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 5.0; + TARGETED_DEVICE_FAMILY = "1,2"; + VALIDATE_PRODUCT = YES; + }; + name = Release; + }; + OBJ_3 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_OBJC_ARC = YES; + COMBINE_HIDPI_IMAGES = YES; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + DYLIB_INSTALL_NAME_BASE = "@rpath"; + ENABLE_NS_ASSERTIONS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "$(inherited)", + "SWIFT_PACKAGE=1", + "DEBUG=1", + ); + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + ONLY_ACTIVE_ARCH = YES; + OTHER_SWIFT_FLAGS = "$(inherited) -DXcode"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SDKROOT = iphoneos; + SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited) SWIFT_PACKAGE DEBUG"; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + USE_HEADERMAP = NO; + }; + name = Debug; + }; + OBJ_4 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_OBJC_ARC = YES; + COMBINE_HIDPI_IMAGES = YES; + COPY_PHASE_STRIP = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + DYLIB_INSTALL_NAME_BASE = "@rpath"; + GCC_OPTIMIZATION_LEVEL = s; + GCC_PREPROCESSOR_DEFINITIONS = ( + "$(inherited)", + "SWIFT_PACKAGE=1", + ); + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + OTHER_SWIFT_FLAGS = "$(inherited) -DXcode"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SDKROOT = iphoneos; + SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited) SWIFT_PACKAGE"; + SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_OPTIMIZATION_LEVEL = "-O"; + USE_HEADERMAP = NO; + }; + name = Release; + }; + OBJ_439 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CURRENT_PROJECT_VERSION = 1; + ENABLE_TESTABILITY = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = "$(inherited)"; + INFOPLIST_FILE = Foo.xcodeproj/Foo_Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + PRODUCT_BUNDLE_IDENTIFIER = Foo; + PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)"; + PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; + SKIP_INSTALL = YES; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = Foo; + }; + name = Debug; + }; + OBJ_440 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CURRENT_PROJECT_VERSION = 1; + ENABLE_TESTABILITY = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = "$(inherited)"; + INFOPLIST_FILE = Foo.xcodeproj/Foo_Info.plist; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + PRODUCT_BUNDLE_IDENTIFIER = Foo; + PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)"; + PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; + SKIP_INSTALL = YES; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = Foo; + }; + name = Release; + }; + OBJ_524 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + LD = /usr/bin/true; + OTHER_SWIFT_FLAGS = "-swift-version 5 -I $(TOOLCHAIN_DIR)/usr/lib/swift/pm/4_2 -target x86_64-apple-macosx10.10 -sdk /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.15.sdk -package-description-version 5.1"; + SWIFT_VERSION = 5.0; + }; + name = Debug; + }; + OBJ_525 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + LD = /usr/bin/true; + OTHER_SWIFT_FLAGS = "-swift-version 5 -I $(TOOLCHAIN_DIR)/usr/lib/swift/pm/4_2 -target x86_64-apple-macosx10.10 -sdk /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.15.sdk -package-description-version 5.1"; + SWIFT_VERSION = 5.0; + }; + name = Release; + }; + OBJ_530 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + }; + name = Debug; + }; + OBJ_531 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + }; + name = Release; + }; + OBJ_535 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + DEVELOPMENT_TEAM = PMEDFW438U; + EMBEDDED_CONTENT_CONTAINS_SWIFT = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = ( + "$(inherited)", + "$(SRCROOT)/.build/checkouts/Quick/Sources/QuickSpecBase/include", + ); + INFOPLIST_FILE = Foo.xcodeproj/FooTests_Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 11.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@loader_path/../Frameworks", + "@loader_path/Frameworks", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = FooTests; + }; + name = Debug; + }; + OBJ_536 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + DEVELOPMENT_TEAM = PMEDFW438U; + EMBEDDED_CONTENT_CONTAINS_SWIFT = YES; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PLATFORM_DIR)/Developer/Library/Frameworks", + ); + HEADER_SEARCH_PATHS = ( + "$(inherited)", + "$(SRCROOT)/.build/checkouts/Quick/Sources/QuickSpecBase/include", + ); + INFOPLIST_FILE = Foo.xcodeproj/FooTests_Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 11.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@loader_path/../Frameworks", + "@loader_path/Frameworks", + ); + OTHER_CFLAGS = "$(inherited)"; + OTHER_LDFLAGS = "$(inherited)"; + OTHER_SWIFT_FLAGS = "$(inherited)"; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = "$(inherited)"; + SWIFT_VERSION = 5.0; + TARGET_NAME = FooTests; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + 846703AA234A3C4600355331 /* Build configuration list for PBXNativeTarget "FooDemo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 846703A8234A3C4600355331 /* Debug */, + 846703A9234A3C4600355331 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_2 /* Build configuration list for PBXProject "Foo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_3 /* Debug */, + OBJ_4 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_438 /* Build configuration list for PBXNativeTarget "Foo" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_439 /* Debug */, + OBJ_440 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_523 /* Build configuration list for PBXNativeTarget "FooPackageDescription" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_524 /* Debug */, + OBJ_525 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_529 /* Build configuration list for PBXAggregateTarget "FooPackageTests" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_530 /* Debug */, + OBJ_531 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + OBJ_534 /* Build configuration list for PBXNativeTarget "FooTests" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + OBJ_535 /* Debug */, + OBJ_536 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + +/* Begin XCRemoteSwiftPackageReference section */ + 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/Quick/Quick.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 3.0.0; + }; + }; + 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/Quick/Nimble.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 8.1.1; + }; + }; + A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/danielsaidi/MockingKit.git"; + requirement = { + kind = upToNextMajorVersion; + minimumVersion = 0.9.4; + }; + }; +/* End XCRemoteSwiftPackageReference section */ + +/* Begin XCSwiftPackageProductDependency section */ + 84D3AF2D2434B1420007BE9B /* Quick */ = { + isa = XCSwiftPackageProductDependency; + package = 84D3AF2C2434B1420007BE9B /* XCRemoteSwiftPackageReference "Quick" */; + productName = Quick; + }; + 84D3AF302434B1510007BE9B /* Nimble */ = { + isa = XCSwiftPackageProductDependency; + package = 84D3AF2F2434B1510007BE9B /* XCRemoteSwiftPackageReference "Nimble" */; + productName = Nimble; + }; + A9FA9D3926A17AC40047114E /* MockingKit */ = { + isa = XCSwiftPackageProductDependency; + package = A9FA9D3826A17AC30047114E /* XCRemoteSwiftPackageReference "MockingKit" */; + productName = MockingKit; + }; +/* End XCSwiftPackageProductDependency section */ + }; + rootObject = OBJ_1 /* Project object */; +} diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata new file mode 100644 index 00000000000..919434a6254 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/Foo.xcodeproj/project.xcworkspace/contents.xcworkspacedata @@ -0,0 +1,7 @@ + + + + + diff --git a/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected new file mode 100644 index 00000000000..4506ff8aa56 --- /dev/null +++ b/swift/xcode-autobuilder/tests/hello-targets-with-tests-suffix/commands.expected @@ -0,0 +1 @@ +/usr/bin/xcodebuild build -project ./Foo.xcodeproj -target FooDemo CODE_SIGNING_REQUIRED=NO CODE_SIGNING_ALLOWED=NO diff --git a/swift/xcode-autobuilder/xcode-autobuilder.cpp b/swift/xcode-autobuilder/xcode-autobuilder.cpp index 9dfdb074e75..4cc234de66b 100644 --- a/swift/xcode-autobuilder/xcode-autobuilder.cpp +++ b/swift/xcode-autobuilder/xcode-autobuilder.cpp @@ -7,8 +7,9 @@ #include "swift/logging/SwiftLogging.h" #include "swift/xcode-autobuilder/CustomizingBuildLink.h" -static const char* uiTest = "com.apple.product-type.bundle.ui-testing"; -static const char* unitTest = "com.apple.product-type.bundle.unit-test"; +static constexpr std::string_view uiTest = "com.apple.product-type.bundle.ui-testing"; +static constexpr std::string_view unitTest = "com.apple.product-type.bundle.unit-test"; +static constexpr std::string_view unknownType = ""; const std::string_view codeql::programName = "autobuilder"; @@ -38,6 +39,16 @@ struct CLIArgs { bool dryRun; }; +static bool endsWith(std::string_view s, std::string_view suffix) { + return s.size() >= suffix.size() && s.substr(s.size() - suffix.size()) == suffix; +} + +static bool isNonSwiftOrTestTarget(const Target& t) { + return t.fileCount == 0 || t.type == uiTest || t.type == unitTest || + // unknown target types can be legitimate, let's do a name-based heuristic then + (t.type == unknownType && (endsWith(t.name, "Tests") || endsWith(t.name, "Test"))); +} + static void autobuild(const CLIArgs& args) { auto collected = collectTargets(args.workingDir); auto& targets = collected.targets; @@ -45,10 +56,7 @@ static void autobuild(const CLIArgs& args) { LOG_INFO("{}", t); } // Filter out targets that are tests or have no swift source files - targets.erase(std::remove_if(std::begin(targets), std::end(targets), - [&](Target& t) -> bool { - return t.fileCount == 0 || t.type == uiTest || t.type == unitTest; - }), + targets.erase(std::remove_if(std::begin(targets), std::end(targets), isNonSwiftOrTestTarget), std::end(targets)); // Sort targets by the amount of files in each From cfaa27ab5d0eef5d7717ee6d96b4e25d9e490e01 Mon Sep 17 00:00:00 2001 From: Asger F Date: Fri, 26 May 2023 14:43:06 +0200 Subject: [PATCH 137/210] Ruby: change note --- .../src/change-notes/2023-05-26-super-and-flow-through.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md diff --git a/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md b/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md new file mode 100644 index 00000000000..7059c51f24e --- /dev/null +++ b/ruby/ql/src/change-notes/2023-05-26-super-and-flow-through.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Fixed a bug that would occur when an `initialize` method returns `self` or one of its parameters. + In such cases, the corresponding calls to `new` would be associated with an incorrect return type. + This could result in inaccurate call target resolution and cause false positive alerts. From ba51ded5168415fa1f22dee73fd6c69eda1a04ba Mon Sep 17 00:00:00 2001 From: Philip Ginsbach Date: Thu, 25 May 2023 10:39:44 +0100 Subject: [PATCH 138/210] bindingset is not really a pragma --- docs/codeql/ql-language-reference/ql-language-specification.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/ql-language-reference/ql-language-specification.rst b/docs/codeql/ql-language-reference/ql-language-specification.rst index af5be717ef6..25b25dc82f1 100644 --- a/docs/codeql/ql-language-reference/ql-language-specification.rst +++ b/docs/codeql/ql-language-reference/ql-language-specification.rst @@ -773,7 +773,7 @@ Binding sets are checked by the QL compiler in the following way: A predicate may have several different binding sets, which can be stated by using multiple ``bindingset`` annotations on the same predicate. +----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ -| Pragma | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | +| Annotation | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | +================+=========+============+===================+=======================+=========+========+=========+=========+============+ | ``bindingset`` | | yes | yes | yes | | | | | (yes) | +----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ From 47a0d4b77427f481b76a0ea07349949a90c5c2d5 Mon Sep 17 00:00:00 2001 From: Philip Ginsbach Date: Thu, 25 May 2023 10:44:31 +0100 Subject: [PATCH 139/210] more explicit mentioning of QLL files --- .../ql-language-reference/ql-language-specification.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/codeql/ql-language-reference/ql-language-specification.rst b/docs/codeql/ql-language-reference/ql-language-specification.rst index 25b25dc82f1..71dcbdce571 100644 --- a/docs/codeql/ql-language-reference/ql-language-specification.rst +++ b/docs/codeql/ql-language-reference/ql-language-specification.rst @@ -186,21 +186,21 @@ A QL module definition has the following syntax: A module definition extends the current module's declared module environment with a mapping from the module name to the module definition. -QL files consist of simply a module body without a name and surrounding braces: +QL files and QLL files consist of simply a module body without a name and surrounding braces: :: ql ::= moduleBody -QL files define a module corresponding to the file, whose name is the same as the filename. +QL files and QLL files define a module corresponding to the file, whose name is the same as the filename. Kinds of modules ~~~~~~~~~~~~~~~~ A module may be: -- A *file module*, if it is defined implicitly by a QL file. -- A *query module*, if it is defined by a QL file. +- A *file module*, if it is defined implicitly by a QL file or a QLL file. +- A *query module*, if it is defined implicitly by a QL file. - A *library module*, if it is not a query module. A query module must contain one or more queries. From 0f08642653bffb3206a2660cdb42feebb0384875 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 26 May 2023 11:16:44 -0700 Subject: [PATCH 140/210] C++: Fix join in 'pointerArithOverflow0'. --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 88db396f2cf..735375870ea 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -78,11 +78,16 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } +pragma[nomagic] +predicate arrayTypeHasSizes(ArrayType arr, int baseTypeSize, int arraySize) { + arr.getBaseType().getSize() = baseTypeSize and + arr.getArraySize() = arraySize +} + predicate pointerArithOverflow0( PointerArithmeticInstruction pai, Field f, int size, int bound, int delta ) { - pai.getElementSize() = f.getUnspecifiedType().(ArrayType).getBaseType().getSize() and - f.getUnspecifiedType().(ArrayType).getArraySize() = size and + arrayTypeHasSizes(f.getUnspecifiedType(), pai.getElementSize(), size) and semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and delta = bound - size and delta >= 0 and From 9828af45a1754cd9f6902c1ed5af1cce9e526870 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 26 May 2023 15:23:48 -0700 Subject: [PATCH 141/210] C++: Change separator from ':' to '|'. --- .../ir/range-analysis/RangeAnalysis.ql | 2 +- .../SimpleRangeAnalysis_tests.cpp | 32 +++++++++---------- .../library-tests/ir/range-analysis/test.cpp | 4 +-- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql index eadf0b90ef5..b5a86c23d97 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql @@ -40,7 +40,7 @@ bindingset[delta] private string getBoundString(SemBound b, float delta) { b instanceof SemZeroBound and result = delta.toString() or - result = strictconcat(b.(SemSsaBound).getAVariable().toString(), ":") + getOffsetString(delta) + result = strictconcat(b.(SemSsaBound).getAVariable().toString(), " | ") + getOffsetString(delta) } private string getARangeString(SemExpr e) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp index 92e197115b7..df29578409b 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp @@ -8,7 +8,7 @@ int test1(struct List* p) { int count = 0; for (; p; p = p->next) { count = count+1; - range(count); // $ range="==Phi: p:Store: count+1" + range(count); // $ range="==Phi: p | Store: count+1" } range(count); return count; @@ -18,7 +18,7 @@ int test2(struct List* p) { int count = 0; for (; p; p = p->next) { count = (count+1) % 10; - range(count); // $ range=<=9 range=>=-9 range="<=Phi: p:Store: count+1" + range(count); // $ range=<=9 range=>=-9 range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -29,7 +29,7 @@ int test3(struct List* p) { for (; p; p = p->next) { range(count++); // $ range=>=-9 range=<=9 count = count % 10; - range(count); // $ range=<=9 range=>=-9 range="<=Store: ... +++0" range="<=Phi: p:Store: count+1" + range(count); // $ range=<=9 range=>=-9 range="<=Store: ... +++0" range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -93,12 +93,12 @@ int test8(int x, int y) { if (-1000 < y && y < 10) { range(y); // $ range=<=9 range=>=-999 if (x < y-2) { - range(x); // $ range=<=6 range="<=InitializeParameter: y:Store: y-3" - range(y); // $ range=<=9 range=>=-999 range=">=InitializeParameter: x:Store: x+3" + range(x); // $ range=<=6 range="<=InitializeParameter: y | Store: y-3" + range(y); // $ range=<=9 range=>=-999 range=">=InitializeParameter: x | Store: x+3" return x; } - range(x); // $ range=>=-1001 range=">=InitializeParameter: y:Store: y-2" - range(y); // $ range=<=9 range="<=InitializeParameter: x:Store: x+2" range=>=-999 + range(x); // $ range=>=-1001 range=">=InitializeParameter: y | Store: y-2" + range(y); // $ range=<=9 range="<=InitializeParameter: x | Store: x+2" range=>=-999 } range(x); range(y); @@ -128,11 +128,11 @@ int test10(int x, int y) { range(y); // $ range=>=8 if (x < y) { range(x); // $ range="<=InitializeParameter: y-1" - range(y); // $ range=>=8 range=">=InitializeParameter: x:Store: x+1" + range(y); // $ range=>=8 range=">=InitializeParameter: x | Store: x+1" return 0; } range(x); // $ range=>=8 range=">=InitializeParameter: y+0" - range(y); // $ range="<=InitializeParameter: x:Store: x+0" range=>=8 + range(y); // $ range="<=InitializeParameter: x | Store: x+0" range=>=8 return x; } range(y); // $ range=<=7 @@ -541,7 +541,7 @@ int test16(int x) { while (i < 3) { range(i); // $ range=<=2 range=>=0 i++; - range(i); // $ range=<=3 range=>=1 range="==Phi: i:Store: ... = ...+1" + range(i); // $ range=<=3 range=>=1 range="==Phi: i | Store: ... = ...+1" } range(d); d = i; @@ -640,14 +640,14 @@ unsigned int test_comma01(unsigned int x) { unsigned int y1; unsigned int y2; y1 = (++y, y); - range(y1); // $ range=<=101 range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+1" + range(y1); // $ range=<=101 range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+1" y2 = (y++, - range(y), // $ range=<=102 range="==Store: ++ ...:Store: ... = ...+1" range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+2" + range(y), // $ range=<=102 range="==Store: ++ ... | Store: ... = ...+1" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+2" y += 3, - range(y), // $ range=<=105 range="==Store: ++ ...:Store: ... = ...+4" range="==Store: ... +++3" range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+5" + range(y), // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" y); - range(y2); // $ range=<=105 range="==Store: ++ ...:Store: ... = ...+4" range="==Store: ... +++3" Unexpected result: range="==Phi: ... ? ... : ...:Store: ... ? ... : ...+5" - range(y1 + y2); // $ range=<=206 range="<=Phi: ... ? ... : ...:Store: ... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" + range(y2); // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" Unexpected result: range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" + range(y1 + y2); // $ range=<=206 range="<=Phi: ... ? ... : ... | Store: ... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" return y1 + y2; } @@ -672,7 +672,7 @@ void test17() { range(i); // $ range===50 i = 20 + (j -= 10); - range(i); // $ range="==Store: ... += ...:Store: ... = ...+10" range===60 + range(i); // $ range="==Store: ... += ... | Store: ... = ...+10" range===60 } // Tests for unsigned multiplication. diff --git a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp index 5d816f3cda4..95e6474124a 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp @@ -17,7 +17,7 @@ } else { if (y > 300) { range(x); // $ range=>=302 range=<=400 range="<=InitializeParameter: y+1" MISSING: range===y+1 - range(y); // $ range=>=301 range=<=399 range="==InitializeParameter: x:Store: x-1" + range(y); // $ range=>=301 range=<=399 range="==InitializeParameter: x | Store: x-1" int sum = x + y; } } @@ -40,7 +40,7 @@ if (y == x - 1 && y > 300 && y + 2 == z && z == 350) { // $ overflow=+ overflow=- range(x); // $ range===349 range="==InitializeParameter: y+1" range="==InitializeParameter: z-1" - range(y); // $ range===348 range=">=InitializeParameter: x:Store: x-1" range="==InitializeParameter: z-2" MISSING: range===x-1 + range(y); // $ range===348 range=">=InitializeParameter: x | Store: x-1" range="==InitializeParameter: z-2" MISSING: range===x-1 range(z); // $ range===350 range="<=InitializeParameter: y+2" MISSING: range===x+1 range===y+2 return x + y + z; } From 65dd7eb8e77178d91d9b5a05d0a43311ead5f18b Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 11 May 2023 15:48:36 -0400 Subject: [PATCH 142/210] Java: add neutral models discovered with path-inj and ssrf heuristics --- java/ql/lib/ext/java.io.model.yml | 5 +++++ java/ql/lib/ext/java.nio.file.model.yml | 18 ++++++++++++++++++ java/ql/lib/ext/java.nio.file.spi.model.yml | 7 +++++++ java/ql/lib/ext/java.text.model.yml | 4 ++++ java/ql/lib/ext/java.util.prefs.model.yml | 7 +++++++ ...g.apache.hc.client5.http.protocol.model.yml | 6 ++++++ 6 files changed, 47 insertions(+) create mode 100644 java/ql/lib/ext/java.nio.file.spi.model.yml create mode 100644 java/ql/lib/ext/java.util.prefs.model.yml create mode 100644 java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 2db99b7027e..e3a48d4138d 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -100,6 +100,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.io", "Closeable", "close", "()", "summary", "manual"] - ["java.io", "DataOutput", "writeBoolean", "(boolean)", "summary", "manual"] - ["java.io", "File", "delete", "()", "summary", "manual"] @@ -117,3 +118,7 @@ extensions: - ["java.io", "DataInput", "readLong", "()", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeInt", "(int)", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeLong", "(long)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.io", "File", "compareTo", "", "sink", "manual"] + - ["java.io", "File", "exists", "()", "sink", "manual"] diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index 42ae8b9052b..c178f628980 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -81,4 +81,22 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"] + + # sink neutrals + - ["java.nio.file", "Files" "exists", "", "sink", "manual"] + - ["java.nio.file", "Files" "getLastModifiedTime", "", "sink", "manual"] + - ["java.nio.file", "Files" "getOwner", "", "sink", "manual"] + - ["java.nio.file", "Files" "getPosixFilePermissions", "", "sink", "manual"] + - ["java.nio.file", "Files" "isDirectory", "", "sink", "manual"] + - ["java.nio.file", "Files" "isExecutable", "", "sink", "manual"] + - ["java.nio.file", "Files" "isHidden", "", "sink", "manual"] + - ["java.nio.file", "Files" "isReadable", "", "sink", "manual"] + - ["java.nio.file", "Files" "isRegularFile", "", "sink", "manual"] + - ["java.nio.file", "Files" "isSameFile", "", "sink", "manual"] + - ["java.nio.file", "Files" "isSymbolicLink", "", "sink", "manual"] + - ["java.nio.file", "Files" "isWritable", "", "sink", "manual"] + - ["java.nio.file", "Files" "notExists", "", "sink", "manual"] + - ["java.nio.file", "Files" "setLastModifiedTime", "", "sink", "manual"] + - ["java.nio.file", "Files" "size", "", "sink", "manual"] diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml new file mode 100644 index 00000000000..a833c453eb3 --- /dev/null +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "manual"] + - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "manual"] diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 728ed4fa6b4..13b286b0438 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,6 +3,10 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + - ["java.text", "Collator" "compare", "", "manual"] + - ["java.text", "Collator" "equals", "", "manual"] + - ["java.text", "RuleBasedCollator", "compare", "", "manual"] + # The below APIs have numeric flow and are currently being stored as neutral models. # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. - ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"] # taint-numeric diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml new file mode 100644 index 00000000000..c27ba79029b --- /dev/null +++ b/java/ql/lib/ext/java.util.prefs.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "manual"] + - ["java.util.prefs", "Preferences", "nodeExists", "", "manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml new file mode 100644 index 00000000000..eb92d7b4334 --- /dev/null +++ b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "manual"] From 60b07083c3b54f5da0c8845d3bea39d6174d7eb1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 11 May 2023 17:47:31 -0400 Subject: [PATCH 143/210] Java: add 'sink' kind --- java/ql/lib/ext/java.nio.file.spi.model.yml | 5 +++-- java/ql/lib/ext/java.text.model.yml | 10 ++++++---- java/ql/lib/ext/java.util.prefs.model.yml | 5 +++-- .../ext/org.apache.hc.client5.http.protocol.model.yml | 3 ++- 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml index a833c453eb3..0a7396a482c 100644 --- a/java/ql/lib/ext/java.nio.file.spi.model.yml +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -3,5 +3,6 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "manual"] - - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "manual"] + # sink neutrals + - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "manual"] + - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "manual"] diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 13b286b0438..d4704c2ab97 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,12 +3,14 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.text", "Collator" "compare", "", "manual"] - - ["java.text", "Collator" "equals", "", "manual"] - - ["java.text", "RuleBasedCollator", "compare", "", "manual"] - + # summary neutrals # The below APIs have numeric flow and are currently being stored as neutral models. # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. - ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"] # taint-numeric - ["java.text", "DateFormat", "parse", "(String)", "summary", "manual"] # taint-numeric - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.text", "Collator" "compare", "", "sink", "manual"] + - ["java.text", "Collator" "equals", "", "sink", "manual"] + - ["java.text", "RuleBasedCollator", "compare", "", "sink", "manual"] diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml index c27ba79029b..412730c3807 100644 --- a/java/ql/lib/ext/java.util.prefs.model.yml +++ b/java/ql/lib/ext/java.util.prefs.model.yml @@ -3,5 +3,6 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "manual"] - - ["java.util.prefs", "Preferences", "nodeExists", "", "manual"] + # sink neutrals + - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "manual"] + - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml index eb92d7b4334..eb30b29a50a 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml @@ -3,4 +3,5 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "manual"] + # sink neutrals + - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "manual"] From 7e6913af620e9d6d7127e8cee67d6e9a31dc6dec Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 11 May 2023 17:51:53 -0400 Subject: [PATCH 144/210] Java: update provenance to 'hq-manual' --- java/ql/lib/ext/java.io.model.yml | 4 +-- java/ql/lib/ext/java.nio.file.model.yml | 30 +++++++++---------- java/ql/lib/ext/java.nio.file.spi.model.yml | 4 +-- java/ql/lib/ext/java.text.model.yml | 6 ++-- java/ql/lib/ext/java.util.prefs.model.yml | 4 +-- ....apache.hc.client5.http.protocol.model.yml | 2 +- 6 files changed, 25 insertions(+), 25 deletions(-) diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index e3a48d4138d..44d079c1474 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -120,5 +120,5 @@ extensions: - ["java.io", "DataOutput", "writeLong", "(long)", "summary", "manual"] # taint-numeric # sink neutrals - - ["java.io", "File", "compareTo", "", "sink", "manual"] - - ["java.io", "File", "exists", "()", "sink", "manual"] + - ["java.io", "File", "compareTo", "", "sink", "hq-manual"] + - ["java.io", "File", "exists", "()", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index c178f628980..243f6a528a1 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -85,18 +85,18 @@ extensions: - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"] # sink neutrals - - ["java.nio.file", "Files" "exists", "", "sink", "manual"] - - ["java.nio.file", "Files" "getLastModifiedTime", "", "sink", "manual"] - - ["java.nio.file", "Files" "getOwner", "", "sink", "manual"] - - ["java.nio.file", "Files" "getPosixFilePermissions", "", "sink", "manual"] - - ["java.nio.file", "Files" "isDirectory", "", "sink", "manual"] - - ["java.nio.file", "Files" "isExecutable", "", "sink", "manual"] - - ["java.nio.file", "Files" "isHidden", "", "sink", "manual"] - - ["java.nio.file", "Files" "isReadable", "", "sink", "manual"] - - ["java.nio.file", "Files" "isRegularFile", "", "sink", "manual"] - - ["java.nio.file", "Files" "isSameFile", "", "sink", "manual"] - - ["java.nio.file", "Files" "isSymbolicLink", "", "sink", "manual"] - - ["java.nio.file", "Files" "isWritable", "", "sink", "manual"] - - ["java.nio.file", "Files" "notExists", "", "sink", "manual"] - - ["java.nio.file", "Files" "setLastModifiedTime", "", "sink", "manual"] - - ["java.nio.file", "Files" "size", "", "sink", "manual"] + - ["java.nio.file", "Files" "exists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "getLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "getOwner", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "getPosixFilePermissions", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isDirectory", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isExecutable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isReadable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isRegularFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isSameFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isSymbolicLink", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "isWritable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "notExists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "setLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files" "size", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml index 0a7396a482c..0b6d1d89988 100644 --- a/java/ql/lib/ext/java.nio.file.spi.model.yml +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -4,5 +4,5 @@ extensions: extensible: neutralModel data: # sink neutrals - - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "manual"] - - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "manual"] + - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index d4704c2ab97..02e0eac7407 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -11,6 +11,6 @@ extensions: - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric # sink neutrals - - ["java.text", "Collator" "compare", "", "sink", "manual"] - - ["java.text", "Collator" "equals", "", "sink", "manual"] - - ["java.text", "RuleBasedCollator", "compare", "", "sink", "manual"] + - ["java.text", "Collator" "compare", "", "sink", "hq-manual"] + - ["java.text", "Collator" "equals", "", "sink", "hq-manual"] + - ["java.text", "RuleBasedCollator", "compare", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml index 412730c3807..a2a7c16bc5d 100644 --- a/java/ql/lib/ext/java.util.prefs.model.yml +++ b/java/ql/lib/ext/java.util.prefs.model.yml @@ -4,5 +4,5 @@ extensions: extensible: neutralModel data: # sink neutrals - - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "manual"] - - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "manual"] + - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"] + - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml index eb30b29a50a..b5f46643f2f 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml @@ -4,4 +4,4 @@ extensions: extensible: neutralModel data: # sink neutrals - - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "manual"] + - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "hq-manual"] From f255b6acb805a5122bb7bdad47f023a6f557dcfd Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Mon, 22 May 2023 08:55:54 -0400 Subject: [PATCH 145/210] Java: fix typos --- java/ql/lib/ext/java.nio.file.model.yml | 30 ++++++++++----------- java/ql/lib/ext/java.nio.file.spi.model.yml | 4 +-- java/ql/lib/ext/java.text.model.yml | 4 +-- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index 243f6a528a1..6b08117d74f 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -85,18 +85,18 @@ extensions: - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"] # sink neutrals - - ["java.nio.file", "Files" "exists", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "getLastModifiedTime", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "getOwner", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "getPosixFilePermissions", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isDirectory", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isExecutable", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isHidden", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isReadable", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isRegularFile", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isSameFile", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isSymbolicLink", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "isWritable", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "notExists", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "setLastModifiedTime", "", "sink", "hq-manual"] - - ["java.nio.file", "Files" "size", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "exists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getPosixFilePermissions", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isDirectory", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isExecutable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isReadable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isRegularFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSameFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSymbolicLink", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isWritable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "notExists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "setLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "size", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml index 0b6d1d89988..91e465af105 100644 --- a/java/ql/lib/ext/java.nio.file.spi.model.yml +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -4,5 +4,5 @@ extensions: extensible: neutralModel data: # sink neutrals - - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "hq-manual"] - - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "hq-manual"] + - ["java.nio.file.spi", "FileSystemProvider", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file.spi", "FileSystemProvider", "isSameFile", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 02e0eac7407..5b315e9986d 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -11,6 +11,6 @@ extensions: - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric # sink neutrals - - ["java.text", "Collator" "compare", "", "sink", "hq-manual"] - - ["java.text", "Collator" "equals", "", "sink", "hq-manual"] + - ["java.text", "Collator", "compare", "", "sink", "hq-manual"] + - ["java.text", "Collator", "equals", "", "sink", "hq-manual"] - ["java.text", "RuleBasedCollator", "compare", "", "sink", "hq-manual"] From 24fc4ba2d4e056f9d0838efad8ee76bd0912240f Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 26 May 2023 18:53:55 -0400 Subject: [PATCH 146/210] Java: add tests --- .../neutralsinks/NeutralSinksTest.expected | 0 .../neutrals/neutralsinks/NeutralSinksTest.ql | 20 ++++ .../neutrals/neutralsinks/Test.java | 61 ++++++++++ .../neutrals/neutralsinks/options | 1 + .../http/protocol/RedirectLocations.java | 111 ++++++++++++++++++ 5 files changed, 193 insertions(+) create mode 100644 java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected create mode 100644 java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql create mode 100644 java/ql/test/library-tests/neutrals/neutralsinks/Test.java create mode 100644 java/ql/test/library-tests/neutrals/neutralsinks/options create mode 100644 java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql new file mode 100644 index 00000000000..422508f5711 --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql @@ -0,0 +1,20 @@ +import java +import TestUtilities.InlineExpectationsTest +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.dataflow.ExternalFlow + +class NeutralSinksTest extends InlineExpectationsTest { + NeutralSinksTest() { this = "NeutralSinksTest" } + + override string getARelevantTag() { result = "isSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isSink" and + exists(DataFlow::Node sink | + sinkNode(sink, _) and + sink.getLocation() = location and + element = sink.toString() and + value = "" + ) + } +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/Test.java b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java new file mode 100644 index 00000000000..fee2cbbb7dd --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java @@ -0,0 +1,61 @@ +import java.io.File; +import java.nio.file.Files; +import java.nio.file.spi.FileSystemProvider; +import java.nio.file.LinkOption; +import java.text.Collator; +import java.text.RuleBasedCollator; +import java.util.prefs.AbstractPreferences; +import java.util.prefs.Preferences; +import org.apache.hc.client5.http.protocol.RedirectLocations; + +public class Test { + + public void test() throws Exception { + + // java.io + File file = null; + file.exists(); // Neutral Sink + file.compareTo(null); // Neutral Sink + + // java.nio.file + Files.exists(null, (LinkOption[])null); // Neutral Sink + Files.getLastModifiedTime(null, (LinkOption[])null); // Neutral Sink + Files.getOwner(null, (LinkOption[])null); // Neutral Sink + Files.getPosixFilePermissions(null, (LinkOption[])null); // Neutral Sink + Files.isDirectory(null, (LinkOption[])null); // Neutral Sink + Files.isExecutable(null); // Neutral Sink + Files.isHidden(null); // Neutral Sink + Files.isReadable(null); // Neutral Sink + Files.isRegularFile(null, (LinkOption[])null); // Neutral Sink + Files.isSameFile(null, null); // Neutral Sink + Files.isSymbolicLink(null); // Neutral Sink + Files.isWritable(null); // Neutral Sink + Files.notExists(null, (LinkOption[])null); // Neutral Sink + Files.setLastModifiedTime(null, null); // Neutral Sink + Files.size(null); // Neutral Sink + + // java.nio.file.spi + FileSystemProvider fsp = null; + fsp.isHidden(null); // Neutral Sink + fsp.isSameFile(null, null); // Neutral Sink + + // java.text + Collator c = null; + c.compare(null, null); // Neutral Sink + c.equals(null); // Neutral Sink + c.equals(null, null); // Neutral Sink + RuleBasedCollator rbc = null; + rbc.compare(null, null); // Neutral Sink + + // java.util.prefs + AbstractPreferences ap = null; + ap.nodeExists(null); // Neutral Sink + Preferences p = null; + p.nodeExists(null); // Neutral Sink + + // org.apache.hc.client5.http.protocol + RedirectLocations rl = null; + rl.contains(null); // Neutral Sink + } + +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/options b/java/ql/test/library-tests/neutrals/neutralsinks/options new file mode 100644 index 00000000000..6de6bb95285 --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/apache-http-5 diff --git a/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java new file mode 100644 index 00000000000..ca717c54ebd --- /dev/null +++ b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java @@ -0,0 +1,111 @@ +/* + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + + package org.apache.hc.client5.http.protocol; + + import java.net.URI; + import java.util.ArrayList; + import java.util.HashSet; + import java.util.List; + import java.util.Set; + + /** + * This class represents a collection of {@link java.net.URI}s used + * as redirect locations. + * + * @since 4.0 + */ + public final class RedirectLocations { + + private final Set unique; + private final List all; + + public RedirectLocations() { + super(); + this.unique = new HashSet<>(); + this.all = new ArrayList<>(); + } + + /** + * Test if the URI is present in the collection. + */ + public boolean contains(final URI uri) { + return this.unique.contains(uri); + } + + /** + * Adds a new URI to the collection. + */ + public void add(final URI uri) { + this.unique.add(uri); + this.all.add(uri); + } + + /** + * Returns all redirect {@link URI}s in the order they were added to the collection. + * + * @return list of all URIs + * + * @since 4.1 + */ + public List getAll() { + return new ArrayList<>(this.all); + } + + /** + * Returns the URI at the specified position in this list. + * + * @param index + * index of the location to return + * @return the URI at the specified position in this list + * @throws IndexOutOfBoundsException + * if the index is out of range ( + * {@code index < 0 || index >= size()}) + * @since 4.3 + */ + public URI get(final int index) { + return this.all.get(index); + } + + /** + * Returns the number of elements in this list. If this list contains more + * than {@code Integer.MAX_VALUE} elements, returns + * {@code Integer.MAX_VALUE}. + * + * @return the number of elements in this list + * @since 4.3 + */ + public int size() { + return this.all.size(); + } + + public void clear() { + unique.clear(); + all.clear(); + } + + } From 6386ef3b962cb6a16c9c09f4842a1383982a18da Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 29 May 2023 09:58:52 +0200 Subject: [PATCH 147/210] Further perf improvements --- java/ql/src/utils/stub-generator/Stubs.qll | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/java/ql/src/utils/stub-generator/Stubs.qll b/java/ql/src/utils/stub-generator/Stubs.qll index a42a806455e..889bc6b466c 100644 --- a/java/ql/src/utils/stub-generator/Stubs.qll +++ b/java/ql/src/utils/stub-generator/Stubs.qll @@ -287,18 +287,23 @@ private string stubQualifier(RefType t) { pragma[nomagic] private predicate needsPackageNameHelper(RefType t, GeneratedTopLevel top, string name) { - t.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and + t.getSourceDeclaration() = + pragma[only_bind_out]([getAReferencedType(top), top].getSourceDeclaration()) and name = t.getName() } +pragma[nomagic] +private predicate describesMultipleTypes(GeneratedTopLevel top, string name) { + 2 <= strictcount(RefType t | needsPackageNameHelper(t, top, name)) +} + /** * Holds if `t` may clash with another type of the same name, so should be referred to using the fully qualified name */ private predicate needsPackageName(RefType t) { - exists(GeneratedTopLevel top, RefType other, string name | + exists(GeneratedTopLevel top, string name | needsPackageNameHelper(t, top, name) and - needsPackageNameHelper(other, top, name) and - t != other + describesMultipleTypes(top, name) ) } From 2d81e30d8191fcb749de6d3e95ffd3536eba674d Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Mon, 29 May 2023 13:45:41 -0700 Subject: [PATCH 148/210] Fix `addsTo.pack` references This change is a prerequisite for a CLI change where there will be strict testing of the `addsTo.pack` values. It must resolve to a pack reference that is a transitive dependency of the current query's pack. --- .../lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml | 2 +- .../src/utils/flowtestcasegenerator/GenerateFlowTestCase.py | 4 ++-- java/ql/test/ext/TestModels/test.ext.yml | 2 +- .../kotlin/library-tests/dataflow/notnullexpr/test.ext.yml | 2 +- .../test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml | 2 +- .../library-tests/dataflow/callback-dispatch/test.ext.yml | 3 +-- .../library-tests/dataflow/collections/containerflow.ext.yml | 2 +- .../test/library-tests/dataflow/external-models/sinks.ext.yml | 2 +- .../test/library-tests/dataflow/external-models/srcs.ext.yml | 2 +- .../test/library-tests/dataflow/external-models/steps.ext.yml | 2 +- java/ql/test/library-tests/dataflow/synth-global/test.ext.yml | 2 +- .../android/content-provider-summaries/test.ext.yml | 2 +- .../test/library-tests/frameworks/android/intent/test.ext.yml | 2 +- .../frameworks/android/notification/test.ext.yml | 2 +- .../library-tests/frameworks/apache-collections/test.ext.yml | 2 +- .../ql/test/library-tests/frameworks/apache-http/flow.ext.yml | 2 +- .../frameworks/guava/generated/collect/test.ext.yml | 2 +- .../ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml | 2 +- .../library-tests/frameworks/netty/generated/test.ext.yml | 2 +- java/ql/test/library-tests/frameworks/stream/test.ext.yml | 2 +- java/ql/test/library-tests/optional/test.ext.yml | 2 +- 21 files changed, 22 insertions(+), 23 deletions(-) diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml index a2789520908..c9515372645 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "open-url", "hq-manual"] diff --git a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py index 5e35ca52dd1..1cc943a78ec 100755 --- a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py +++ b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py @@ -18,7 +18,7 @@ GenerateFlowTestCase.py specsToTest projectPom.xml outdir [--force] This generates test cases exercising function model specifications found in specsToTest producing files Test.java, test.ql, test.ext.yml and test.expected in outdir. -specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the +specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the model specifications to test. projectPom.xml should be a Maven pom sufficient to resolve the classes named in specsToTest.csv. @@ -276,7 +276,7 @@ if len(supportModelRows) != 0: modelSpecRow[0].strip() for modelSpecRow in supportModelRows) dataextensions = f"""extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: {models} diff --git a/java/ql/test/ext/TestModels/test.ext.yml b/java/ql/test/ext/TestModels/test.ext.yml index 4fff7d575a3..c5873214f71 100644 --- a/java/ql/test/ext/TestModels/test.ext.yml +++ b/java/ql/test/ext/TestModels/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml index 5f35c923ad0..a153e39a0e0 100644 --- a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.callback.qltest", "A", False, "applyConsumer1", "(Object,Consumer1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] @@ -15,4 +15,3 @@ extensions: - ["my.callback.qltest", "A", False, "produceConsume", "(Producer1,Consumer3)", "", "Argument[1].Parameter[0]", "ReturnValue", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] - diff --git a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml index ebe7e3b6ea5..c12a0156d0c 100644 --- a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml +++ b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "B", False, "readElement", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 55a76b79b21..d469a2de0dc 100644 --- a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - ["my.qltest", "B", False, "sink1", "(Object)", "", "Argument[0]", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml index 7730d41e549..9693152f1c0 100644 --- a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sourceModel data: - ["my.qltest", "A", False, "src1", "()", "", "ReturnValue", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml index 41d26cf815a..c6a1fb69d6d 100644 --- a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest", "C", False, "stepArgRes", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml index 3d3bbe9fd47..58b4d2ecc24 100644 --- a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest.synth", "A", False, "storeInArray", "(String)", "", "Argument[0]", "SyntheticGlobal[db1].ArrayElement", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml index cf5c80bc456..06781456552 100644 --- a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml index 31321102a46..0a3ce554bc7 100644 --- a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newBundleWithMapValue", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml index bd5c804fddc..69b416a5b72 100644 --- a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getMapKeyDefault", "(Bundle)", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml index a5d1cc8e1ab..60531154074 100644 --- a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newRBWithMapValue", "", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml index ff32ab78646..6e41b8a4e24 100644 --- a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Client", False, "getURIBuilder_pathDefault", "(Object)", "", "Argument[0].SyntheticField[org.apache.http.client.utils.URIBuilder.path]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml index 153b649a3e6..e711fa15ecc 100644 --- a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithElementDefault", "(Object)", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml index 35050f48ec0..230733b3ebc 100644 --- a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getThrowable_messageDefault", "(Object)", "", "Argument[0].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml index f6b69f08632..47a199c75f1 100644 --- a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/stream/test.ext.yml b/java/ql/test/library-tests/frameworks/stream/test.ext.yml index 4f1cc3e38ac..a304f9542a4 100644 --- a/java/ql/test/library-tests/frameworks/stream/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/stream/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getElementSpliterator", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/optional/test.ext.yml b/java/ql/test/library-tests/optional/test.ext.yml index 2aebf3bdb97..24842526782 100644 --- a/java/ql/test/library-tests/optional/test.ext.yml +++ b/java/ql/test/library-tests/optional/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getStreamElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] From 53aecb1949dce5c6254bb94c4be6cbac16353d1e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 30 May 2023 00:17:04 +0000 Subject: [PATCH 149/210] Add changed framework coverage reports --- csharp/documentation/library-coverage/coverage.csv | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/csharp/documentation/library-coverage/coverage.csv b/csharp/documentation/library-coverage/coverage.csv index 9c900cf79cd..a4a6a534105 100644 --- a/csharp/documentation/library-coverage/coverage.csv +++ b/csharp/documentation/library-coverage/coverage.csv @@ -1,9 +1,9 @@ -package,sink,source,summary,sink:code,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:html,sink:remote,sink:sql,sink:xss,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value -Dapper,55,,,,,,,,,,55,,,,,,, +package,sink,source,summary,sink:code-injection,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:file-content-store,sink:html-injection,sink:js-injection,sink:sql-injection,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value +Dapper,55,,,,,,,,,,,55,,,,,, JsonToItemsTaskFactory,,,7,,,,,,,,,,,,,,7, -Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,28,,,,,,, +Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,,28,,,,,, Microsoft.CSharp,,,24,,,,,,,,,,,,,,24, -Microsoft.EntityFrameworkCore,6,,12,,,,,,,,6,,,,,,,12 +Microsoft.EntityFrameworkCore,6,,12,,,,,,,,,6,,,,,,12 Microsoft.Extensions.Caching.Distributed,,,15,,,,,,,,,,,,,,15, Microsoft.Extensions.Caching.Memory,,,46,,,,,,,,,,,,,,45,1 Microsoft.Extensions.Configuration,,,83,,,,,,,,,,,,,,80,3 @@ -21,8 +21,8 @@ Microsoft.NET.Build.Tasks,,,1,,,,,,,,,,,,,,1, Microsoft.NETCore.Platforms.BuildTasks,,,4,,,,,,,,,,,,,,4, Microsoft.VisualBasic,,,10,,,,,,,,,,,,,,5,5 Microsoft.Win32,,,8,,,,,,,,,,,,,,8, -MySql.Data.MySqlClient,48,,,,,,,,,,48,,,,,,, +MySql.Data.MySqlClient,48,,,,,,,,,,,48,,,,,, Newtonsoft.Json,,,91,,,,,,,,,,,,,,73,18 -ServiceStack,194,,7,27,,,,,,75,92,,,,,,7, -System,65,25,12157,,8,8,9,,4,,33,3,1,17,3,4,10163,1994 +ServiceStack,194,,7,27,,,,,75,,,92,,,,,7, +System,65,25,12157,,8,8,9,,,4,3,33,1,17,3,4,10163,1994 Windows.Security.Cryptography.Core,1,,,,,,,1,,,,,,,,,, From 39a07d42a1bca7edaffc56b4ec5beb6c621da668 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 May 2023 04:03:50 +0000 Subject: [PATCH 150/210] Bump chrono from 0.4.24 to 0.4.25 in /ql Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.24 to 0.4.25. - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](https://github.com/chronotope/chrono/compare/v0.4.24...v0.4.25) --- updated-dependencies: - dependency-name: chrono dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- ql/Cargo.lock | Bin 31708 -> 31667 bytes ql/buramu/Cargo.toml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/ql/Cargo.lock b/ql/Cargo.lock index 60a0ad5919a43dba84fa52a6aa9930bd588cf198..76437a85e057d43e2bf6bd6efa08833e2d6e19f3 100644 GIT binary patch delta 197 zcmWlTJ8l9o6aWQ*0)-YKktRV(gZS8f#&4}OThPN5{C+2(;u<~xJr!sVlO~r)MVrlN z`k9~SpnDGP%i(BqzDV62X7#u^wwimQrvTBwgD2;RJ#Yx(k~X|I!;r*N0^bxyrGP1C zB%)|)u70fM-P>?6slV^1)`S>PdP~+lu{IvTp!5OslF5J*Mo}dytcArXNg+{8YUH3k cUgq_>9#8%s%egGq_51a+n@;1l3tzYP4_iJx6951J delta 203 zcmXxcF-k*05CBjTkf5YXktU%0UimxoXLg66#2ZL%u)DJpQW!AA-YbN?M^N?}9>D_$ z9w4nYmalp3Jo-A1-n()89?vf8+v4eAD40o{^vqEWK+U6PDAZ@OtOcW|U=YI)l5?0S zusRFuAtd(o_&Bd^+D*2*L)nyl`<&k2{iFV@(+YqTF^DCkULp)x&?tkH#7PVMeMy3f m^^O@?%_ykPY@S%MO8r<~U)^-O*XP^AK5pwvw`dp3)9M$zN Date: Tue, 30 May 2023 12:00:31 +0200 Subject: [PATCH 151/210] Add change note --- csharp/ql/lib/change-notes/2023-05-30-source-generators.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 csharp/ql/lib/change-notes/2023-05-30-source-generators.md diff --git a/csharp/ql/lib/change-notes/2023-05-30-source-generators.md b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md new file mode 100644 index 00000000000..5483ce6af35 --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* The extractor has been changed to run after the traced compiler call. This allows inspecting compiler generated files, such as the output of source generators. With this change, `.cshtml` files and their generated `.cshtml.g.cs` counterparts are extracted on dotnet 6 and above. From 00e4c455b5bd8750776283edd0aa97585ec28842 Mon Sep 17 00:00:00 2001 From: Taus Date: Tue, 30 May 2023 16:11:30 +0200 Subject: [PATCH 152/210] Update MaD Declarations after Triage --- java/ql/lib/change-notes/2023-05-30-new-models.md | 6 ++++++ java/ql/lib/ext/okhttp3.model.yml | 2 ++ 2 files changed, 8 insertions(+) create mode 100644 java/ql/lib/change-notes/2023-05-30-new-models.md diff --git a/java/ql/lib/change-notes/2023-05-30-new-models.md b/java/ql/lib/change-notes/2023-05-30-new-models.md new file mode 100644 index 00000000000..24e7563d727 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-30-new-models.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Added models for the following packages: + + * okhttp3 diff --git a/java/ql/lib/ext/okhttp3.model.yml b/java/ql/lib/ext/okhttp3.model.yml index 21563331656..d5f38bcee57 100644 --- a/java/ql/lib/ext/okhttp3.model.yml +++ b/java/ql/lib/ext/okhttp3.model.yml @@ -3,6 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: + - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "open-url", "ai-manual"] + - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "open-url", "ai-manual"] - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "open-url", "manual"] - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "open-url", "manual"] - addsTo: From f00b29d3d29c0de4c0a79117f667ec987715a9ce Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 26 May 2023 12:23:56 -0700 Subject: [PATCH 153/210] C++: The small-string optimization commonly used inside 'std::string' is causing a lot of FPs. Let's exclude this for now to reduce the number of results for this query. --- .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 735375870ea..aa0358a99ad 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -87,6 +87,7 @@ predicate arrayTypeHasSizes(ArrayType arr, int baseTypeSize, int arraySize) { predicate pointerArithOverflow0( PointerArithmeticInstruction pai, Field f, int size, int bound, int delta ) { + not f.getNamespace() instanceof StdNamespace and arrayTypeHasSizes(f.getUnspecifiedType(), pai.getElementSize(), size) and semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and delta = bound - size and From d91fa2d03810bf9234f16fb2b17f8c5069c8f8ae Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Tue, 30 May 2023 17:30:04 +0200 Subject: [PATCH 154/210] Ruby: add print-cfg query --- .../ql/lib/ide-contextual-queries/printCfg.ql | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 ruby/ql/lib/ide-contextual-queries/printCfg.ql diff --git a/ruby/ql/lib/ide-contextual-queries/printCfg.ql b/ruby/ql/lib/ide-contextual-queries/printCfg.ql new file mode 100644 index 00000000000..9c42fe91361 --- /dev/null +++ b/ruby/ql/lib/ide-contextual-queries/printCfg.ql @@ -0,0 +1,22 @@ +/** + * @name Print CFG + * @description Produces a representation of a file's Control Flow Graph. + * This query is used by the VS Code extension. + * @id rb/print-cfg + * @kind graph + * @tags ide-contextual-queries/print-cfg + */ + +private import codeql.ruby.controlflow.internal.ControlFlowGraphImplShared::TestOutput +private import codeql.IDEContextual + +/** + * Gets the source file to generate a CFG from. + */ +external string selectedSourceFile(); + +class MyRelevantNode extends RelevantNode { + MyRelevantNode() { + this.getScope().getLocation().getFile() = getFileBySourceArchiveName(selectedSourceFile()) + } +} From 54e011188d8b98634b44e28e923a563ebda2e9ed Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 30 May 2023 17:50:50 +0200 Subject: [PATCH 155/210] Formatting --- .../code/java/frameworks/google/GsonSerializability.qll | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index 34a333c8b11..470847f292e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -13,9 +13,7 @@ import semmle.code.java.dataflow.FlowSteps * deserialized. */ private class GsonReadValueMethod extends Method { - GsonReadValueMethod() { - this.hasQualifiedName("com.google.gson", "Gson", "fromJson") - } + GsonReadValueMethod() { this.hasQualifiedName("com.google.gson", "Gson", "fromJson") } } /** A type whose values may be deserialized by the Gson JSON framework. */ From 977263a126e190acb52fbfce90ea9ce6e3ea0b76 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 30 May 2023 17:51:41 +0200 Subject: [PATCH 156/210] Use container flow for more precision --- java/ql/lib/ext/com.google.gson.model.yml | 24 +++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/java/ql/lib/ext/com.google.gson.model.yml b/java/ql/lib/ext/com.google.gson.model.yml index b867997c8df..96f5355b2dc 100644 --- a/java/ql/lib/ext/com.google.gson.model.yml +++ b/java/ql/lib/ext/com.google.gson.model.yml @@ -26,15 +26,19 @@ extensions: - ["com.google.gson", "JsonElement", True, "getAsJsonPrimitive", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] - ["com.google.gson", "JsonElement", True, "getAsString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] - ["com.google.gson", "JsonElement", True, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonArray", True, "add", "", "", "Argument[0]", "Argument[this]", "taint", "manual"] - - ["com.google.gson", "JsonArray", True, "asList", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonArray", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonArray", True, "set", "", "", "Argument[1]", "Argument[this]", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[1]", "Argument[this]", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] - - ["com.google.gson", "JsonObject", True, "keySet", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "asList", "", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "get", "", "", "Argument[this].Element", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "set", "", "", "Argument[1]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapKey", "ReturnValue.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapValue", "ReturnValue.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "get", "", "", "Argument[this].MapValue", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "keySet", "", "", "Argument[this].MapKey", "ReturnValue.Element", "value", "manual"] - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(Character)", "", "Argument[0]", "Argument[this]", "taint", "manual"] - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"] From d3d67f0fb07406242913e9443398a9fa2238c8bf Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 30 May 2023 17:52:00 +0200 Subject: [PATCH 157/210] Add tests & stubs --- .../dataflow/taint-gson/Test.java | 38 ++ .../dataflow/taint-gson/dataFlow.expected | 0 .../dataflow/taint-gson/dataFlow.ql | 2 + .../library-tests/dataflow/taint-gson/options | 1 + .../library-tests/frameworks/gson/Test.java | 468 ++++++++++++++++++ .../library-tests/frameworks/gson/options | 1 + .../frameworks/gson/test.expected | 0 .../library-tests/frameworks/gson/test.ql | 2 + .../com/google/gson/ExclusionStrategy.java | 11 + .../com/google/gson/FieldAttributes.java | 22 + .../com/google/gson/FieldNamingPolicy.java | 10 + .../com/google/gson/FieldNamingStrategy.java | 10 + .../gson-2.8.6/com/google/gson/Gson.java | 81 +-- .../com/google/gson/GsonBuilder.java | 135 ++--- .../gson-2.8.6/com/google/gson/JsonArray.java | 45 ++ .../com/google/gson/JsonElement.java | 37 ++ .../gson-2.8.6/com/google/gson/JsonNull.java | 14 + .../com/google/gson/JsonObject.java | 33 ++ .../com/google/gson/JsonPrimitive.java | 34 ++ .../google/gson/LongSerializationPolicy.java | 24 + .../google/gson/ReflectionAccessFilter.java | 18 + .../com/google/gson/ToNumberStrategy.java | 10 + .../com/google/gson/TypeAdapter.java | 137 +---- .../com/google/gson/TypeAdapterFactory.java | 30 +- .../com/google/gson/internal/Excluder.java | 25 + .../com/google/gson/reflect/TypeToken.java | 64 +-- .../com/google/gson/stream/JsonReader.java | 89 ++-- .../com/google/gson/stream/JsonToken.java | 10 + .../com/google/gson/stream/JsonWriter.java | 36 ++ 29 files changed, 1008 insertions(+), 379 deletions(-) create mode 100644 java/ql/test/library-tests/dataflow/taint-gson/Test.java create mode 100644 java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected create mode 100644 java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql create mode 100644 java/ql/test/library-tests/dataflow/taint-gson/options create mode 100644 java/ql/test/library-tests/frameworks/gson/Test.java create mode 100644 java/ql/test/library-tests/frameworks/gson/options create mode 100644 java/ql/test/library-tests/frameworks/gson/test.expected create mode 100644 java/ql/test/library-tests/frameworks/gson/test.ql create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java create mode 100644 java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java diff --git a/java/ql/test/library-tests/dataflow/taint-gson/Test.java b/java/ql/test/library-tests/dataflow/taint-gson/Test.java new file mode 100644 index 00000000000..82ca2388bbe --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/Test.java @@ -0,0 +1,38 @@ +import com.google.gson.Gson; + +public class Test { + public static class Potato { + private String name; + private Potato inner; + private Object object; + + private String getName() { + return name; + } + + private Potato getInner() { + return inner; + } + + private Object getObject() { + return object; + } + + } + + public static String source() { + return ""; + } + + public static void sink(Object any) {} + + public static void gsonfromJson() throws Exception { + String s = source(); + Potato tainted = new Gson().fromJson(s, Potato.class); + sink(tainted); // $ hasTaintFlow + sink(tainted.getName()); // $ hasTaintFlow + sink(tainted.getInner()); // $ hasTaintFlow + sink(tainted.getInner().getName()); // $ hasTaintFlow + sink(tainted.getObject()); // $ hasTaintFlow + } +} diff --git a/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/dataflow/taint-gson/options b/java/ql/test/library-tests/dataflow/taint-gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/java/ql/test/library-tests/frameworks/gson/Test.java b/java/ql/test/library-tests/frameworks/gson/Test.java new file mode 100644 index 00000000000..eb3e1e526f0 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/Test.java @@ -0,0 +1,468 @@ +package generatedtest; + +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import com.google.gson.reflect.TypeToken; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; +import java.util.List; +import java.util.Map; +import java.util.Set; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + K getMapKey(Map map) { return map.keySet().iterator().next(); } + T getElement(Iterable it) { return it.iterator().next(); } + V getMapValue(Map map) { return map.get(null); } + String getMapKeyDefault(JsonObject container) { return container.keySet().iterator().next(); } + K getMapKeyDefault(Map.Entry container) { return container.getKey(); } + JsonElement getMapValueDefault(JsonObject container) { return container.get(null); } + V getMapValueDefault(Map.Entry container) { return container.getValue(); } + JsonArray newWithElementDefault(String element) { JsonArray a = new JsonArray(); a.add(element); return a; } + JsonObject newWithMapKeyDefault(String key) { JsonObject o = new JsonObject(); o.add(key, (JsonElement) null); return o; } + JsonObject newWithMapValueDefault(JsonElement element) { JsonObject o = new JsonObject(); o.add(null, element); return o; } + Object source() { return null; } + void sink(Object o) { } + + public void test() throws Exception { + + { + // "com.google.gson.stream;JsonReader;false;nextName;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextName(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson.stream;JsonReader;false;nextString;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonReader;;;Argument[0];ReturnValue;taint;manual" + JsonReader out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.newJsonReader(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonWriter;;;Argument[0];ReturnValue;taint;manual" + JsonWriter out = null; + Writer in = (Writer)source(); + Gson instance = null; + out = instance.newJsonWriter(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement);;Argument[0];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,JsonWriter);;Argument[0];Argument[1];taint;manual" + JsonWriter out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,Appendable);;Argument[0];Argument[2];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,JsonWriter);;Argument[0];Argument[2];taint;manual" + JsonWriter out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object,Type);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in, null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Boolean in = (Boolean)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Character in = (Character)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + Number in = (Number)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + String in = (String)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;asList;;;Argument[this].Element;ReturnValue.Element;value;manual" + List out = null; + JsonArray in = (JsonArray)newWithElementDefault((String) source()); + out = in.asList(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;get;;;Argument[this].Element;ReturnValue;value;manual" + JsonElement out = null; + JsonArray in = (JsonArray)newWithElementDefault((String) source()); + out = in.get(0); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;set;;;Argument[1];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.set(0, in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonArray in = (JsonArray)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonElement in = (JsonElement)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonArray in = (JsonArray)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonElement in = (JsonElement)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonArray;();;Argument[this];ReturnValue;taint;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonArray(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonObject;();;Argument[this];ReturnValue;taint;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonObject(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonPrimitive;();;Argument[this];ReturnValue;taint;manual" + JsonPrimitive out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonPrimitive(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonArray in = (JsonArray)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;toString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.toString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.add(in, null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out.add(null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty(in, (String)null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty((String)null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapKey;ReturnValue.MapKey;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.asMap(); + sink(getMapKey(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapValue;ReturnValue.MapValue;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.asMap(); + sink(getMapValue(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapKey;value;manual" + Set> out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapKeyDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapValue;value;manual" + Set> out = null; + JsonObject in = (JsonObject) newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapValueDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;get;;;Argument[this].MapValue;ReturnValue;value;manual" + JsonElement out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.get(null); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;keySet;;;Argument[this].MapKey;ReturnValue.Element;value;manual" + Set out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.keySet(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(Character);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + Character in = (Character)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(String);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + String in = (String)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + + } + +} \ No newline at end of file diff --git a/java/ql/test/library-tests/frameworks/gson/options b/java/ql/test/library-tests/frameworks/gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/java/ql/test/library-tests/frameworks/gson/test.expected b/java/ql/test/library-tests/frameworks/gson/test.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/java/ql/test/library-tests/frameworks/gson/test.ql b/java/ql/test/library-tests/frameworks/gson/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java new file mode 100644 index 00000000000..a1cac336243 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java @@ -0,0 +1,11 @@ +// Generated automatically from com.google.gson.ExclusionStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.FieldAttributes; + +public interface ExclusionStrategy +{ + boolean shouldSkipClass(Class p0); + boolean shouldSkipField(FieldAttributes p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java new file mode 100644 index 00000000000..1db8d794976 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java @@ -0,0 +1,22 @@ +// Generated automatically from com.google.gson.FieldAttributes for testing purposes + +package com.google.gson; + +import java.lang.annotation.Annotation; +import java.lang.reflect.Field; +import java.lang.reflect.Type; +import java.util.Collection; + +public class FieldAttributes +{ + protected FieldAttributes() {} + public T getAnnotation(java.lang.Class p0){ return null; } + public Class getDeclaredClass(){ return null; } + public Class getDeclaringClass(){ return null; } + public Collection getAnnotations(){ return null; } + public FieldAttributes(Field p0){} + public String getName(){ return null; } + public String toString(){ return null; } + public Type getDeclaredType(){ return null; } + public boolean hasModifier(int p0){ return false; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java new file mode 100644 index 00000000000..465703ae28a --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingPolicy for testing purposes + +package com.google.gson; + + +public enum FieldNamingPolicy { + IDENTITY, LOWER_CASE_WITH_DASHES, LOWER_CASE_WITH_DOTS, LOWER_CASE_WITH_UNDERSCORES, UPPER_CAMEL_CASE, UPPER_CAMEL_CASE_WITH_SPACES, UPPER_CASE_WITH_UNDERSCORES; + + private FieldNamingPolicy() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java new file mode 100644 index 00000000000..bb3ad76d598 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingStrategy for testing purposes + +package com.google.gson; + +import java.lang.reflect.Field; + +public interface FieldNamingStrategy +{ + String translateName(Field p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java index a269763665b..61c29245d15 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java @@ -1,38 +1,53 @@ +// Generated automatically from com.google.gson.Gson for testing purposes + package com.google.gson; -import java.lang.reflect.Type; -import java.io.Reader; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonElement; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.internal.Excluder; +import com.google.gson.reflect.TypeToken; import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; -public final class Gson { - public Gson() { - } - - public String toJson(Object src) { - return null; - } - - public String toJson(Object src, Type typeOfSrc) { - return null; - } - - public T fromJson(String json, Class classOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(String json, Type typeOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(Reader json, Class classOfT) throws JsonSyntaxException, JsonIOException { - return null; - } - - public T fromJson(Reader json, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } - - public T fromJson(JsonReader reader, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } +public class Gson +{ + public T fromJson(JsonElement p0, Type p1){ return null; } + public T fromJson(JsonElement p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(JsonElement p0, java.lang.Class p1){ return null; } + public T fromJson(JsonReader p0, Type p1){ return null; } + public T fromJson(JsonReader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, Type p1){ return null; } + public T fromJson(Reader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, java.lang.Class p1){ return null; } + public T fromJson(String p0, Type p1){ return null; } + public T fromJson(String p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(String p0, java.lang.Class p1){ return null; } + public com.google.gson.TypeAdapter getAdapter(com.google.gson.reflect.TypeToken p0){ return null; } + public com.google.gson.TypeAdapter getAdapter(java.lang.Class p0){ return null; } + public com.google.gson.TypeAdapter getDelegateAdapter(TypeAdapterFactory p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder excluder(){ return null; } + public FieldNamingStrategy fieldNamingStrategy(){ return null; } + public Gson(){} + public GsonBuilder newBuilder(){ return null; } + public JsonElement toJsonTree(Object p0){ return null; } + public JsonElement toJsonTree(Object p0, Type p1){ return null; } + public JsonReader newJsonReader(Reader p0){ return null; } + public JsonWriter newJsonWriter(Writer p0){ return null; } + public String toJson(JsonElement p0){ return null; } + public String toJson(Object p0){ return null; } + public String toJson(Object p0, Type p1){ return null; } + public String toString(){ return null; } + public boolean htmlSafe(){ return false; } + public boolean serializeNulls(){ return false; } + public void toJson(JsonElement p0, Appendable p1){} + public void toJson(JsonElement p0, JsonWriter p1){} + public void toJson(Object p0, Appendable p1){} + public void toJson(Object p0, Type p1, Appendable p2){} + public void toJson(Object p0, Type p1, JsonWriter p2){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java index 3853cb40356..33d656b7bd7 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java @@ -1,99 +1,46 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.GsonBuilder for testing purposes package com.google.gson; +import com.google.gson.ExclusionStrategy; +import com.google.gson.FieldNamingPolicy; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.Gson; +import com.google.gson.LongSerializationPolicy; +import com.google.gson.ReflectionAccessFilter; +import com.google.gson.ToNumberStrategy; +import com.google.gson.TypeAdapterFactory; import java.lang.reflect.Type; -public final class GsonBuilder { - /** - * Creates a GsonBuilder instance that can be used to build Gson with various configuration - * settings. GsonBuilder follows the builder pattern, and it is typically used by first - * invoking various configuration methods to set desired options, and finally calling - * {@link #create()}. - */ - public GsonBuilder() { - } - - /** - * Constructs a GsonBuilder instance from a Gson instance. The newly constructed GsonBuilder - * has the same configuration as the previously built Gson instance. - * - * @param gson the gson instance whose configuration should by applied to a new GsonBuilder. - */ - GsonBuilder(Gson gson) { - } - - /** - * Configures Gson for custom serialization or deserialization. This method combines the - * registration of an {@link TypeAdapter}, {@link InstanceCreator}, {@link JsonSerializer}, and a - * {@link JsonDeserializer}. It is best used when a single object {@code typeAdapter} implements - * all the required interfaces for custom serialization with Gson. If a type adapter was - * previously registered for the specified {@code type}, it is overwritten. - * - *

    This registers the type specified and no other types: you must manually register related - * types! For example, applications registering {@code boolean.class} should also register {@code - * Boolean.class}. - * - * @param type the type definition for the type adapter being registered - * @param typeAdapter This object must implement at least one of the {@link TypeAdapter}, - * {@link InstanceCreator}, {@link JsonSerializer}, and a {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - */ - public GsonBuilder registerTypeAdapter(Type type, Object typeAdapter) { - return null; - } - - /** - * Register a factory for type adapters. Registering a factory is useful when the type - * adapter needs to be configured based on the type of the field being processed. Gson - * is designed to handle a large number of factories, so you should consider registering - * them to be at par with registering an individual type adapter. - * - * @since 2.1 - */ - public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory factory) { - return null; - } - - /** - * Configures Gson for custom serialization or deserialization for an inheritance type hierarchy. - * This method combines the registration of a {@link TypeAdapter}, {@link JsonSerializer} and - * a {@link JsonDeserializer}. If a type adapter was previously registered for the specified - * type hierarchy, it is overridden. If a type adapter is registered for a specific type in - * the type hierarchy, it will be invoked instead of the one registered for the type hierarchy. - * - * @param baseType the class definition for the type adapter being registered for the base class - * or interface - * @param typeAdapter This object must implement at least one of {@link TypeAdapter}, - * {@link JsonSerializer} or {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - * @since 1.7 - */ - public GsonBuilder registerTypeHierarchyAdapter(Class baseType, Object typeAdapter) { - return null; - } - - /** - * Creates a {@link Gson} instance based on the current configuration. This method is free of - * side-effects to this {@code GsonBuilder} instance and hence can be called multiple times. - * - * @return an instance of Gson configured with the options currently set in this builder - */ - public Gson create() { - return null; - } -} \ No newline at end of file +public class GsonBuilder +{ + public Gson create(){ return null; } + public GsonBuilder addDeserializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder addReflectionAccessFilter(ReflectionAccessFilter p0){ return null; } + public GsonBuilder addSerializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder disableHtmlEscaping(){ return null; } + public GsonBuilder disableInnerClassSerialization(){ return null; } + public GsonBuilder disableJdkUnsafe(){ return null; } + public GsonBuilder enableComplexMapKeySerialization(){ return null; } + public GsonBuilder excludeFieldsWithModifiers(int... p0){ return null; } + public GsonBuilder excludeFieldsWithoutExposeAnnotation(){ return null; } + public GsonBuilder generateNonExecutableJson(){ return null; } + public GsonBuilder registerTypeAdapter(Type p0, Object p1){ return null; } + public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory p0){ return null; } + public GsonBuilder registerTypeHierarchyAdapter(Class p0, Object p1){ return null; } + public GsonBuilder serializeNulls(){ return null; } + public GsonBuilder serializeSpecialFloatingPointValues(){ return null; } + public GsonBuilder setDateFormat(String p0){ return null; } + public GsonBuilder setDateFormat(int p0){ return null; } + public GsonBuilder setDateFormat(int p0, int p1){ return null; } + public GsonBuilder setExclusionStrategies(ExclusionStrategy... p0){ return null; } + public GsonBuilder setFieldNamingPolicy(FieldNamingPolicy p0){ return null; } + public GsonBuilder setFieldNamingStrategy(FieldNamingStrategy p0){ return null; } + public GsonBuilder setLenient(){ return null; } + public GsonBuilder setLongSerializationPolicy(LongSerializationPolicy p0){ return null; } + public GsonBuilder setNumberToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setObjectToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setPrettyPrinting(){ return null; } + public GsonBuilder setVersion(double p0){ return null; } + public GsonBuilder(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java new file mode 100644 index 00000000000..c4fbae6bc1f --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java @@ -0,0 +1,45 @@ +// Generated automatically from com.google.gson.JsonArray for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Iterator; +import java.util.List; + +public class JsonArray extends JsonElement implements Iterable +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public Iterator iterator(){ return null; } + public JsonArray deepCopy(){ return null; } + public JsonArray(){} + public JsonArray(int p0){} + public JsonElement get(int p0){ return null; } + public JsonElement remove(int p0){ return null; } + public JsonElement set(int p0, JsonElement p1){ return null; } + public List asList(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean contains(JsonElement p0){ return false; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isEmpty(){ return false; } + public boolean remove(JsonElement p0){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } + public void add(Boolean p0){} + public void add(Character p0){} + public void add(JsonElement p0){} + public void add(Number p0){} + public void add(String p0){} + public void addAll(JsonArray p0){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java new file mode 100644 index 00000000000..592fce2b672 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java @@ -0,0 +1,37 @@ +// Generated automatically from com.google.gson.JsonElement for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonNull; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import java.math.BigDecimal; +import java.math.BigInteger; + +abstract public class JsonElement +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonArray getAsJsonArray(){ return null; } + public JsonElement(){} + public JsonNull getAsJsonNull(){ return null; } + public JsonObject getAsJsonObject(){ return null; } + public JsonPrimitive getAsJsonPrimitive(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public String toString(){ return null; } + public abstract JsonElement deepCopy(); + public boolean getAsBoolean(){ return false; } + public boolean isJsonArray(){ return false; } + public boolean isJsonNull(){ return false; } + public boolean isJsonObject(){ return false; } + public boolean isJsonPrimitive(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java new file mode 100644 index 00000000000..e38275991eb --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java @@ -0,0 +1,14 @@ +// Generated automatically from com.google.gson.JsonNull for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public class JsonNull extends JsonElement +{ + public JsonNull deepCopy(){ return null; } + public JsonNull(){} + public boolean equals(Object p0){ return false; } + public int hashCode(){ return 0; } + public static JsonNull INSTANCE = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java new file mode 100644 index 00000000000..a37b5455b51 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java @@ -0,0 +1,33 @@ +// Generated automatically from com.google.gson.JsonObject for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonPrimitive; +import java.util.Map; +import java.util.Set; + +public class JsonObject extends JsonElement +{ + public JsonArray getAsJsonArray(String p0){ return null; } + public JsonElement get(String p0){ return null; } + public JsonElement remove(String p0){ return null; } + public JsonObject deepCopy(){ return null; } + public JsonObject getAsJsonObject(String p0){ return null; } + public JsonObject(){} + public JsonPrimitive getAsJsonPrimitive(String p0){ return null; } + public Map asMap(){ return null; } + public Set> entrySet(){ return null; } + public Set keySet(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean has(String p0){ return false; } + public boolean isEmpty(){ return false; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public void add(String p0, JsonElement p1){} + public void addProperty(String p0, Boolean p1){} + public void addProperty(String p0, Character p1){} + public void addProperty(String p0, Number p1){} + public void addProperty(String p0, String p1){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java new file mode 100644 index 00000000000..21ec07c4246 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java @@ -0,0 +1,34 @@ +// Generated automatically from com.google.gson.JsonPrimitive for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; + +public class JsonPrimitive extends JsonElement +{ + protected JsonPrimitive() {} + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonPrimitive deepCopy(){ return null; } + public JsonPrimitive(Boolean p0){} + public JsonPrimitive(Character p0){} + public JsonPrimitive(Number p0){} + public JsonPrimitive(String p0){} + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isBoolean(){ return false; } + public boolean isNumber(){ return false; } + public boolean isString(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java new file mode 100644 index 00000000000..0452deec4b9 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java @@ -0,0 +1,24 @@ +// Generated automatically from com.google.gson.LongSerializationPolicy for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public enum LongSerializationPolicy { + DEFAULT { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }, + STRING { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }; + + private LongSerializationPolicy() {} + + public abstract JsonElement serialize(Long p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java new file mode 100644 index 00000000000..ff91f103f62 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java @@ -0,0 +1,18 @@ +// Generated automatically from com.google.gson.ReflectionAccessFilter for testing purposes + +package com.google.gson; + + +public interface ReflectionAccessFilter +{ + ReflectionAccessFilter.FilterResult check(Class p0); + static ReflectionAccessFilter BLOCK_ALL_ANDROID = null; + static ReflectionAccessFilter BLOCK_ALL_JAVA = null; + static ReflectionAccessFilter BLOCK_ALL_PLATFORM = null; + static ReflectionAccessFilter BLOCK_INACCESSIBLE_JAVA = null; + static public enum FilterResult + { + ALLOW, BLOCK_ALL, BLOCK_INACCESSIBLE, INDECISIVE; + private FilterResult() {} + } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java new file mode 100644 index 00000000000..1c6ccb23111 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.ToNumberStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.stream.JsonReader; + +public interface ToNumberStrategy +{ + Number readNumber(JsonReader p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java index 73e6ef993b7..cdd0d1185b1 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java @@ -1,130 +1,23 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapter for testing purposes package com.google.gson; +import com.google.gson.JsonElement; import com.google.gson.stream.JsonReader; -import java.io.IOException; +import com.google.gson.stream.JsonWriter; import java.io.Reader; import java.io.Writer; -public abstract class TypeAdapter { - /** - * Converts {@code value} to a JSON document and writes it to {@code out}. - * Unlike Gson's similar {@link Gson#toJson(JsonElement, Appendable) toJson} - * method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final void toJson(Writer out, T value) throws IOException { - } - - /** - * This wrapper method is used to make a type adapter null tolerant. In general, a - * type adapter is required to handle nulls in write and read methods. Here is how this - * is typically done:
    - * 

       {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       if (in.peek() == JsonToken.NULL) {
-   *         in.nextNull();
-   *         return null;
-   *       }
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       if (src == null) {
-   *         out.nullValue();
-   *         return;
-   *       }
-   *       // write src as JSON to out
-   *     }
-   *   }).create();
-   * }
    - * You can avoid this boilerplate handling of nulls by wrapping your type adapter with - * this method. Here is how we will rewrite the above example: - * 
       {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       // write src as JSON to out
-   *     }
-   *   }.nullSafe()).create();
-   * }
    - * Note that we didn't need to check for nulls in our type adapter after we used nullSafe. - */ - public final TypeAdapter nullSafe() { - return null; - } - - /** - * Converts {@code value} to a JSON document. Unlike Gson's similar {@link - * Gson#toJson(Object) toJson} method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final String toJson(T value) { - return null; - } - - /** - * Reads one JSON value (an array, object, string, number, boolean or null) - * and converts it to a Java object. Returns the converted object. - * - * @return the converted Java object. May be null. - */ - public abstract T read(JsonReader in) throws IOException; - - /** - * Converts the JSON document in {@code in} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(java.io.Reader, Class) fromJson} method, this - * read is strict. Create a {@link JsonReader#setLenient(boolean) lenient} - * {@code JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(Reader in) throws IOException { - return null; - } - - /** - * Converts the JSON document in {@code json} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(String, Class) fromJson} method, this read is - * strict. Create a {@link JsonReader#setLenient(boolean) lenient} {@code - * JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(String json) throws IOException { - return null; - } +abstract public class TypeAdapter +{ + public TypeAdapter(){} + public abstract T read(JsonReader p0); + public abstract void write(JsonWriter p0, T p1); + public final JsonElement toJsonTree(T p0){ return null; } + public final String toJson(T p0){ return null; } + public final T fromJson(Reader p0){ return null; } + public final T fromJson(String p0){ return null; } + public final T fromJsonTree(JsonElement p0){ return null; } + public final TypeAdapter nullSafe(){ return null; } + public final void toJson(Writer p0, T p1){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java index d6cc8133712..6b3728f38b0 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java @@ -1,28 +1,12 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapterFactory for testing purposes package com.google.gson; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; import com.google.gson.reflect.TypeToken; -public interface TypeAdapterFactory { - - /** - * Returns a type adapter for {@code type}, or null if this factory doesn't - * support {@code type}. - */ - TypeAdapter create(Gson gson, TypeToken type); -} \ No newline at end of file +public interface TypeAdapterFactory +{ + com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java new file mode 100644 index 00000000000..dc05b0477c5 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java @@ -0,0 +1,25 @@ +// Generated automatically from com.google.gson.internal.Excluder for testing purposes + +package com.google.gson.internal; + +import com.google.gson.ExclusionStrategy; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.reflect.TypeToken; +import java.lang.reflect.Field; + +public class Excluder implements Cloneable, TypeAdapterFactory +{ + protected Excluder clone(){ return null; } + public com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder disableInnerClassSerialization(){ return null; } + public Excluder excludeFieldsWithoutExposeAnnotation(){ return null; } + public Excluder withExclusionStrategy(ExclusionStrategy p0, boolean p1, boolean p2){ return null; } + public Excluder withModifiers(int... p0){ return null; } + public Excluder withVersion(double p0){ return null; } + public Excluder(){} + public boolean excludeClass(Class p0, boolean p1){ return false; } + public boolean excludeField(Field p0, boolean p1){ return false; } + public static Excluder DEFAULT = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java index a35b2a45b85..ac3b84cb258 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java @@ -1,50 +1,22 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.reflect.TypeToken for testing purposes package com.google.gson.reflect; -/** - * Represents a generic type {@code T}. Java doesn't yet provide a way to - * represent generic types, so this class does. Forces clients to create a - * subclass of this class which enables retrieval the type information even at - * runtime. - * - *

    For example, to create a type literal for {@code List}, you can - * create an empty anonymous inner class: - * - *

    - * {@code TypeToken> list = new TypeToken>() {};} - * - *

    This syntax cannot be used to create type literals that have wildcard - * parameters, such as {@code Class} or {@code List}. - * - * @author Bob Lee - * @author Sven Mawson - * @author Jesse Wilson - */ -public class TypeToken { +import java.lang.reflect.Type; - /** - * Constructs a new type literal. Derives represented class from type - * parameter. - * - *

    Clients create an empty anonymous subclass. Doing so embeds the type - * parameter in the anonymous class's type hierarchy so we can reconstitute it - * at runtime despite erasure. - */ - protected TypeToken() { - } -} \ No newline at end of file +public class TypeToken +{ + protected TypeToken(){} + public boolean isAssignableFrom(Class p0){ return false; } + public boolean isAssignableFrom(Type p0){ return false; } + public boolean isAssignableFrom(TypeToken p0){ return false; } + public final String toString(){ return null; } + public final Type getType(){ return null; } + public final boolean equals(Object p0){ return false; } + public final int hashCode(){ return 0; } + public final java.lang.Class getRawType(){ return null; } + public static com.google.gson.reflect.TypeToken get(java.lang.Class p0){ return null; } + public static TypeToken get(Type p0){ return null; } + public static TypeToken getArray(Type p0){ return null; } + public static TypeToken getParameterized(Type p0, Type... p1){ return null; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java index 5d0d2ad112f..677d58d8cd8 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java @@ -1,66 +1,33 @@ +// Generated automatically from com.google.gson.stream.JsonReader for testing purposes + package com.google.gson.stream; +import com.google.gson.stream.JsonToken; import java.io.Closeable; -import java.io.IOException; import java.io.Reader; -public class JsonReader implements Closeable { - public JsonReader(Reader in) { - } - - public final void setLenient(boolean lenient) { - } - - public final boolean isLenient() { - return false; - } - - public void beginArray() throws IOException { - } - - public void endArray() throws IOException { - } - - public void beginObject() throws IOException { - } - - public void endObject() throws IOException { - } - - public boolean hasNext() throws IOException { - return false; - } - - public String nextName() throws IOException { - return null; - } - - public String nextString() throws IOException { - return null; - } - - public boolean nextBoolean() throws IOException { - return false; - } - - public void nextNull() throws IOException { - } - - public double nextDouble() throws IOException { - return -1; - } - - public long nextLong() throws IOException { - return -1; - } - - public int nextInt() throws IOException { - return -1; - } - - public void close() throws IOException { - } - - public void skipValue() throws IOException { - } -} \ No newline at end of file +public class JsonReader implements Closeable +{ + protected JsonReader() {} + public JsonReader(Reader p0){} + public JsonToken peek(){ return null; } + public String getPath(){ return null; } + public String getPreviousPath(){ return null; } + public String nextName(){ return null; } + public String nextString(){ return null; } + public String toString(){ return null; } + public boolean hasNext(){ return false; } + public boolean nextBoolean(){ return false; } + public double nextDouble(){ return 0; } + public final boolean isLenient(){ return false; } + public final void setLenient(boolean p0){} + public int nextInt(){ return 0; } + public long nextLong(){ return 0; } + public void beginArray(){} + public void beginObject(){} + public void close(){} + public void endArray(){} + public void endObject(){} + public void nextNull(){} + public void skipValue(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java new file mode 100644 index 00000000000..fbb2e7ac463 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.stream.JsonToken for testing purposes + +package com.google.gson.stream; + + +public enum JsonToken +{ + BEGIN_ARRAY, BEGIN_OBJECT, BOOLEAN, END_ARRAY, END_DOCUMENT, END_OBJECT, NAME, NULL, NUMBER, STRING; + private JsonToken() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java new file mode 100644 index 00000000000..282343f0bed --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java @@ -0,0 +1,36 @@ +// Generated automatically from com.google.gson.stream.JsonWriter for testing purposes + +package com.google.gson.stream; + +import java.io.Closeable; +import java.io.Flushable; +import java.io.Writer; + +public class JsonWriter implements Closeable, Flushable +{ + protected JsonWriter() {} + public JsonWriter beginArray(){ return null; } + public JsonWriter beginObject(){ return null; } + public JsonWriter endArray(){ return null; } + public JsonWriter endObject(){ return null; } + public JsonWriter jsonValue(String p0){ return null; } + public JsonWriter name(String p0){ return null; } + public JsonWriter nullValue(){ return null; } + public JsonWriter value(Boolean p0){ return null; } + public JsonWriter value(Number p0){ return null; } + public JsonWriter value(String p0){ return null; } + public JsonWriter value(boolean p0){ return null; } + public JsonWriter value(double p0){ return null; } + public JsonWriter value(float p0){ return null; } + public JsonWriter value(long p0){ return null; } + public JsonWriter(Writer p0){} + public boolean isLenient(){ return false; } + public final boolean getSerializeNulls(){ return false; } + public final boolean isHtmlSafe(){ return false; } + public final void setHtmlSafe(boolean p0){} + public final void setIndent(String p0){} + public final void setLenient(boolean p0){} + public final void setSerializeNulls(boolean p0){} + public void close(){} + public void flush(){} +} From 0151a728f8467d4af670803bb63b34b38fe65069 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 30 May 2023 17:53:03 +0200 Subject: [PATCH 158/210] Add change note --- java/ql/lib/change-notes/2023-05-30-gson-models.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/lib/change-notes/2023-05-30-gson-models.md diff --git a/java/ql/lib/change-notes/2023-05-30-gson-models.md b/java/ql/lib/change-notes/2023-05-30-gson-models.md new file mode 100644 index 00000000000..306d797ff1a --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-30-gson-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added dataflow models for the Gson deserialization library. From 70138448c3077624c36b4d52e9a04f27200471b6 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 30 May 2023 17:54:59 +0200 Subject: [PATCH 159/210] Visibility --- .../code/java/frameworks/google/GsonSerializability.qll | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index 470847f292e..dba25be7b22 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -4,9 +4,9 @@ */ import java -import semmle.code.java.Serializability -import semmle.code.java.dataflow.DataFlow -import semmle.code.java.dataflow.FlowSteps +private import semmle.code.java.Serializability +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.FlowSteps /** * A method used for deserializing objects using Gson. The first parameter is the object to be @@ -44,7 +44,7 @@ private class FieldReferencedGsonDeserializableType extends GsonDeserializableTy } /** A field that may be deserialized using the Gson JSON framework. */ -class GsonDeserializableField extends DeserializableField { +private class GsonDeserializableField extends DeserializableField { pragma[assume_small_delta] GsonDeserializableField() { exists(GsonDeserializableType superType | From a8c76388c0005f7ae1a5ab7637ba1b1b74a10667 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 May 2023 18:13:22 +0200 Subject: [PATCH 160/210] C++: Fix configuration names in comments in `cpp/invalid-pointer-deref` --- .../CWE/CWE-193/InvalidPointerDeref.ql | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index 07189cea9d9..edfd7a76a5f 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -81,8 +81,8 @@ predicate hasSize(HeuristicAllocationExpr alloc, DataFlow::Node n, int state) { * ``` * * We do this by splitting the task up into two configurations: - * 1. `AllocToInvalidPointerConf` find flow from `malloc(size)` to `begin + size`, and - * 2. `InvalidPointerToDerefConf` finds flow from `begin + size` to an `end` (on line 3). + * 1. `AllocToInvalidPointerConfig` find flow from `malloc(size)` to `begin + size`, and + * 2. `InvalidPointerToDerefConfig` finds flow from `begin + size` to an `end` (on line 3). * * Finally, the range-analysis library will find a load from (or store to) an address that * is non-strictly upper-bounded by `end` (which in this case is `*p`). @@ -180,7 +180,7 @@ predicate isSinkImpl( } /** - * Holds if `sink` is a sink for `InvalidPointerToDerefConf` and `i` is a `StoreInstruction` that + * Holds if `sink` is a sink for `InvalidPointerToDerefConfig` and `i` is a `StoreInstruction` that * writes to an address that non-strictly upper-bounds `sink`, or `i` is a `LoadInstruction` that * reads from an address that non-strictly upper-bounds `sink`. */ @@ -201,7 +201,7 @@ predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string o /** * A configuration to track flow from a pointer-arithmetic operation found - * by `AllocToInvalidPointerConf` to a dereference of the pointer. + * by `AllocToInvalidPointerConfig` to a dereference of the pointer. */ module InvalidPointerToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { invalidPointerToDerefSource(_, source, _) } @@ -237,12 +237,12 @@ predicate invalidPointerToDerefSource( } newtype TMergedPathNode = - // The path nodes computed by the first projection of `AllocToInvalidPointerConf` + // The path nodes computed by the first projection of `AllocToInvalidPointerConfig` TPathNode1(AllocToInvalidPointerFlow::PathNode1 p) or - // The path nodes computed by `InvalidPointerToDerefConf` + // The path nodes computed by `InvalidPointerToDerefConfig` TPathNode3(InvalidPointerToDerefFlow::PathNode p) or - // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConf`. - // This one is needed because the sink identified by `InvalidPointerToDerefConf` is the + // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConfig`. + // This one is needed because the sink identified by `InvalidPointerToDerefConfig` is the // pointer, but we want to raise an alert at the dereference. TPathNodeSink(Instruction i) { exists(DataFlow::Node n | @@ -335,8 +335,8 @@ query predicate subpaths( } /** - * Holds if `p1` is a sink of `AllocToInvalidPointerConf` and `p2` is a source - * of `InvalidPointerToDerefConf`, and they are connected through `pai`. + * Holds if `p1` is a sink of `AllocToInvalidPointerConfig` and `p2` is a source + * of `InvalidPointerToDerefConfig`, and they are connected through `pai`. */ predicate joinOn1( PointerArithmeticInstruction pai, AllocToInvalidPointerFlow::PathNode1 p1, @@ -347,7 +347,7 @@ predicate joinOn1( } /** - * Holds if `p1` is a sink of `InvalidPointerToDerefConf` and `i` is the instruction + * Holds if `p1` is a sink of `InvalidPointerToDerefConfig` and `i` is the instruction * that dereferences `p1`. The string `operation` describes whether the `i` is * a `StoreInstruction` or `LoadInstruction`. */ From de974cc18a4792e7329de3f4323f42e4485048b0 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 May 2023 18:15:59 +0200 Subject: [PATCH 161/210] C++: Add `cpp/invalid-pointer-deref` test case that shows some duplicate results --- .../InvalidPointerDeref.expected | 57 +++++++++++++++++++ .../CWE/CWE-193/pointer-deref/test.cpp | 8 +++ 2 files changed, 65 insertions(+) diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index 1487088ca9f..4c6693a9d20 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -671,6 +671,58 @@ edges | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:15:350:19 | Load: * ... | | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | | test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:355:14:355:27 | new[] | test.cpp:356:15:356:16 | xs | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:31 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:359:16:359:31 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | @@ -699,3 +751,8 @@ subpaths | test.cpp:333:5:333:21 | Store: ... = ... | test.cpp:325:14:325:27 | new[] | test.cpp:333:5:333:21 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:325:14:325:27 | new[] | new[] | test.cpp:326:20:326:23 | size | size | | test.cpp:341:5:341:21 | Store: ... = ... | test.cpp:325:14:325:27 | new[] | test.cpp:341:5:341:21 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:325:14:325:27 | new[] | new[] | test.cpp:326:20:326:23 | size | size | | test.cpp:350:15:350:19 | Load: * ... | test.cpp:347:14:347:27 | new[] | test.cpp:350:15:350:19 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:347:14:347:27 | new[] | new[] | test.cpp:348:20:348:23 | size | size | +| test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 2. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp index b6741535e42..3dfd8b89097 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp @@ -350,3 +350,11 @@ void test24(unsigned size) { int val = *xs++; // GOOD [FALSE POSITIVE] } } + +void test25(unsigned size) { + char *xs = new char[size]; + char *end = xs + size; + char *end_plus_one = end + 1; + int val1 = *end_plus_one; // BAD + int val2 = *(end_plus_one + 1); // BAD +} From f5ed02a43376a503b3efd2ce4aadf97520c628aa Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 May 2023 18:23:22 +0200 Subject: [PATCH 162/210] C++: Take into account the delta at the final sink in `cpp/invalid-pointer-deref` --- .../CWE/CWE-193/InvalidPointerDeref.ql | 26 +++++++++---------- .../InvalidPointerDeref.expected | 6 ----- 2 files changed, 13 insertions(+), 19 deletions(-) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index edfd7a76a5f..646843d077c 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -185,8 +185,8 @@ predicate isSinkImpl( * reads from an address that non-strictly upper-bounds `sink`. */ pragma[inline] -predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation) { - exists(AddressOperand addr, int delta | +predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation, int delta) { + exists(AddressOperand addr | bounded1(addr.getDef(), sink.asInstruction(), delta) and delta >= 0 and i.getAnOperand() = addr @@ -207,7 +207,7 @@ module InvalidPointerToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { invalidPointerToDerefSource(_, source, _) } pragma[inline] - predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _, _) } predicate isBarrier(DataFlow::Node node) { node = any(DataFlow::SsaPhiNode phi | not phi.isPhiRead()).getAnInput(true) @@ -247,7 +247,7 @@ newtype TMergedPathNode = TPathNodeSink(Instruction i) { exists(DataFlow::Node n | InvalidPointerToDerefFlow::flowTo(n) and - isInvalidPointerDerefSink(n, i, _) + isInvalidPointerDerefSink(n, i, _, _) ) } @@ -321,7 +321,7 @@ query predicate edges(MergedPathNode node1, MergedPathNode node2) { or node1.asPathNode3().getASuccessor() = node2.asPathNode3() or - joinOn2(node1.asPathNode3(), node2.asSinkNode(), _) + joinOn2(node1.asPathNode3(), node2.asSinkNode(), _, _) } query predicate subpaths( @@ -352,32 +352,32 @@ predicate joinOn1( * a `StoreInstruction` or `LoadInstruction`. */ pragma[inline] -predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation) { - isInvalidPointerDerefSink(p1.getNode(), i, operation) +predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation, int delta) { + isInvalidPointerDerefSink(p1.getNode(), i, operation, delta) } predicate hasFlowPath( MergedPathNode source1, MergedPathNode sink, InvalidPointerToDerefFlow::PathNode source3, - PointerArithmeticInstruction pai, string operation + PointerArithmeticInstruction pai, string operation, int delta ) { exists(InvalidPointerToDerefFlow::PathNode sink3, AllocToInvalidPointerFlow::PathNode1 sink1 | AllocToInvalidPointerFlow::flowPath(source1.asPathNode1(), _, sink1, _) and joinOn1(pai, sink1, source3) and InvalidPointerToDerefFlow::flowPath(source3, sink3) and - joinOn2(sink3, sink.asSinkNode(), operation) + joinOn2(sink3, sink.asSinkNode(), operation, delta) ) } from - MergedPathNode source, MergedPathNode sink, int k, string kstr, + MergedPathNode source, MergedPathNode sink, int k2, int k3, string kstr, InvalidPointerToDerefFlow::PathNode source3, PointerArithmeticInstruction pai, string operation, Expr offset, DataFlow::Node n where - hasFlowPath(source, sink, source3, pai, operation) and - invalidPointerToDerefSource(pai, source3.getNode(), k) and + hasFlowPath(source, sink, source3, pai, operation, k3) and + invalidPointerToDerefSource(pai, source3.getNode(), k2) and offset = pai.getRight().getUnconvertedResultExpression() and n = source.asPathNode1().getNode() and - if k = 0 then kstr = "" else kstr = " + " + k + if (k2 + k3) = 0 then kstr = "" else kstr = " + " + (k2 + k3) select sink, source, sink, "This " + operation + " might be out of bounds, as the pointer might be equal to $@ + $@" + kstr + ".", n, n.toString(), offset, offset.toString() diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index 4c6693a9d20..ba5363dc4fa 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -727,14 +727,11 @@ subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | -| test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:20:14:20:21 | Load: * ... | test.cpp:16:15:16:20 | call to malloc | test.cpp:20:14:20:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:16:15:16:20 | call to malloc | call to malloc | test.cpp:17:19:17:22 | size | size | | test.cpp:30:14:30:15 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:30:14:30:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | -| test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:42:14:42:15 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:42:14:42:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | -| test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:67:9:67:14 | Store: ... = ... | test.cpp:52:19:52:24 | call to malloc | test.cpp:67:9:67:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:52:19:52:24 | call to malloc | call to malloc | test.cpp:53:20:53:23 | size | size | | test.cpp:96:9:96:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:96:9:96:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | | test.cpp:110:9:110:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:110:9:110:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | @@ -752,7 +749,4 @@ subpaths | test.cpp:341:5:341:21 | Store: ... = ... | test.cpp:325:14:325:27 | new[] | test.cpp:341:5:341:21 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:325:14:325:27 | new[] | new[] | test.cpp:326:20:326:23 | size | size | | test.cpp:350:15:350:19 | Load: * ... | test.cpp:347:14:347:27 | new[] | test.cpp:350:15:350:19 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:347:14:347:27 | new[] | new[] | test.cpp:348:20:348:23 | size | size | | test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | -| test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | -| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | | test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 2. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | -| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | From dd30acf1e335445613f674ba855557fac25287fb Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 May 2023 18:43:01 +0200 Subject: [PATCH 163/210] C++: Add nodes query predicate to `cpp/invalid-pointer-deref` --- .../CWE/CWE-193/InvalidPointerDeref.ql | 8 + .../InvalidPointerDeref.expected | 327 ++++++++++++++++++ 2 files changed, 335 insertions(+) diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index 646843d077c..610eb572d8c 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -324,6 +324,14 @@ query predicate edges(MergedPathNode node1, MergedPathNode node2) { joinOn2(node1.asPathNode3(), node2.asSinkNode(), _, _) } +query predicate nodes(MergedPathNode n, string key, string val) { + AllocToInvalidPointerFlow::PathGraph1::nodes(n.asPathNode1(), key, val) + or + InvalidPointerToDerefFlow::PathGraph::nodes(n.asPathNode3(), key, val) + or + key = "semmle.label" and val = n.asSinkNode().toString() +} + query predicate subpaths( MergedPathNode arg, MergedPathNode par, MergedPathNode ret, MergedPathNode out ) { diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index ba5363dc4fa..6b4d039ee6b 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -723,6 +723,333 @@ edges | test.cpp:359:16:359:27 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | | test.cpp:359:16:359:27 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | | test.cpp:359:16:359:31 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +nodes +| test.cpp:4:15:4:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:5:15:5:15 | p | semmle.label | p | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:6:14:6:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:8:14:8:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:12:16:12:16 | q | semmle.label | q | +| test.cpp:16:15:16:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:17:15:17:15 | p | semmle.label | p | +| test.cpp:17:15:17:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:20:14:20:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:20:16:20:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:28:15:28:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:29:15:29:15 | p | semmle.label | p | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:30:14:30:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:32:14:32:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:36:16:36:16 | q | semmle.label | q | +| test.cpp:40:15:40:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:41:15:41:15 | p | semmle.label | p | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:42:14:42:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:44:14:44:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:48:16:48:16 | q | semmle.label | q | +| test.cpp:51:7:51:14 | mk_array indirection | semmle.label | mk_array indirection | +| test.cpp:51:33:51:35 | end | semmle.label | end | +| test.cpp:52:19:52:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:53:5:53:23 | ... = ... | semmle.label | ... = ... | +| test.cpp:53:12:53:16 | begin | semmle.label | begin | +| test.cpp:53:12:53:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:60:19:60:26 | call to mk_array | semmle.label | call to mk_array | +| test.cpp:60:34:60:37 | mk_array output argument | semmle.label | mk_array output argument | +| test.cpp:62:32:62:34 | end | semmle.label | end | +| test.cpp:62:39:62:39 | p | semmle.label | p | +| test.cpp:66:32:66:34 | end | semmle.label | end | +| test.cpp:66:39:66:39 | p | semmle.label | p | +| test.cpp:67:9:67:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:70:31:70:33 | end | semmle.label | end | +| test.cpp:70:38:70:38 | p | semmle.label | p | +| test.cpp:80:9:80:16 | mk_array indirection [begin] | semmle.label | mk_array indirection [begin] | +| test.cpp:80:9:80:16 | mk_array indirection [end] | semmle.label | mk_array indirection [end] | +| test.cpp:82:5:82:28 | ... = ... | semmle.label | ... = ... | +| test.cpp:82:9:82:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:82:17:82:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:83:5:83:30 | ... = ... | semmle.label | ... = ... | +| test.cpp:83:9:83:11 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:83:15:83:17 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:83:15:83:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:83:19:83:23 | begin | semmle.label | begin | +| test.cpp:83:19:83:23 | begin indirection | semmle.label | begin indirection | +| test.cpp:89:19:89:26 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:89:19:89:26 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:91:20:91:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:91:24:91:28 | begin | semmle.label | begin | +| test.cpp:91:24:91:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:91:36:91:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:91:40:91:42 | end | semmle.label | end | +| test.cpp:91:40:91:42 | end indirection | semmle.label | end indirection | +| test.cpp:91:47:91:47 | p | semmle.label | p | +| test.cpp:95:20:95:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:95:24:95:28 | begin | semmle.label | begin | +| test.cpp:95:24:95:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:95:36:95:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:95:40:95:42 | end | semmle.label | end | +| test.cpp:95:40:95:42 | end indirection | semmle.label | end indirection | +| test.cpp:95:47:95:47 | p | semmle.label | p | +| test.cpp:96:9:96:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:99:20:99:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:99:24:99:28 | begin | semmle.label | begin | +| test.cpp:99:24:99:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:99:35:99:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:99:39:99:41 | end | semmle.label | end | +| test.cpp:99:39:99:41 | end indirection | semmle.label | end indirection | +| test.cpp:99:46:99:46 | p | semmle.label | p | +| test.cpp:104:27:104:29 | arr [begin] | semmle.label | arr [begin] | +| test.cpp:104:27:104:29 | arr [end] | semmle.label | arr [end] | +| test.cpp:105:20:105:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:105:24:105:28 | begin | semmle.label | begin | +| test.cpp:105:24:105:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:105:36:105:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:105:40:105:42 | end | semmle.label | end | +| test.cpp:105:40:105:42 | end indirection | semmle.label | end indirection | +| test.cpp:105:47:105:47 | p | semmle.label | p | +| test.cpp:109:20:109:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:109:24:109:28 | begin | semmle.label | begin | +| test.cpp:109:24:109:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:109:36:109:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:109:40:109:42 | end | semmle.label | end | +| test.cpp:109:40:109:42 | end indirection | semmle.label | end indirection | +| test.cpp:109:47:109:47 | p | semmle.label | p | +| test.cpp:110:9:110:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:113:20:113:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:113:24:113:28 | begin | semmle.label | begin | +| test.cpp:113:24:113:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:113:35:113:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:113:39:113:41 | end | semmle.label | end | +| test.cpp:113:39:113:41 | end indirection | semmle.label | end indirection | +| test.cpp:113:46:113:46 | p | semmle.label | p | +| test.cpp:119:18:119:25 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:119:18:119:25 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:124:15:124:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:125:5:125:17 | ... = ... | semmle.label | ... = ... | +| test.cpp:125:9:125:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:126:15:126:15 | p | semmle.label | p | +| test.cpp:129:11:129:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:129:15:129:19 | begin | semmle.label | begin | +| test.cpp:129:15:129:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:133:11:133:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:133:15:133:19 | begin | semmle.label | begin | +| test.cpp:133:15:133:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:137:11:137:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:137:15:137:19 | begin | semmle.label | begin | +| test.cpp:137:15:137:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:141:10:141:19 | mk_array_p indirection [begin] | semmle.label | mk_array_p indirection [begin] | +| test.cpp:141:10:141:19 | mk_array_p indirection [end] | semmle.label | mk_array_p indirection [end] | +| test.cpp:143:5:143:29 | ... = ... | semmle.label | ... = ... | +| test.cpp:143:10:143:14 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:143:18:143:23 | call to malloc | semmle.label | call to malloc | +| test.cpp:144:5:144:32 | ... = ... | semmle.label | ... = ... | +| test.cpp:144:10:144:12 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:144:16:144:18 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:144:16:144:32 | ... + ... | semmle.label | ... + ... | +| test.cpp:144:21:144:25 | begin | semmle.label | begin | +| test.cpp:144:21:144:25 | begin indirection | semmle.label | begin indirection | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:152:20:152:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:152:25:152:29 | begin | semmle.label | begin | +| test.cpp:152:25:152:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:152:49:152:49 | p | semmle.label | p | +| test.cpp:156:20:156:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:156:25:156:29 | begin | semmle.label | begin | +| test.cpp:156:25:156:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:156:37:156:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:156:42:156:44 | end | semmle.label | end | +| test.cpp:156:42:156:44 | end indirection | semmle.label | end indirection | +| test.cpp:156:49:156:49 | p | semmle.label | p | +| test.cpp:157:9:157:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:160:20:160:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:160:25:160:29 | begin | semmle.label | begin | +| test.cpp:160:25:160:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:160:48:160:48 | p | semmle.label | p | +| test.cpp:165:29:165:31 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:165:29:165:31 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:20:166:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:166:25:166:29 | begin | semmle.label | begin | +| test.cpp:166:25:166:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:166:37:166:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:42:166:44 | end | semmle.label | end | +| test.cpp:166:42:166:44 | end indirection | semmle.label | end indirection | +| test.cpp:166:49:166:49 | p | semmle.label | p | +| test.cpp:170:20:170:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:170:25:170:29 | begin | semmle.label | begin | +| test.cpp:170:25:170:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:170:37:170:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:170:42:170:44 | end | semmle.label | end | +| test.cpp:170:42:170:44 | end indirection | semmle.label | end indirection | +| test.cpp:170:49:170:49 | p | semmle.label | p | +| test.cpp:171:9:171:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:174:20:174:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:174:25:174:29 | begin | semmle.label | begin | +| test.cpp:174:25:174:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:174:36:174:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:174:41:174:43 | end | semmle.label | end | +| test.cpp:174:41:174:43 | end indirection | semmle.label | end indirection | +| test.cpp:174:48:174:48 | p | semmle.label | p | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:188:15:188:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:189:15:189:15 | p | semmle.label | p | +| test.cpp:194:23:194:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:195:17:195:17 | p | semmle.label | p | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:197:8:197:8 | p | semmle.label | p | +| test.cpp:197:20:197:22 | end | semmle.label | end | +| test.cpp:201:5:201:5 | p | semmle.label | p | +| test.cpp:201:5:201:12 | access to array | semmle.label | access to array | +| test.cpp:201:5:201:19 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:205:23:205:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:206:17:206:17 | p | semmle.label | p | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:208:15:208:15 | p | semmle.label | p | +| test.cpp:209:12:209:14 | end | semmle.label | end | +| test.cpp:213:5:213:6 | * ... | semmle.label | * ... | +| test.cpp:213:5:213:13 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:221:17:221:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:222:5:222:5 | p | semmle.label | p | +| test.cpp:231:18:231:30 | new[] | semmle.label | new[] | +| test.cpp:232:3:232:9 | newname | semmle.label | newname | +| test.cpp:232:3:232:16 | access to array | semmle.label | access to array | +| test.cpp:232:3:232:20 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:238:20:238:32 | new[] | semmle.label | new[] | +| test.cpp:239:5:239:11 | newname | semmle.label | newname | +| test.cpp:239:5:239:18 | access to array | semmle.label | access to array | +| test.cpp:239:5:239:22 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:248:24:248:30 | call to realloc | semmle.label | call to realloc | +| test.cpp:249:9:249:9 | p | semmle.label | p | +| test.cpp:250:22:250:22 | p | semmle.label | p | +| test.cpp:254:9:254:9 | p | semmle.label | p | +| test.cpp:254:9:254:12 | access to array | semmle.label | access to array | +| test.cpp:254:9:254:16 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:260:13:260:24 | new[] | semmle.label | new[] | +| test.cpp:261:14:261:15 | xs | semmle.label | xs | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:31:262:31 | x | semmle.label | x | +| test.cpp:264:13:264:14 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:270:13:270:24 | new[] | semmle.label | new[] | +| test.cpp:271:14:271:15 | xs | semmle.label | xs | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:274:5:274:6 | * ... | semmle.label | * ... | +| test.cpp:274:5:274:10 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:280:13:280:24 | new[] | semmle.label | new[] | +| test.cpp:281:14:281:15 | xs | semmle.label | xs | +| test.cpp:290:13:290:24 | new[] | semmle.label | new[] | +| test.cpp:291:14:291:15 | xs | semmle.label | xs | +| test.cpp:292:30:292:30 | x | semmle.label | x | +| test.cpp:304:15:304:26 | new[] | semmle.label | new[] | +| test.cpp:307:5:307:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:11 | access to array | semmle.label | access to array | +| test.cpp:308:5:308:29 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:313:14:313:27 | new[] | semmle.label | new[] | +| test.cpp:314:15:314:16 | xs | semmle.label | xs | +| test.cpp:325:14:325:27 | new[] | semmle.label | new[] | +| test.cpp:326:15:326:16 | xs | semmle.label | xs | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:333:5:333:21 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:338:8:338:15 | * ... | semmle.label | * ... | +| test.cpp:341:5:341:21 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:341:8:341:17 | * ... | semmle.label | * ... | +| test.cpp:342:8:342:17 | * ... | semmle.label | * ... | +| test.cpp:347:14:347:27 | new[] | semmle.label | new[] | +| test.cpp:348:15:348:16 | xs | semmle.label | xs | +| test.cpp:350:15:350:19 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:355:14:355:27 | new[] | semmle.label | new[] | +| test.cpp:356:15:356:16 | xs | semmle.label | xs | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:26 | end | semmle.label | end | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:358:14:358:26 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:14:359:32 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:16:359:31 | ... + ... | semmle.label | ... + ... | subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | From 75f6355bd6950cff005897612d6b9ff518d0ba6b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 31 May 2023 04:06:22 +0000 Subject: [PATCH 164/210] Bump chrono from 0.4.25 to 0.4.26 in /ql Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.25 to 0.4.26. - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](https://github.com/chronotope/chrono/compare/v0.4.25...v0.4.26) --- updated-dependencies: - dependency-name: chrono dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- ql/Cargo.lock | Bin 31667 -> 31667 bytes ql/buramu/Cargo.toml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/ql/Cargo.lock b/ql/Cargo.lock index 76437a85e057d43e2bf6bd6efa08833e2d6e19f3..de833d37b96bcb4b4ef42188f3f137daa116c0b8 100644 GIT binary patch delta 84 zcmdn|opJMb#tpx@Co4My*rq017@H@W8ycIMCK*|znVFiJr6i@8npq|pnL--nIxO0rC3fDl$Y4NfJZnV0Gh5DegFUf delta 87 zcmWNJQ3~T>0g1>VhK>rasO6c4ut2wHTDx o{<8Q4^*J&Xk`%$w78KIV$=m@^7q!u00&~t@Fw(gXeZ4|BK3NPMyZ`_I diff --git a/ql/buramu/Cargo.toml b/ql/buramu/Cargo.toml index a84be37dbd7..13aaddaf989 100644 --- a/ql/buramu/Cargo.toml +++ b/ql/buramu/Cargo.toml @@ -7,6 +7,6 @@ edition = "2018" [dependencies] lazy_static = "1.4.0" -chrono = "0.4.25" +chrono = "0.4.26" rayon = "1.7.0" regex = "1.8.3" From fe26aca238ad02cd26198bca998a68066e581d94 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 31 May 2023 08:54:24 +0200 Subject: [PATCH 165/210] Remove non-ASCII character --- .../code/java/frameworks/google/GsonSerializability.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index dba25be7b22..1e41ad0c458 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -27,8 +27,8 @@ private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableTyp ma.getMethod() instanceof GsonReadValueMethod and // ...where `this` is used in the final argument, indicating that this type will be deserialized. // TODO: find a way to get the type represented by java.lang.reflect.Type and com.google.gson.reflect.TypeToken - // fromJson​(String json, TypeToken typeOfT) - // fromJson​(String json, Type typeOfT) + // fromJson(String json, TypeToken typeOfT) + // fromJson(String json, Type typeOfT) usesType(ma.getArgument(1).getType(), this) and not this instanceof TypeClass and not this instanceof TypeObject From a9811fe2c3c2fec4968f69e4a21ffa93ff213b6b Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 31 May 2023 10:51:42 +0100 Subject: [PATCH 166/210] Swift: Make Macro.getName() more efficient. --- cpp/ql/lib/semmle/code/cpp/Macro.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/semmle/code/cpp/Macro.qll b/cpp/ql/lib/semmle/code/cpp/Macro.qll index 4378cec4857..bd916d4bc4e 100644 --- a/cpp/ql/lib/semmle/code/cpp/Macro.qll +++ b/cpp/ql/lib/semmle/code/cpp/Macro.qll @@ -34,7 +34,7 @@ class Macro extends PreprocessorDirective, @ppd_define { * Gets the name of the macro. For example, `MAX` in * `#define MAX(x,y) (((x)>(y))?(x):(y))`. */ - string getName() { result = this.getHead().splitAt("(", 0) } + string getName() { result = this.getHead().regexpCapture("([^(]*+).*", 1) } /** Holds if the macro has name `name`. */ predicate hasName(string name) { this.getName() = name } From ace7b6b7116bf5dea1cfcd3bc6cef3ca65feb83b Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 31 May 2023 11:49:00 +0200 Subject: [PATCH 167/210] C++: Add `cpp/invalid-pointer-deref` FP test case --- .../pointer-deref/InvalidPointerDeref.expected | 17 +++++++++++++++++ .../Security/CWE/CWE-193/pointer-deref/test.cpp | 14 ++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index 6b4d039ee6b..09c75e7369c 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -723,6 +723,15 @@ edges | test.cpp:359:16:359:27 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | | test.cpp:359:16:359:27 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | | test.cpp:359:16:359:31 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:363:14:363:27 | new[] | test.cpp:365:15:365:15 | p | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:371:7:371:7 | p | test.cpp:372:15:372:16 | Load: * ... | +| test.cpp:372:16:372:16 | p | test.cpp:372:15:372:16 | Load: * ... | nodes | test.cpp:4:15:4:20 | call to malloc | semmle.label | call to malloc | | test.cpp:5:15:5:15 | p | semmle.label | p | @@ -1050,6 +1059,13 @@ nodes | test.cpp:359:14:359:32 | Load: * ... | semmle.label | Load: * ... | | test.cpp:359:16:359:27 | end_plus_one | semmle.label | end_plus_one | | test.cpp:359:16:359:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:363:14:363:27 | new[] | semmle.label | new[] | +| test.cpp:365:15:365:15 | p | semmle.label | p | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:371:7:371:7 | p | semmle.label | p | +| test.cpp:372:15:372:16 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:372:16:372:16 | p | semmle.label | p | subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | @@ -1077,3 +1093,4 @@ subpaths | test.cpp:350:15:350:19 | Load: * ... | test.cpp:347:14:347:27 | new[] | test.cpp:350:15:350:19 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:347:14:347:27 | new[] | new[] | test.cpp:348:20:348:23 | size | size | | test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | | test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 2. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:372:15:372:16 | Load: * ... | test.cpp:363:14:363:27 | new[] | test.cpp:372:15:372:16 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:363:14:363:27 | new[] | new[] | test.cpp:365:19:365:22 | size | size | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp index 3dfd8b89097..3711f272e76 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp @@ -358,3 +358,17 @@ void test25(unsigned size) { int val1 = *end_plus_one; // BAD int val2 = *(end_plus_one + 1); // BAD } + +void test26(unsigned size) { + char *xs = new char[size]; + char *p = xs; + char *end = p + size; + + if (p + 4 <= end) { + p += 4; + } + + if (p < end) { + int val = *p; // GOOD [FALSE POSITIVE] + } +} From 5981ce4cb1499480ba59a203dda82094c51aac49 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Wed, 31 May 2023 12:15:21 +0200 Subject: [PATCH 168/210] Swift: accept test output from failed CFG consistency queries --- .../decl/enumdecl/CONSISTENCY/CfgConsistency.expected | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected diff --git a/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected b/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected new file mode 100644 index 00000000000..4de95c00602 --- /dev/null +++ b/swift/ql/test/library-tests/elements/decl/enumdecl/CONSISTENCY/CfgConsistency.expected @@ -0,0 +1,10 @@ +deadEnd +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | +| file://:0:0:0:0 | ... = ... | From 282ee08ba9cf62db0b9fd911699bbedf4096ccb4 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 31 May 2023 13:26:35 +0200 Subject: [PATCH 169/210] Java: Fix GsonDeserializableField --- .../semmle/code/java/frameworks/google/GsonSerializability.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index 1e41ad0c458..f7de80daaf4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -50,8 +50,7 @@ private class GsonDeserializableField extends DeserializableField { exists(GsonDeserializableType superType | superType = this.getDeclaringType().getAnAncestor() and not superType instanceof TypeObject and - //superType.fromSource() - not superType.(RefType).getPackage().getName().matches("java%") + superType.fromSource() ) } } From 52eb7aee5e8168e4fb95eda7f15f711dccf7d7d5 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 31 May 2023 11:26:09 -0700 Subject: [PATCH 170/210] Revert "Merge pull request #13207 from MathiasVP/use-equiv-class-in-getInstruction" This reverts commit 5bc844c4c643370d030edd1222e447c1d3954500, reversing changes made to b2fb2aa0d1f2d88acef53c6324caaa025c46f29e. --- .../ir/implementation/aliased_ssa/IRBlock.qll | 22 ++++--------------- .../cpp/ir/implementation/raw/IRBlock.qll | 22 ++++--------------- .../implementation/unaliased_ssa/IRBlock.qll | 22 ++++--------------- .../ir/implementation/raw/IRBlock.qll | 22 ++++--------------- .../implementation/unaliased_ssa/IRBlock.qll | 22 ++++--------------- 5 files changed, 20 insertions(+), 90 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll index 4de4279b54c..78008a6c69b 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll @@ -255,28 +255,14 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Gets the index of `i` in its `IRBlock`. */ - private int getMemberIndex(Instruction i) { - startsBasicBlock(i) and - result = 0 - or - exists(Instruction iPrev | - adjacentInBlock(iPrev, i) and - result = getMemberIndex(iPrev) + 1 - ) - } - - private module BlockAdjacency = QlBuiltins::EquivalenceRelation; + /** Holds if `i` is the `index`th instruction the block starting with `first`. */ + private Instruction getInstructionFromFirst(Instruction first, int index) = + shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | block = MkIRBlock(first) | - first = result and index = 0 - or - index = getMemberIndex(result) and - BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) - ) + result = getInstructionFromFirst(getFirstInstruction(block), index) } cached diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll index 4de4279b54c..78008a6c69b 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll @@ -255,28 +255,14 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Gets the index of `i` in its `IRBlock`. */ - private int getMemberIndex(Instruction i) { - startsBasicBlock(i) and - result = 0 - or - exists(Instruction iPrev | - adjacentInBlock(iPrev, i) and - result = getMemberIndex(iPrev) + 1 - ) - } - - private module BlockAdjacency = QlBuiltins::EquivalenceRelation; + /** Holds if `i` is the `index`th instruction the block starting with `first`. */ + private Instruction getInstructionFromFirst(Instruction first, int index) = + shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | block = MkIRBlock(first) | - first = result and index = 0 - or - index = getMemberIndex(result) and - BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) - ) + result = getInstructionFromFirst(getFirstInstruction(block), index) } cached diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll index 4de4279b54c..78008a6c69b 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll @@ -255,28 +255,14 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Gets the index of `i` in its `IRBlock`. */ - private int getMemberIndex(Instruction i) { - startsBasicBlock(i) and - result = 0 - or - exists(Instruction iPrev | - adjacentInBlock(iPrev, i) and - result = getMemberIndex(iPrev) + 1 - ) - } - - private module BlockAdjacency = QlBuiltins::EquivalenceRelation; + /** Holds if `i` is the `index`th instruction the block starting with `first`. */ + private Instruction getInstructionFromFirst(Instruction first, int index) = + shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | block = MkIRBlock(first) | - first = result and index = 0 - or - index = getMemberIndex(result) and - BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) - ) + result = getInstructionFromFirst(getFirstInstruction(block), index) } cached diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll index 4de4279b54c..78008a6c69b 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll @@ -255,28 +255,14 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Gets the index of `i` in its `IRBlock`. */ - private int getMemberIndex(Instruction i) { - startsBasicBlock(i) and - result = 0 - or - exists(Instruction iPrev | - adjacentInBlock(iPrev, i) and - result = getMemberIndex(iPrev) + 1 - ) - } - - private module BlockAdjacency = QlBuiltins::EquivalenceRelation; + /** Holds if `i` is the `index`th instruction the block starting with `first`. */ + private Instruction getInstructionFromFirst(Instruction first, int index) = + shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | block = MkIRBlock(first) | - first = result and index = 0 - or - index = getMemberIndex(result) and - BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) - ) + result = getInstructionFromFirst(getFirstInstruction(block), index) } cached diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll index 4de4279b54c..78008a6c69b 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll @@ -255,28 +255,14 @@ private module Cached { cached newtype TIRBlock = MkIRBlock(Instruction firstInstr) { startsBasicBlock(firstInstr) } - /** Gets the index of `i` in its `IRBlock`. */ - private int getMemberIndex(Instruction i) { - startsBasicBlock(i) and - result = 0 - or - exists(Instruction iPrev | - adjacentInBlock(iPrev, i) and - result = getMemberIndex(iPrev) + 1 - ) - } - - private module BlockAdjacency = QlBuiltins::EquivalenceRelation; + /** Holds if `i` is the `index`th instruction the block starting with `first`. */ + private Instruction getInstructionFromFirst(Instruction first, int index) = + shortestDistances(startsBasicBlock/1, adjacentInBlock/2)(first, result, index) /** Holds if `i` is the `index`th instruction in `block`. */ cached Instruction getInstruction(TIRBlock block, int index) { - exists(Instruction first | block = MkIRBlock(first) | - first = result and index = 0 - or - index = getMemberIndex(result) and - BlockAdjacency::getEquivalenceClass(first) = BlockAdjacency::getEquivalenceClass(result) - ) + result = getInstructionFromFirst(getFirstInstruction(block), index) } cached From 0090429d5355797070c0839f854cda33dcce1fe1 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Wed, 24 May 2023 13:32:52 +0100 Subject: [PATCH 171/210] Kotlin: Support 1.9.0 --- docs/codeql/reusables/supported-versions-compilers.rst | 2 +- java/kotlin-extractor/kotlin_plugin_versions.py | 2 +- .../src/main/kotlin/KotlinFileExtractor.kt | 7 +++++-- java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md | 4 ++++ 4 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md diff --git a/docs/codeql/reusables/supported-versions-compilers.rst b/docs/codeql/reusables/supported-versions-compilers.rst index 93b826a94dd..da873041fb9 100644 --- a/docs/codeql/reusables/supported-versions-compilers.rst +++ b/docs/codeql/reusables/supported-versions-compilers.rst @@ -20,7 +20,7 @@ Java,"Java 7 to 20 [4]_","javac (OpenJDK and Oracle JDK), Eclipse compiler for Java (ECJ) [5]_",``.java`` - Kotlin [6]_,"Kotlin 1.5.0 to 1.8.20","kotlinc",``.kt`` + Kotlin [6]_,"Kotlin 1.5.0 to 1.9.0","kotlinc",``.kt`` JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [7]_" Python [8]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11",Not applicable,``.py`` Ruby [9]_,"up to 3.2",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``" diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index 4583551e12d..c5d9e433613 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -25,7 +25,7 @@ def version_string_to_tuple(version): ci_version = '1.8.10' # Version numbers in the list need to be in semantically increasing order -many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0' ] +many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0', '1.9.0-Beta' ] many_versions_tuples = [version_string_to_tuple(v) for v in many_versions] diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt index b93bfa369f5..a3bc20d9eda 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt @@ -366,7 +366,10 @@ open class KotlinFileExtractor( val typeArgs = removeOuterClassTypeArgs(c, argsIncludingOuterClasses) if (typeArgs != null) { - for ((idx, arg) in typeArgs.withIndex()) { + // From 1.9, the list might change when we call erase, + // so we make a copy that it is safe to iterate over. + val typeArgsCopy = typeArgs.toList() + for ((idx, arg) in typeArgsCopy.withIndex()) { val argId = getTypeArgumentLabel(arg).id tw.writeTypeArgs(argId, idx, id) } @@ -5531,7 +5534,7 @@ open class KotlinFileExtractor( return } - val typeOwner = e.typeOperandClassifier.owner + val typeOwner = e.typeOperand.classifierOrFail.owner if (typeOwner !is IrClass) { logger.errorElement("Expected to find SAM conversion to IrClass. Found '${typeOwner.javaClass}' instead. Can't implement SAM interface.", e) return diff --git a/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md new file mode 100644 index 00000000000..f3647cc5488 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Kotlin versions up to 1.9.0 are now supported. From a13678c35ca56ac1ab7daecd26d55ddf0a0deb6e Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Thu, 25 May 2023 14:06:58 +0100 Subject: [PATCH 172/210] Kotlin: Update expected test output --- .../diagnostics/kotlin-version-too-new/diagnostics.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected index 3397ea1bdef..36f7d9d0718 100644 --- a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected +++ b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected @@ -1,5 +1,5 @@ { - "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.8.30.", + "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.9.10.", "severity": "error", "source": { "extractorName": "java", From 82578af3498e385d5f549997b796448e3359e63e Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Wed, 31 May 2023 12:56:29 +0100 Subject: [PATCH 173/210] Kotlin: Use @files for compiler arguments Avoids problems with large line lengths. --- java/kotlin-extractor/build.py | 40 ++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/java/kotlin-extractor/build.py b/java/kotlin-extractor/build.py index b52ff05b00e..2735f6af1c1 100755 --- a/java/kotlin-extractor/build.py +++ b/java/kotlin-extractor/build.py @@ -80,25 +80,37 @@ def run_process(cmd, capture_output=False): errors='replace'), file=sys.stderr) raise e +def write_arg_file(arg_file, args): + with open(arg_file, 'w') as f: + for arg in args: + if "'" in arg: + raise Exception('Single quote in argument: ' + arg) + f.write("'" + arg.replace('\\', '/') + "'\n") -def compile_to_dir(srcs, classpath, java_classpath, output): +def compile_to_dir(build_dir, srcs, classpath, java_classpath, output): # Use kotlinc to compile .kt files: + kotlin_arg_file = build_dir + '/kotlin.args' + kotlin_args = ['-Werror', + '-opt-in=kotlin.RequiresOptIn', + '-d', output, + '-module-name', 'codeql-kotlin-extractor', + '-no-reflect', '-no-stdlib', + '-jvm-target', '1.8', + '-classpath', classpath] + srcs + write_arg_file(kotlin_arg_file, kotlin_args) run_process([kotlinc, - # kotlinc can default to 256M, which isn't enough when we are extracting the build - '-J-Xmx2G', - '-Werror', - '-opt-in=kotlin.RequiresOptIn', - '-d', output, - '-module-name', 'codeql-kotlin-extractor', - '-no-reflect', '-no-stdlib', - '-jvm-target', '1.8', - '-classpath', classpath] + srcs) + # kotlinc can default to 256M, which isn't enough when we are extracting the build + '-J-Xmx2G', + '@' + kotlin_arg_file]) # Use javac to compile .java files, referencing the Kotlin class files: - run_process([javac, - '-d', output, + java_arg_file = build_dir + '/java.args' + java_args = ['-d', output, '-source', '8', '-target', '8', - '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] + [s for s in srcs if s.endswith(".java")]) + '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] \ + + [s for s in srcs if s.endswith(".java")] + write_arg_file(java_arg_file, java_args) + run_process([javac, '@' + java_arg_file]) def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, output): @@ -108,7 +120,7 @@ def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, outp shutil.rmtree(class_dir) os.makedirs(class_dir) - compile_to_dir(srcs, classpath, java_classpath, class_dir) + compile_to_dir(build_dir, srcs, classpath, java_classpath, class_dir) run_process(['jar', 'cf', output, '-C', class_dir, '.', From d24d8b16266a1758d8e5ff86e7566865b5b02826 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 11:56:45 -0400 Subject: [PATCH 174/210] Java: update sql sink kind to sql-injection --- java/ql/lib/ext/android.content.model.yml | 16 +-- java/ql/lib/ext/android.database.model.yml | 14 +-- .../lib/ext/android.database.sqlite.model.yml | 104 +++++++++--------- java/ql/lib/ext/java.sql.model.yml | 18 +-- ...apache.hadoop.hive.metastore.api.model.yml | 3 +- ...org.apache.hadoop.hive.metastore.model.yml | 5 +- ...g.apache.hive.hcatalog.templeton.model.yml | 3 +- .../lib/ext/org.apache.ibatis.jdbc.model.yml | 12 +- java/ql/lib/ext/org.hibernate.model.yml | 8 +- java/ql/lib/ext/org.hibernate.query.model.yml | 6 +- java/ql/lib/ext/org.jooq.model.yml | 2 +- .../org.springframework.jdbc.core.model.yml | 20 ++-- .../org.springframework.jdbc.object.model.yml | 18 +-- .../code/java/dataflow/ExternalFlow.qll | 10 +- .../code/java/security/QueryInjection.qll | 2 +- 15 files changed, 119 insertions(+), 122 deletions(-) diff --git a/java/ql/lib/ext/android.content.model.yml b/java/ql/lib/ext/android.content.model.yml index 89368acc04e..bee6bae8d44 100644 --- a/java/ql/lib/ext/android.content.model.yml +++ b/java/ql/lib/ext/android.content.model.yml @@ -39,14 +39,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] + - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-start", "manual"] diff --git a/java/ql/lib/ext/android.database.model.yml b/java/ql/lib/ext/android.database.model.yml index 22157da6755..c0ff4dd5f39 100644 --- a/java/ql/lib/ext/android.database.model.yml +++ b/java/ql/lib/ext/android.database.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] + - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.database.sqlite.model.yml b/java/ql/lib/ext/android.database.sqlite.model.yml index 169c7870da4..d40ae8c1ee3 100644 --- a/java/ql/lib/ext/android.database.sqlite.model.yml +++ b/java/ql/lib/ext/android.database.sqlite.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 87e0fca7f9b..ec0aa84fd21 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql", "ai-manual"] - - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql", "ai-manual"] + - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] + - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql", "manual"] + - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml index 9189c6ab1fd..60d2d0c0153 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml index da335795194..bc902f548fd 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml @@ -3,6 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "ai-manual"] - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql-injection", "ai-manual"] + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml index 3f980bdbb3f..35c0e9f27a3 100644 --- a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml +++ b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql", "ai-manual"] - + - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml index e966d7bd735..e1b37b8f851 100644 --- a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml +++ b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.hibernate.model.yml b/java/ql/lib/ext/org.hibernate.model.yml index ffa483ec742..c6a18bb1350 100644 --- a/java/ql/lib/ext/org.hibernate.model.yml +++ b/java/ql/lib/ext/org.hibernate.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.hibernate.query.model.yml b/java/ql/lib/ext/org.hibernate.query.model.yml index 6281a33caa5..bb6232c1fcd 100644 --- a/java/ql/lib/ext/org.hibernate.query.model.yml +++ b/java/ql/lib/ext/org.hibernate.query.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.jooq.model.yml b/java/ql/lib/ext/org.jooq.model.yml index cf7fc22a923..b7538263a31 100644 --- a/java/ql/lib/ext/org.jooq.model.yml +++ b/java/ql/lib/ext/org.jooq.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql", "manual"] + - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml index 9374293d0bb..38d91bb3090 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml index 413e29e2631..192e9263f0a 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql", "manual"] + - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 4cb21496f5f..d511d4da293 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -274,11 +274,11 @@ module ModelValidation { exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap", "sql", "jdbc-url", "logging", "mvel", "xpath", - "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirect", - "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", - "information-leak", "xslt", "jexl", "bean-validation", "ssti", "fragment-injection", - "command-injection" + "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "logging", "mvel", + "xpath", "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", + "url-redirect", "create-file", "read-file", "write-file", "set-hostname-verifier", + "header-splitting", "information-leak", "xslt", "jexl", "bean-validation", "ssti", + "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/QueryInjection.qll b/java/ql/lib/semmle/code/java/security/QueryInjection.qll index fda91647bcd..217d80bf170 100644 --- a/java/ql/lib/semmle/code/java/security/QueryInjection.qll +++ b/java/ql/lib/semmle/code/java/security/QueryInjection.qll @@ -25,7 +25,7 @@ class AdditionalQueryInjectionTaintStep extends Unit { /** A sink for SQL injection vulnerabilities. */ private class SqlInjectionSink extends QueryInjectionSink { - SqlInjectionSink() { sinkNode(this, "sql") } + SqlInjectionSink() { sinkNode(this, "sql-injection") } } /** A sink for Java Persistence Query Language injection vulnerabilities. */ From 55be2e5b6766b8e21d5d05753ddeccd47075289a Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 11:58:07 -0400 Subject: [PATCH 175/210] Java: update url-redirect sink kind to url-redirection --- java/ql/lib/ext/jakarta.ws.rs.core.model.yml | 4 ++-- java/ql/lib/ext/javax.ws.rs.core.model.yml | 4 ++-- java/ql/lib/ext/org.geogebra.web.full.main.model.yml | 2 +- java/ql/lib/ext/org.kohsuke.stapler.model.yml | 2 +- java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 +- java/ql/lib/semmle/code/java/security/UrlRedirect.qll | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml index a13bb2189d1..739f61df8b8 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.ws.rs.core.model.yml b/java/ql/lib/ext/javax.ws.rs.core.model.yml index b73078a5ae5..cf94b255176 100644 --- a/java/ql/lib/ext/javax.ws.rs.core.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.core.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] + - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "header-splitting", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml index c6719b6a97e..914a60fe38a 100644 --- a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml +++ b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml @@ -4,4 +4,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirect", "ai-manual"] + - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirection", "ai-manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.model.yml index a3ae44a683b..7b6dea2e669 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirect", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirection", "ai-manual"] - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index d511d4da293..48725115430 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -276,7 +276,7 @@ module ModelValidation { [ "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "logging", "mvel", "xpath", "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", - "url-redirect", "create-file", "read-file", "write-file", "set-hostname-verifier", + "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", "bean-validation", "ssti", "fragment-injection", "command-injection" ] and diff --git a/java/ql/lib/semmle/code/java/security/UrlRedirect.qll b/java/ql/lib/semmle/code/java/security/UrlRedirect.qll index f4fc862ab53..fdd09fe8957 100644 --- a/java/ql/lib/semmle/code/java/security/UrlRedirect.qll +++ b/java/ql/lib/semmle/code/java/security/UrlRedirect.qll @@ -12,7 +12,7 @@ abstract class UrlRedirectSink extends DataFlow::Node { } /** A default sink represeting methods susceptible to URL redirection attacks. */ private class DefaultUrlRedirectSink extends UrlRedirectSink { - DefaultUrlRedirectSink() { sinkNode(this, "url-redirect") } + DefaultUrlRedirectSink() { sinkNode(this, "url-redirection") } } /** A Servlet URL redirection sink. */ From fc58d10a4e843564121391a340c4f104e7d5c3d1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:00:28 -0400 Subject: [PATCH 176/210] Java: update xpath sink kind to xpath-injection --- java/ql/lib/ext/javax.xml.xpath.model.yml | 6 ++-- java/ql/lib/ext/org.dom4j.model.yml | 30 +++++++++---------- java/ql/lib/ext/org.dom4j.tree.model.yml | 4 +-- java/ql/lib/ext/org.dom4j.util.model.yml | 6 ++-- .../code/java/dataflow/ExternalFlow.qll | 8 ++--- .../lib/semmle/code/java/security/XPath.qll | 2 +- 6 files changed, 28 insertions(+), 28 deletions(-) diff --git a/java/ql/lib/ext/javax.xml.xpath.model.yml b/java/ql/lib/ext/javax.xml.xpath.model.yml index 68f51a34a2e..6cad83433b6 100644 --- a/java/ql/lib/ext/javax.xml.xpath.model.yml +++ b/java/ql/lib/ext/javax.xml.xpath.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath", "manual"] + - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.model.yml b/java/ql/lib/ext/org.dom4j.model.yml index b2e5c2ed379..f54c817d966 100644 --- a/java/ql/lib/ext/org.dom4j.model.yml +++ b/java/ql/lib/ext/org.dom4j.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.tree.model.yml b/java/ql/lib/ext/org.dom4j.tree.model.yml index 0896937bb16..3117806aa6e 100644 --- a/java/ql/lib/ext/org.dom4j.tree.model.yml +++ b/java/ql/lib/ext/org.dom4j.tree.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.util.model.yml b/java/ql/lib/ext/org.dom4j.util.model.yml index d7dc55cd145..530652f2ede 100644 --- a/java/ql/lib/ext/org.dom4j.util.model.yml +++ b/java/ql/lib/ext/org.dom4j.util.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 48725115430..b61aa86f3d5 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -275,10 +275,10 @@ module ModelValidation { not kind = [ "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "logging", "mvel", - "xpath", "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", - "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", - "header-splitting", "information-leak", "xslt", "jexl", "bean-validation", "ssti", - "fragment-injection", "command-injection" + "xpath-injection", "groovy", "xss", "ognl-injection", "intent-start", + "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", + "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", + "bean-validation", "ssti", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/XPath.qll b/java/ql/lib/semmle/code/java/security/XPath.qll index c8b1077990d..573d6530b33 100644 --- a/java/ql/lib/semmle/code/java/security/XPath.qll +++ b/java/ql/lib/semmle/code/java/security/XPath.qll @@ -13,7 +13,7 @@ abstract class XPathInjectionSink extends DataFlow::Node { } /** A default sink representing methods susceptible to XPath Injection attacks. */ private class DefaultXPathInjectionSink extends XPathInjectionSink { DefaultXPathInjectionSink() { - sinkNode(this, "xpath") + sinkNode(this, "xpath-injection") or exists(ClassInstanceExpr constructor | constructor.getConstructedType().getASourceSupertype*().hasQualifiedName("org.dom4j", "XPath") From 8c4b394e1ab231f070ea05067593dd9fee864c02 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:01:24 -0400 Subject: [PATCH 177/210] Java: update ssti sink kind to template-injection --- java/ql/lib/ext/com.hubspot.jinjava.model.yml | 4 ++-- .../lib/ext/com.mitchellbosecke.pebble.model.yml | 4 ++-- java/ql/lib/ext/freemarker.cache.model.yml | 2 +- java/ql/lib/ext/freemarker.template.model.yml | 14 +++++++------- java/ql/lib/ext/org.apache.velocity.app.model.yml | 8 ++++---- .../lib/ext/org.apache.velocity.runtime.model.yml | 6 +++--- ...apache.velocity.runtime.resource.util.model.yml | 2 +- java/ql/lib/ext/org.thymeleaf.model.yml | 4 ++-- .../lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 +- .../code/java/security/TemplateInjection.qll | 2 +- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/java/ql/lib/ext/com.hubspot.jinjava.model.yml b/java/ql/lib/ext/com.hubspot.jinjava.model.yml index 2172da483f8..9c8866c9c14 100644 --- a/java/ql/lib/ext/com.hubspot.jinjava.model.yml +++ b/java/ql/lib/ext/com.hubspot.jinjava.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "ssti", "manual"] - - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "ssti", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml index 74b227da1dd..72c466af08c 100644 --- a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml +++ b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "ssti", "manual"] - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "ssti", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/freemarker.cache.model.yml b/java/ql/lib/ext/freemarker.cache.model.yml index b65e6386ad6..b09961f0686 100644 --- a/java/ql/lib/ext/freemarker.cache.model.yml +++ b/java/ql/lib/ext/freemarker.cache.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "ssti", "manual"] + - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/freemarker.template.model.yml b/java/ql/lib/ext/freemarker.template.model.yml index 96087a2b9ba..afc9579719d 100644 --- a/java/ql/lib/ext/freemarker.template.model.yml +++ b/java/ql/lib/ext/freemarker.template.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "ssti", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.app.model.yml b/java/ql/lib/ext/org.apache.velocity.app.model.yml index 1afc328b882..307f534d3ea 100644 --- a/java/ql/lib/ext/org.apache.velocity.app.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.app.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml index a8f740a2301..68f4e16fc5a 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "ssti", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml index 4d3ce4c37ed..a204fb0711d 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "ssti", "manual"] + - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.thymeleaf.model.yml b/java/ql/lib/ext/org.thymeleaf.model.yml index 66361b05836..2556cad8314 100644 --- a/java/ql/lib/ext/org.thymeleaf.model.yml +++ b/java/ql/lib/ext/org.thymeleaf.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "ssti", "manual"] - - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "ssti", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "template-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index b61aa86f3d5..a22dbd6b5e8 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -278,7 +278,7 @@ module ModelValidation { "xpath-injection", "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", - "bean-validation", "ssti", "fragment-injection", "command-injection" + "bean-validation", "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll index b8625556c7a..bd568355886 100644 --- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll +++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll @@ -66,7 +66,7 @@ private class DefaultTemplateInjectionSource extends TemplateInjectionSource ins { } private class DefaultTemplateInjectionSink extends TemplateInjectionSink { - DefaultTemplateInjectionSink() { sinkNode(this, "ssti") } + DefaultTemplateInjectionSink() { sinkNode(this, "template-injection") } } private class DefaultTemplateInjectionSanitizer extends TemplateInjectionSanitizer { From 430010daa377832238ef4fea3805448c6e831107 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:02:09 -0400 Subject: [PATCH 178/210] Java: update logging sink kind to log-injection --- java/ql/lib/ext/android.util.model.yml | 12 +- .../ext/com.google.common.flogger.model.yml | 58 +- java/ql/lib/ext/java.lang.model.yml | 16 +- java/ql/lib/ext/java.util.logging.model.yml | 68 +- .../ext/org.apache.commons.logging.model.yml | 12 +- java/ql/lib/ext/org.apache.log4j.model.yml | 22 +- .../ext/org.apache.logging.log4j.model.yml | 718 +++++++++--------- java/ql/lib/ext/org.jboss.logging.model.yml | 648 ++++++++-------- java/ql/lib/ext/org.scijava.log.model.yml | 26 +- java/ql/lib/ext/org.slf4j.model.yml | 100 +-- java/ql/lib/ext/org.slf4j.spi.model.yml | 10 +- .../code/java/dataflow/ExternalFlow.qll | 4 +- .../code/java/security/LogInjection.qll | 2 +- .../java/security/SensitiveLoggingQuery.qll | 4 +- .../internal/CaptureModelsSpecific.qll | 2 +- 15 files changed, 851 insertions(+), 851 deletions(-) diff --git a/java/ql/lib/ext/android.util.model.yml b/java/ql/lib/ext/android.util.model.yml index b57ff4819a7..eaf9d142f54 100644 --- a/java/ql/lib/ext/android.util.model.yml +++ b/java/ql/lib/ext/android.util.model.yml @@ -23,9 +23,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.util", "Log", True, "d", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "e", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "i", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "v", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "w", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "logging", "manual"] + - ["android.util", "Log", True, "d", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "e", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "i", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "v", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "w", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/com.google.common.flogger.model.yml b/java/ql/lib/ext/com.google.common.flogger.model.yml index b9a800b6210..23ae9236fd7 100644 --- a/java/ql/lib/ext/com.google.common.flogger.model.yml +++ b/java/ql/lib/ext/com.google.common.flogger.model.yml @@ -3,32 +3,32 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "logging", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index bbb269b3d55..b5db4e60f58 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -29,14 +29,14 @@ extensions: # These are modeled in plain CodeQL. TODO: migrate them. # - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. # - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. - - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.util.logging.model.yml b/java/ql/lib/ext/java.util.logging.model.yml index 05d7aa62a70..330a2d469a8 100644 --- a/java/ql/lib/ext/java.util.logging.model.yml +++ b/java/ql/lib/ext/java.util.logging.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "logging", "manual"] + - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.commons.logging.model.yml b/java/ql/lib/ext/org.apache.commons.logging.model.yml index 8f40e26f2a1..7e2be01c522 100644 --- a/java/ql/lib/ext/org.apache.commons.logging.model.yml +++ b/java/ql/lib/ext/org.apache.commons.logging.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.log4j.model.yml b/java/ql/lib/ext/org.apache.log4j.model.yml index 309f238111b..e27bdef0fbf 100644 --- a/java/ql/lib/ext/org.apache.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.log4j.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.logging.log4j.model.yml b/java/ql/lib/ext/org.apache.logging.log4j.model.yml index 5ffe10450a0..2c48df24365 100644 --- a/java/ql/lib/ext/org.apache.logging.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.logging.log4j.model.yml @@ -3,365 +3,365 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.jboss.logging.model.yml b/java/ql/lib/ext/org.jboss.logging.model.yml index 069ae852b77..31636f1a6a3 100644 --- a/java/ql/lib/ext/org.jboss.logging.model.yml +++ b/java/ql/lib/ext/org.jboss.logging.model.yml @@ -3,327 +3,327 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.scijava.log.model.yml b/java/ql/lib/ext/org.scijava.log.model.yml index 303dbae27e2..ad53130cd07 100644 --- a/java/ql/lib/ext/org.scijava.log.model.yml +++ b/java/ql/lib/ext/org.scijava.log.model.yml @@ -3,16 +3,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.model.yml b/java/ql/lib/ext/org.slf4j.model.yml index 6ff2f31847d..e714155b3f2 100644 --- a/java/ql/lib/ext/org.slf4j.model.yml +++ b/java/ql/lib/ext/org.slf4j.model.yml @@ -3,53 +3,53 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.spi.model.yml b/java/ql/lib/ext/org.slf4j.spi.model.yml index 197131b6e17..a1d5c498c33 100644 --- a/java/ql/lib/ext/org.slf4j.spi.model.yml +++ b/java/ql/lib/ext/org.slf4j.spi.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index a22dbd6b5e8..17a364b7e2e 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -274,8 +274,8 @@ module ModelValidation { exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "logging", "mvel", - "xpath-injection", "groovy", "xss", "ognl-injection", "intent-start", + "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", + "mvel", "xpath-injection", "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", "bean-validation", "template-injection", "fragment-injection", "command-injection" diff --git a/java/ql/lib/semmle/code/java/security/LogInjection.qll b/java/ql/lib/semmle/code/java/security/LogInjection.qll index e60e6ed9a7f..2314d807a60 100644 --- a/java/ql/lib/semmle/code/java/security/LogInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LogInjection.qll @@ -27,7 +27,7 @@ class LogInjectionAdditionalTaintStep extends Unit { } private class DefaultLogInjectionSink extends LogInjectionSink { - DefaultLogInjectionSink() { sinkNode(this, "logging") } + DefaultLogInjectionSink() { sinkNode(this, "log-injection") } } private class DefaultLogInjectionSanitizer extends LogInjectionSanitizer { diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll index d9ed2b970b0..984c9f6fcaa 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll @@ -35,7 +35,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } override predicate isSanitizer(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or @@ -52,7 +52,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati module SensitiveLoggerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } predicate isBarrier(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll index fcc1ef97ecc..8583e793fc9 100644 --- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll +++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll @@ -250,7 +250,7 @@ string asInputArgumentSpecific(DataFlow::Node source) { */ bindingset[kind] predicate isRelevantSinkKind(string kind) { - not kind = "logging" and + not kind = "log-injection" and not kind.matches("regex-use%") and not kind = "write-file" } From 6431d370c1031bc1f682855a3b65e16533db56cc Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 30 May 2023 12:58:56 -0400 Subject: [PATCH 179/210] Java: update groovy sink kind to groovy-injection --- java/ql/lib/ext/groovy.lang.model.yml | 54 +++++++++---------- java/ql/lib/ext/groovy.util.model.yml | 10 ++-- .../ext/org.codehaus.groovy.control.model.yml | 2 +- .../code/java/dataflow/ExternalFlow.qll | 2 +- .../code/java/security/GroovyInjection.qll | 2 +- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/java/ql/lib/ext/groovy.lang.model.yml b/java/ql/lib/ext/groovy.lang.model.yml index 815beb99041..7c6ac81d1ab 100644 --- a/java/ql/lib/ext/groovy.lang.model.yml +++ b/java/ql/lib/ext/groovy.lang.model.yml @@ -3,30 +3,30 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.text", "TemplateEngine", True, "createTemplate", "", "", "Argument[0]", "groovy", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.text", "TemplateEngine", True, "createTemplate", "", "", "Argument[0]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/groovy.util.model.yml b/java/ql/lib/ext/groovy.util.model.yml index 61d1dbb6a05..f0a979e2ce8 100644 --- a/java/ql/lib/ext/groovy.util.model.yml +++ b/java/ql/lib/ext/groovy.util.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy", "manual"] + - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml index 61ec26f4482..fdccc85e6a9 100644 --- a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml +++ b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy", "manual"] + - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 17a364b7e2e..cae2226cb68 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -275,7 +275,7 @@ module ModelValidation { not kind = [ "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", - "mvel", "xpath-injection", "groovy", "xss", "ognl-injection", "intent-start", + "mvel", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", "bean-validation", "template-injection", "fragment-injection", "command-injection" diff --git a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll index 54ea8afce91..b4fe2fd5e84 100644 --- a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll +++ b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll @@ -21,7 +21,7 @@ class GroovyInjectionAdditionalTaintStep extends Unit { } private class DefaultGroovyInjectionSink extends GroovyInjectionSink { - DefaultGroovyInjectionSink() { sinkNode(this, "groovy") } + DefaultGroovyInjectionSink() { sinkNode(this, "groovy-injection") } } /** A set of additional taint steps to consider when taint tracking Groovy related data flows. */ From 6cee0c4c7553218ef3a6f15e3e7dc8fff0607bc1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:04:39 -0400 Subject: [PATCH 180/210] Java: update jexl sink kind to jexl-injection --- .../ext/org.apache.commons.jexl2.model.yml | 30 +++++++++---------- .../ext/org.apache.commons.jexl3.model.yml | 30 +++++++++---------- .../code/java/dataflow/ExternalFlow.qll | 2 +- .../code/java/security/JexlInjectionQuery.qll | 2 +- 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml index f7ad474114e..8e224f5f20f 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml index cbe04fc3e60..e2fee2fcb3d 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index cae2226cb68..78197f16ce3 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,7 +277,7 @@ module ModelValidation { "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", "mvel", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", - "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl", + "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and diff --git a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll index 4138b851e85..dd877720495 100644 --- a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll @@ -13,7 +13,7 @@ abstract class JexlEvaluationSink extends DataFlow::ExprNode { } /** Default sink for JXEL injection vulnerabilities. */ private class DefaultJexlEvaluationSink extends JexlEvaluationSink { - DefaultJexlEvaluationSink() { sinkNode(this, "jexl") } + DefaultJexlEvaluationSink() { sinkNode(this, "jexl-injection") } } /** From cea97b3f2a8f22bb9fd4b5bc3c16964676e58810 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:05:39 -0400 Subject: [PATCH 181/210] Java: update mvel sink kind to mvel-injection --- java/ql/lib/ext/javax.script.model.yml | 2 +- java/ql/lib/ext/org.mvel2.compiler.model.yml | 8 ++++---- java/ql/lib/ext/org.mvel2.jsr223.model.yml | 6 +++--- java/ql/lib/ext/org.mvel2.model.yml | 14 +++++++------- java/ql/lib/ext/org.mvel2.templates.model.yml | 4 ++-- .../lib/semmle/code/java/dataflow/ExternalFlow.qll | 9 +++++---- .../semmle/code/java/security/MvelInjection.qll | 2 +- 7 files changed, 23 insertions(+), 22 deletions(-) diff --git a/java/ql/lib/ext/javax.script.model.yml b/java/ql/lib/ext/javax.script.model.yml index 0dcc6adb3d7..dcec679640f 100644 --- a/java/ql/lib/ext/javax.script.model.yml +++ b/java/ql/lib/ext/javax.script.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] + - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.compiler.model.yml b/java/ql/lib/ext/org.mvel2.compiler.model.yml index 6ca33c8cdb0..0b3535a6fcf 100644 --- a/java/ql/lib/ext/org.mvel2.compiler.model.yml +++ b/java/ql/lib/ext/org.mvel2.compiler.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] + - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.jsr223.model.yml b/java/ql/lib/ext/org.mvel2.jsr223.model.yml index 6a63bbcf57c..7dff4964cf0 100644 --- a/java/ql/lib/ext/org.mvel2.jsr223.model.yml +++ b/java/ql/lib/ext/org.mvel2.jsr223.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.model.yml b/java/ql/lib/ext/org.mvel2.model.yml index fd7778c89a6..28a7154df90 100644 --- a/java/ql/lib/ext/org.mvel2.model.yml +++ b/java/ql/lib/ext/org.mvel2.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel", "manual"] + - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.templates.model.yml b/java/ql/lib/ext/org.mvel2.templates.model.yml index 0e31cee38b0..93fdbde10ed 100644 --- a/java/ql/lib/ext/org.mvel2.templates.model.yml +++ b/java/ql/lib/ext/org.mvel2.templates.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 78197f16ce3..06097ce7271 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -275,10 +275,11 @@ module ModelValidation { not kind = [ "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", - "mvel", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-start", - "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file", - "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl-injection", - "bean-validation", "template-injection", "fragment-injection", "command-injection" + "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection", + "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", + "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", + "jexl-injection", "bean-validation", "template-injection", "fragment-injection", + "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/MvelInjection.qll b/java/ql/lib/semmle/code/java/security/MvelInjection.qll index a0ada3d91a1..803c6ad0cf9 100644 --- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll @@ -25,7 +25,7 @@ class MvelInjectionAdditionalTaintStep extends Unit { /** Default sink for MVEL injection vulnerabilities. */ private class DefaultMvelEvaluationSink extends MvelEvaluationSink { - DefaultMvelEvaluationSink() { sinkNode(this, "mvel") } + DefaultMvelEvaluationSink() { sinkNode(this, "mvel-injection") } } /** A default sanitizer that considers numeric and boolean typed data safe for building MVEL expressions */ From 6d2d25406caec1acedd83a06f800a9b983b7f084 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:06:36 -0400 Subject: [PATCH 182/210] Java: update xslt sink kind to xslt-injection --- java/ql/lib/ext/javax.xml.transform.model.yml | 2 +- java/ql/lib/ext/net.sf.saxon.s9api.model.yml | 10 +++++----- java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 6 +++--- .../ql/lib/semmle/code/java/security/XsltInjection.qll | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/java/ql/lib/ext/javax.xml.transform.model.yml b/java/ql/lib/ext/javax.xml.transform.model.yml index ffc321b004f..62a66a3d7ae 100644 --- a/java/ql/lib/ext/javax.xml.transform.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml index 1559092f535..aa0e3eba5a9 100644 --- a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml +++ b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 06097ce7271..fbdd1ec4e2f 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,9 +277,9 @@ module ModelValidation { "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", - "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt", - "jexl-injection", "bean-validation", "template-injection", "fragment-injection", - "command-injection" + "write-file", "set-hostname-verifier", "header-splitting", "information-leak", + "xslt-injection", "jexl-injection", "bean-validation", "template-injection", + "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/XsltInjection.qll b/java/ql/lib/semmle/code/java/security/XsltInjection.qll index f6953a09539..3d0782b6ace 100644 --- a/java/ql/lib/semmle/code/java/security/XsltInjection.qll +++ b/java/ql/lib/semmle/code/java/security/XsltInjection.qll @@ -12,7 +12,7 @@ abstract class XsltInjectionSink extends DataFlow::Node { } /** A default sink representing methods susceptible to XSLT Injection attacks. */ private class DefaultXsltInjectionSink extends XsltInjectionSink { - DefaultXsltInjectionSink() { sinkNode(this, "xslt") } + DefaultXsltInjectionSink() { sinkNode(this, "xslt-injection") } } /** From 3ff4c7de8f031c3744ba465d6f6d4e3ed0ad18ca Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:08:40 -0400 Subject: [PATCH 183/210] Java: update ldap sink kind to ldap-injection --- .../lib/ext/com.unboundid.ldap.sdk.model.yml | 34 +++++++++---------- .../lib/ext/javax.naming.directory.model.yml | 2 +- ...apache.directory.ldap.client.api.model.yml | 2 +- .../org.springframework.ldap.core.model.yml | 28 +++++++-------- .../code/java/dataflow/ExternalFlow.qll | 12 +++---- .../code/java/security/LdapInjection.qll | 2 +- 6 files changed, 40 insertions(+), 40 deletions(-) diff --git a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml index 57753bc31d0..d483d6d97e4 100644 --- a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml +++ b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/javax.naming.directory.model.yml b/java/ql/lib/ext/javax.naming.directory.model.yml index bb350a084cb..6f60e7cf20d 100644 --- a/java/ql/lib/ext/javax.naming.directory.model.yml +++ b/java/ql/lib/ext/javax.naming.directory.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap", "manual"] + - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml index 14b580383d3..57b1655d944 100644 --- a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml +++ b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap", "manual"] + - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.ldap.core.model.yml b/java/ql/lib/ext/org.springframework.ldap.core.model.yml index 962dec40c59..ce4ef72e283 100644 --- a/java/ql/lib/ext/org.springframework.ldap.core.model.yml +++ b/java/ql/lib/ext/org.springframework.ldap.core.model.yml @@ -22,17 +22,17 @@ extensions: - ["org.springframework.ldap.core", "LdapOperations", True, "search", "(String,String,int,String[],ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(Name,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(String,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index fbdd1ec4e2f..af4f43004ad 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -274,12 +274,12 @@ module ModelValidation { exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection", - "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection", - "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file", - "write-file", "set-hostname-verifier", "header-splitting", "information-leak", - "xslt-injection", "jexl-injection", "bean-validation", "template-injection", - "fragment-injection", "command-injection" + "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", + "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", + "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", + "read-file", "write-file", "set-hostname-verifier", "header-splitting", + "information-leak", "xslt-injection", "jexl-injection", "bean-validation", + "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/LdapInjection.qll b/java/ql/lib/semmle/code/java/security/LdapInjection.qll index d78bd2f7ae1..0e2a35c764e 100644 --- a/java/ql/lib/semmle/code/java/security/LdapInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LdapInjection.qll @@ -29,7 +29,7 @@ class LdapInjectionAdditionalTaintStep extends Unit { /** Default sink for LDAP injection vulnerabilities. */ private class DefaultLdapInjectionSink extends LdapInjectionSink { - DefaultLdapInjectionSink() { sinkNode(this, "ldap") } + DefaultLdapInjectionSink() { sinkNode(this, "ldap-injection") } } /** A sanitizer that clears the taint on (boxed) primitive types. */ From 5aa3e57ff32f4fa3459939004cdfd626b1a0b884 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:09:37 -0400 Subject: [PATCH 184/210] Java: update pending-intent-sent sink kind to pending-intents --- java/ql/lib/ext/android.app.model.yml | 34 +++++++++---------- java/ql/lib/ext/androidx.core.app.model.yml | 12 +++---- java/ql/lib/ext/androidx.slice.model.yml | 4 +-- .../code/java/dataflow/ExternalFlow.qll | 2 +- .../java/security/ImplicitPendingIntents.qll | 2 +- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/java/ql/lib/ext/android.app.model.yml b/java/ql/lib/ext/android.app.model.yml index 861867d344c..c295293ee5a 100644 --- a/java/ql/lib/ext/android.app.model.yml +++ b/java/ql/lib/ext/android.app.model.yml @@ -5,20 +5,20 @@ extensions: data: - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-start", "manual"] - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intent-sent", "manual"] + - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intents", "manual"] - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-start", "manual"] - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-start", "manual"] - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-start", "manual"] - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-start", "manual"] - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intent-sent", "manual"] + - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intents", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Class,Bundle,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Fragment,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(int,Class,Bundle)", "", "Argument[1]", "fragment-injection", "manual"] @@ -30,14 +30,14 @@ extensions: - ["android.app", "FragmentTransaction", True, "replace", "(int,Class,Bundle,String)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment,String)", "", "Argument[1]", "fragment-injection", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intent-sent", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.core.app.model.yml b/java/ql/lib/ext/androidx.core.app.model.yml index 2bb58605436..f24a67dbbe6 100644 --- a/java/ql/lib/ext/androidx.core.app.model.yml +++ b/java/ql/lib/ext/androidx.core.app.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.slice.model.yml b/java/ql/lib/ext/androidx.slice.model.yml index 97481e886e5..1e4176e5d9a 100644 --- a/java/ql/lib/ext/androidx.slice.model.yml +++ b/java/ql/lib/ext/androidx.slice.model.yml @@ -12,5 +12,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intent-sent", "manual"] - - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intent-sent", "manual"] + - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intents", "manual"] + - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intents", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index af4f43004ad..3e6543297d1 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -276,7 +276,7 @@ module ModelValidation { [ "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", - "ognl-injection", "intent-start", "pending-intent-sent", "url-redirection", "create-file", + "ognl-injection", "intent-start", "pending-intents", "url-redirection", "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll index 308b8037554..6511bf28685 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll @@ -63,7 +63,7 @@ private class SendPendingIntent extends ImplicitPendingIntentSink { this.asExpr() = ma.getArgument(0) ) or - sinkNode(this, "pending-intent-sent") + sinkNode(this, "pending-intents") } override predicate hasState(DataFlow::FlowState state) { state = "MutablePendingIntent" } From b23f384a50bd66943a02bd4f130028541878a475 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:10:57 -0400 Subject: [PATCH 185/210] Java: update intent-start sink kind to intent-redirection --- java/ql/lib/ext/android.app.model.yml | 14 ++++---- java/ql/lib/ext/android.content.model.yml | 32 +++++++++---------- .../code/java/dataflow/ExternalFlow.qll | 4 +-- .../security/AndroidIntentRedirection.qll | 2 +- .../java/security/ImplicitPendingIntents.qll | 3 +- 5 files changed, 28 insertions(+), 27 deletions(-) diff --git a/java/ql/lib/ext/android.app.model.yml b/java/ql/lib/ext/android.app.model.yml index c295293ee5a..72591773436 100644 --- a/java/ql/lib/ext/android.app.model.yml +++ b/java/ql/lib/ext/android.app.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] + - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intents", "manual"] - - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-start", "manual"] + - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intents", "manual"] - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] diff --git a/java/ql/lib/ext/android.content.model.yml b/java/ql/lib/ext/android.content.model.yml index bee6bae8d44..c42578c08cd 100644 --- a/java/ql/lib/ext/android.content.model.yml +++ b/java/ql/lib/ext/android.content.model.yml @@ -47,22 +47,22 @@ extensions: - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] - - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] + - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 3e6543297d1..27bc65e8ee2 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -276,8 +276,8 @@ module ModelValidation { [ "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", - "ognl-injection", "intent-start", "pending-intents", "url-redirection", "create-file", - "read-file", "write-file", "set-hostname-verifier", "header-splitting", + "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", + "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" ] and diff --git a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll index 993c2941733..ef5f84001f0 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll @@ -30,7 +30,7 @@ class IntentRedirectionAdditionalTaintStep extends Unit { /** Default sink for Intent redirection vulnerabilities. */ private class DefaultIntentRedirectionSink extends IntentRedirectionSink { - DefaultIntentRedirectionSink() { sinkNode(this, "intent-start") } + DefaultIntentRedirectionSink() { sinkNode(this, "intent-redirection") } } /** diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll index 6511bf28685..41985affc0e 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll @@ -54,7 +54,8 @@ private class IntentCreationSource extends ImplicitPendingIntentSource { private class SendPendingIntent extends ImplicitPendingIntentSink { SendPendingIntent() { - sinkNode(this, "intent-start") and + // intent redirection sinks are method calls that start Android components + sinkNode(this, "intent-redirection") and // implicit intents can't be started as services since API 21 not exists(MethodAccess ma, Method m | ma.getMethod() = m and From 51df84ed1cdc973efbe4a287fffcbdf3a0c6bfc4 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:15:57 -0400 Subject: [PATCH 186/210] Java: update set-hostname-verifier sink kind to hostname-verification --- java/ql/lib/ext/javax.net.ssl.model.yml | 4 ++-- java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 +- .../code/java/security/UnsafeHostnameVerificationQuery.qll | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/java/ql/lib/ext/javax.net.ssl.model.yml b/java/ql/lib/ext/javax.net.ssl.model.yml index 7cbed92c184..59085b8d120 100644 --- a/java/ql/lib/ext/javax.net.ssl.model.yml +++ b/java/ql/lib/ext/javax.net.ssl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] - - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 27bc65e8ee2..78c98c07b04 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,7 +277,7 @@ module ModelValidation { "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", - "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", + "create-file", "read-file", "write-file", "hostname-verification", "header-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" ] and diff --git a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll index 1fc60e3494e..1b44121591c 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll @@ -74,7 +74,7 @@ module TrustAllHostnameVerifierFlow = DataFlow::Global Date: Tue, 9 May 2023 12:17:08 -0400 Subject: [PATCH 187/210] Java: update header-splitting sink kind to response-splitting --- java/ql/lib/ext/javax.servlet.http.model.yml | 6 +++--- java/ql/lib/ext/javax.ws.rs.core.model.yml | 2 +- java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 +- java/ql/lib/semmle/code/java/security/ResponseSplitting.qll | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/java/ql/lib/ext/javax.servlet.http.model.yml b/java/ql/lib/ext/javax.servlet.http.model.yml index e4c0a2b2332..6485ea22a2e 100644 --- a/java/ql/lib/ext/javax.servlet.http.model.yml +++ b/java/ql/lib/ext/javax.servlet.http.model.yml @@ -22,10 +22,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "header-splitting", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "response-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - ["javax.servlet.http", "HttpServletResponse", False, "sendError", "(int,String)", "", "Argument[1]", "information-leak", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.ws.rs.core.model.yml b/java/ql/lib/ext/javax.ws.rs.core.model.yml index cf94b255176..dfdf2ee6fd0 100644 --- a/java/ql/lib/ext/javax.ws.rs.core.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.core.model.yml @@ -5,7 +5,7 @@ extensions: data: - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] - - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "header-splitting", "manual"] + - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 78c98c07b04..e264be4a83b 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,7 +277,7 @@ module ModelValidation { "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", - "create-file", "read-file", "write-file", "hostname-verification", "header-splitting", + "create-file", "read-file", "write-file", "hostname-verification", "response-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" ] and diff --git a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll index 916b6df4372..2e2033443a5 100644 --- a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll +++ b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll @@ -11,7 +11,7 @@ private import semmle.code.java.dataflow.ExternalFlow abstract class HeaderSplittingSink extends DataFlow::Node { } private class DefaultHeaderSplittingSink extends HeaderSplittingSink { - DefaultHeaderSplittingSink() { sinkNode(this, "header-splitting") } + DefaultHeaderSplittingSink() { sinkNode(this, "response-splitting") } } /** A source that introduces data considered safe to use by a header splitting source. */ From ac8d985a6397fb4eda24688dfa8e892d4b52e03b Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:18:11 -0400 Subject: [PATCH 188/210] Java: update xss sink kind to html-injection and js-injection --- java/ql/lib/ext/android.webkit.model.yml | 6 +++--- java/ql/lib/ext/jakarta.faces.context.model.yml | 4 ++-- java/ql/lib/ext/javax.faces.context.model.yml | 4 ++-- java/ql/lib/ext/org.apache.hc.core5.http.model.yml | 2 +- java/ql/lib/ext/org.apache.http.model.yml | 2 +- java/ql/lib/ext/org.apache.http.util.model.yml | 2 +- .../ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 11 ++++++----- java/ql/lib/semmle/code/java/security/XSS.qll | 2 +- 8 files changed, 17 insertions(+), 16 deletions(-) diff --git a/java/ql/lib/ext/android.webkit.model.yml b/java/ql/lib/ext/android.webkit.model.yml index 05058493fe1..d88199c04cb 100644 --- a/java/ql/lib/ext/android.webkit.model.yml +++ b/java/ql/lib/ext/android.webkit.model.yml @@ -10,6 +10,6 @@ extensions: extensible: sinkModel data: # Models representing methods susceptible to XSS attacks. - - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "xss", "manual"] + - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "js-injection", "manual"] + - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "html-injection", "manual"] + - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/jakarta.faces.context.model.yml b/java/ql/lib/ext/jakarta.faces.context.model.yml index 84a0fd22710..468ef036c1a 100644 --- a/java/ql/lib/ext/jakarta.faces.context.model.yml +++ b/java/ql/lib/ext/jakarta.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/javax.faces.context.model.yml b/java/ql/lib/ext/javax.faces.context.model.yml index ad33971c2c3..98f3e64ec6c 100644 --- a/java/ql/lib/ext/javax.faces.context.model.yml +++ b/java/ql/lib/ext/javax.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml index 6c1c6d63efe..8922ce55637 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] + - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.model.yml b/java/ql/lib/ext/org.apache.http.model.yml index 466fe9d15a4..d03d2fa1a50 100644 --- a/java/ql/lib/ext/org.apache.http.model.yml +++ b/java/ql/lib/ext/org.apache.http.model.yml @@ -10,7 +10,7 @@ extensions: extensible: sinkModel data: - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] + - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.util.model.yml b/java/ql/lib/ext/org.apache.http.util.model.yml index d5469664ab6..7e4fd9dde25 100644 --- a/java/ql/lib/ext/org.apache.http.util.model.yml +++ b/java/ql/lib/ext/org.apache.http.util.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "xss", "manual"] + - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index e264be4a83b..5d9290fce9f 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -275,11 +275,12 @@ module ModelValidation { not kind = [ "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", - "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss", - "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", - "create-file", "read-file", "write-file", "hostname-verification", "response-splitting", - "information-leak", "xslt-injection", "jexl-injection", "bean-validation", - "template-injection", "fragment-injection", "command-injection" + "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", + "html-injection", "js-injection", "ognl-injection", "intent-redirection", + "pending-intents", "url-redirection", "create-file", "read-file", "write-file", + "hostname-verification", "response-splitting", "information-leak", "xslt-injection", + "jexl-injection", "bean-validation", "template-injection", "fragment-injection", + "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/XSS.qll b/java/ql/lib/semmle/code/java/security/XSS.qll index 2680631318f..bd968bd5fc3 100644 --- a/java/ql/lib/semmle/code/java/security/XSS.qll +++ b/java/ql/lib/semmle/code/java/security/XSS.qll @@ -39,7 +39,7 @@ class XssAdditionalTaintStep extends Unit { /** A default sink representing methods susceptible to XSS attacks. */ private class DefaultXssSink extends XssSink { DefaultXssSink() { - sinkNode(this, "xss") + sinkNode(this, ["html-injection", "js-injection"]) or exists(MethodAccess ma | ma.getMethod() instanceof WritingMethod and From eb1a8e21890a4f8490cec8ca475972059d881c85 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 30 May 2023 13:03:51 -0400 Subject: [PATCH 189/210] Java: update write-file sink kind to file-system-store --- .../ql/lib/ext/com.google.common.io.model.yml | 2 +- java/ql/lib/ext/hudson.model.yml | 2 +- java/ql/lib/ext/hudson.util.model.yml | 3 +- java/ql/lib/ext/java.io.model.yml | 44 +++++++++---------- java/ql/lib/ext/java.nio.file.model.yml | 6 +-- .../lib/ext/org.apache.commons.io.model.yml | 4 +- .../code/java/dataflow/ExternalFlow.qll | 2 +- ...CleartextStorageAndroidFilesystemQuery.qll | 2 +- .../internal/CaptureModelsSpecific.qll | 2 +- 9 files changed, 33 insertions(+), 34 deletions(-) diff --git a/java/ql/lib/ext/com.google.common.io.model.yml b/java/ql/lib/ext/com.google.common.io.model.yml index 230b596ad29..1158bc21274 100644 --- a/java/ql/lib/ext/com.google.common.io.model.yml +++ b/java/ql/lib/ext/com.google.common.io.model.yml @@ -9,7 +9,7 @@ extensions: - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "write-file", "ai-manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "file-content-store", "ai-manual"] - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/hudson.model.yml b/java/ql/lib/ext/hudson.model.yml index 8fa6a8c0653..778094c1cad 100644 --- a/java/ql/lib/ext/hudson.model.yml +++ b/java/ql/lib/ext/hudson.model.yml @@ -7,7 +7,7 @@ extensions: - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "read-file", "manual"] - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "read-file", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "write-file", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "create-file", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "create-file", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.model.yml b/java/ql/lib/ext/hudson.util.model.yml index 0e34233e735..963783006d2 100644 --- a/java/ql/lib/ext/hudson.util.model.yml +++ b/java/ql/lib/ext/hudson.util.model.yml @@ -15,11 +15,10 @@ extensions: - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "read-file", "manual"] - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "read-file", "manual"] - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "write-file", "manual"] + - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel data: - ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["hudson.util", "TextFile", True, "TextFile", "(File)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] - diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 2db99b7027e..73d0258f832 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -8,7 +8,7 @@ extensions: - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "create-file", "ai-manual"] @@ -19,34 +19,34 @@ extensions: - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index 42ae8b9052b..f6728654afe 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -6,7 +6,7 @@ extensions: - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "read-file", "manual"] - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "read-file", "manual"] - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "write-file", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"] - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "create-file", "manual"] - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "create-file", "manual"] @@ -32,9 +32,9 @@ extensions: - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "write-file", "manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"] - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "write-file", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"] - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "ai-manual"] - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file diff --git a/java/ql/lib/ext/org.apache.commons.io.model.yml b/java/ql/lib/ext/org.apache.commons.io.model.yml index e23dd5fca44..c2892e9595e 100644 --- a/java/ql/lib/ext/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/org.apache.commons.io.model.yml @@ -16,8 +16,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 5d9290fce9f..7633f47c3bd 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,7 +277,7 @@ module ModelValidation { "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection", "ognl-injection", "intent-redirection", - "pending-intents", "url-redirection", "create-file", "read-file", "write-file", + "pending-intents", "url-redirection", "create-file", "read-file", "file-content-store", "hostname-verification", "response-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll index 2641a3ab0df..cf081085bab 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll @@ -40,7 +40,7 @@ class LocalFileOpenCall extends Storable { /** Holds if `input` is written into `file`. */ private predicate filesystemInput(DataFlow::Node file, Argument input) { - exists(DataFlow::Node write | sinkNode(write, "write-file") | + exists(DataFlow::Node write | sinkNode(write, "file-content-store") | input = write.asExpr() or isVarargs(input, write) ) and diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll index 8583e793fc9..7877594519a 100644 --- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll +++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll @@ -252,7 +252,7 @@ bindingset[kind] predicate isRelevantSinkKind(string kind) { not kind = "log-injection" and not kind.matches("regex-use%") and - not kind = "write-file" + not kind = "file-content-store" } /** From cb10f4976b260df51a82973804774475a079793d Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 30 May 2023 13:06:37 -0400 Subject: [PATCH 190/210] Java: update create/read-file sink kinds to path-injection --- .../ql/lib/ext/com.google.common.io.model.yml | 14 +- .../ext/com.thoughtworks.xstream.model.yml | 2 +- .../lib/ext/generated/kotlinstdlib.model.yml | 20 +- .../generated/org.apache.commons.io.model.yml | 184 +++++++++--------- java/ql/lib/ext/hudson.lifecycle.model.yml | 2 +- java/ql/lib/ext/hudson.model.model.yml | 8 +- java/ql/lib/ext/hudson.model.yml | 18 +- java/ql/lib/ext/hudson.scm.model.yml | 10 +- java/ql/lib/ext/hudson.util.io.model.yml | 4 +- java/ql/lib/ext/hudson.util.jna.model.yml | 6 +- java/ql/lib/ext/hudson.util.model.yml | 24 +-- ...tty.handler.codec.http.multipart.model.yml | 2 +- .../ql/lib/ext/io.netty.handler.ssl.model.yml | 4 +- .../lib/ext/io.netty.handler.stream.model.yml | 2 +- .../lib/ext/io.netty.util.internal.model.yml | 2 +- java/ql/lib/ext/java.io.model.yml | 44 ++--- java/ql/lib/ext/java.lang.model.yml | 10 +- java/ql/lib/ext/java.nio.file.model.yml | 72 +++---- java/ql/lib/ext/javax.servlet.model.yml | 2 +- .../ext/javax.xml.transform.stream.model.yml | 2 +- java/ql/lib/ext/kotlin.io.model.yml | 8 +- .../lib/ext/org.apache.commons.io.model.yml | 6 +- .../ql/lib/ext/org.apache.tools.ant.model.yml | 10 +- .../org.apache.tools.ant.taskdefs.model.yml | 12 +- ...dehaus.cargo.container.installer.model.yml | 4 +- ...org.kohsuke.stapler.framework.io.model.yml | 2 +- .../org.openjdk.jmh.runner.options.model.yml | 2 +- .../code/java/dataflow/ExternalFlow.qll | 2 +- ...CleartextStorageAndroidFilesystemQuery.qll | 2 +- .../code/java/security/TaintedPathQuery.qll | 4 +- .../code/java/security/ZipSlipQuery.qll | 2 +- .../CWE/CWE-200/AndroidFileIntentSink.qll | 2 +- 32 files changed, 243 insertions(+), 245 deletions(-) diff --git a/java/ql/lib/ext/com.google.common.io.model.yml b/java/ql/lib/ext/com.google.common.io.model.yml index 1158bc21274..9f3f3307462 100644 --- a/java/ql/lib/ext/com.google.common.io.model.yml +++ b/java/ql/lib/ext/com.google.common.io.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] + - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "file-content-store", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml index d73cc27e729..c34bb91d42c 100644 --- a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml +++ b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/generated/kotlinstdlib.model.yml b/java/ql/lib/ext/generated/kotlinstdlib.model.yml index bc296146214..16e0cc97420 100644 --- a/java/ql/lib/ext/generated/kotlinstdlib.model.yml +++ b/java/ql/lib/ext/generated/kotlinstdlib.model.yml @@ -6,16 +6,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] diff --git a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml index 3a40daa82ec..e43b2720252 100644 --- a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml @@ -6,100 +6,100 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "create-file", "df-generated"] + - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "create-file", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "path-injection", "df-generated"] - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] + - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "open-url", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "open-url", "df-generated"] @@ -109,9 +109,9 @@ extensions: - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "create-file", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "path-injection", "df-generated"] - addsTo: @@ -1428,5 +1428,3 @@ extensions: - ["org.apache.commons.io", "UncheckedIOExceptions", "UncheckedIOExceptions", "()", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "create", "(Object)", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "wrap", "(IOException,Object)", "summary", "df-generated"] - - \ No newline at end of file diff --git a/java/ql/lib/ext/hudson.lifecycle.model.yml b/java/ql/lib/ext/hudson.lifecycle.model.yml index be8c5fe843a..fde691fe175 100644 --- a/java/ql/lib/ext/hudson.lifecycle.model.yml +++ b/java/ql/lib/ext/hudson.lifecycle.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.model.model.yml b/java/ql/lib/ext/hudson.model.model.yml index 04701194c06..2b5423961e3 100644 --- a/java/ql/lib/ext/hudson.model.model.yml +++ b/java/ql/lib/ext/hudson.model.model.yml @@ -5,11 +5,11 @@ extensions: data: - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "read-file", "ai-manual"] + - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "path-injection", "ai-manual"] - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "create-file", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.model.yml b/java/ql/lib/ext/hudson.model.yml index 778094c1cad..43955cb22f0 100644 --- a/java/ql/lib/ext/hudson.model.yml +++ b/java/ql/lib/ext/hudson.model.yml @@ -3,17 +3,17 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "create-file", "ai-manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "path-injection", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.scm.model.yml b/java/ql/lib/ext/hudson.scm.model.yml index f37c3442532..dc6e0bfa5bb 100644 --- a/java/ql/lib/ext/hudson.scm.model.yml +++ b/java/ql/lib/ext/hudson.scm.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "read-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "read-file", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.util.io.model.yml b/java/ql/lib/ext/hudson.util.io.model.yml index 65e0f3efb27..3d29b93e20c 100644 --- a/java/ql/lib/ext/hudson.util.io.model.yml +++ b/java/ql/lib/ext/hudson.util.io.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.jna.model.yml b/java/ql/lib/ext/hudson.util.jna.model.yml index c67d645f950..c840d0f4725 100644 --- a/java/ql/lib/ext/hudson.util.jna.model.yml +++ b/java/ql/lib/ext/hudson.util.jna.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "create-file", "ai-manual"] + - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.model.yml b/java/ql/lib/ext/hudson.util.model.yml index 963783006d2..39c5b55f349 100644 --- a/java/ql/lib/ext/hudson.util.model.yml +++ b/java/ql/lib/ext/hudson.util.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "create-file", "manual"] - - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "read-file", "manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "path-injection", "manual"] - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml index 4090f6356bf..a44a2c6c400 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] + - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.handler.ssl.model.yml b/java/ql/lib/ext/io.netty.handler.ssl.model.yml index 63628323f49..42cf9892f81 100644 --- a/java/ql/lib/ext/io.netty.handler.ssl.model.yml +++ b/java/ql/lib/ext/io.netty.handler.ssl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.handler.stream.model.yml b/java/ql/lib/ext/io.netty.handler.stream.model.yml index 1d305863f6c..f4e635f4437 100644 --- a/java/ql/lib/ext/io.netty.handler.stream.model.yml +++ b/java/ql/lib/ext/io.netty.handler.stream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.util.internal.model.yml b/java/ql/lib/ext/io.netty.util.internal.model.yml index 477b8e88858..d705873cc55 100644 --- a/java/ql/lib/ext/io.netty.util.internal.model.yml +++ b/java/ql/lib/ext/io.netty.util.internal.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] + - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "open-url", "ai-manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 73d0258f832..9d22122ae30 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"] + - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "path-injection", "manual"] - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] - - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "create-file", "manual"] + - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "path-injection", "manual"] - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] @@ -28,19 +28,19 @@ extensions: - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "create-file", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "path-injection", "manual"] - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "file-content-store", "manual"] - - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "create-file", "manual"] + - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "path-injection", "manual"] - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "file-content-store", "manual"] diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index b5db4e60f58..ed14b2495a3 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] # These are modeled in plain CodeQL. TODO: migrate them. # - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"] # - ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-manual"] diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index f6728654afe..b6d161c00f4 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -3,45 +3,45 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "read-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "read-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"] - - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "create-file", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "path-injection", "manual"] - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "create-file", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "path-injection", "manual"] - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "ai-manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.servlet.model.yml b/java/ql/lib/ext/javax.servlet.model.yml index fae0bd6f2b3..7d7f432d2bd 100644 --- a/java/ql/lib/ext/javax.servlet.model.yml +++ b/java/ql/lib/ext/javax.servlet.model.yml @@ -14,4 +14,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/javax.xml.transform.stream.model.yml b/java/ql/lib/ext/javax.xml.transform.stream.model.yml index c058a88f337..8cb96b4c775 100644 --- a/java/ql/lib/ext/javax.xml.transform.stream.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.stream.model.yml @@ -9,4 +9,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/kotlin.io.model.yml b/java/ql/lib/ext/kotlin.io.model.yml index 335457a48a0..98de45df9d6 100644 --- a/java/ql/lib/ext/kotlin.io.model.yml +++ b/java/ql/lib/ext/kotlin.io.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.commons.io.model.yml b/java/ql/lib/ext/org.apache.commons.io.model.yml index c2892e9595e..e80bc525883 100644 --- a/java/ql/lib/ext/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/org.apache.commons.io.model.yml @@ -17,7 +17,7 @@ extensions: extensible: sinkModel data: - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.tools.ant.model.yml b/java/ql/lib/ext/org.apache.tools.ant.model.yml index bee9b475ef7..474429db030 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml index 29b4ee0d16e..aaacf02d58c 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml index dbb6ace53da..ddd4d24577e 100644 --- a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml +++ b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml @@ -4,5 +4,5 @@ extensions: extensible: sinkModel data: - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "create-file", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "create-file", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml index 514b23a9958..49cd049cdfa 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml index a4eb31084cc..1d2aa29efee 100644 --- a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml +++ b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "create-file", "ai-manual"] + - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 7633f47c3bd..b4d1e146312 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -277,7 +277,7 @@ module ModelValidation { "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection", "ognl-injection", "intent-redirection", - "pending-intents", "url-redirection", "create-file", "read-file", "file-content-store", + "pending-intents", "url-redirection", "path-injection", "file-content-store", "hostname-verification", "response-splitting", "information-leak", "xslt-injection", "jexl-injection", "bean-validation", "template-injection", "fragment-injection", "command-injection" diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll index cf081085bab..d7097f1ecf2 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll @@ -20,7 +20,7 @@ private class AndroidFilesystemCleartextStorageSink extends CleartextStorageSink /** A call to a method or constructor that may write to files to the local filesystem. */ class LocalFileOpenCall extends Storable { LocalFileOpenCall() { - this = any(DataFlow::Node sink | sinkNode(sink, "create-file")).asExpr().(Argument).getCall() + this = any(DataFlow::Node sink | sinkNode(sink, "path-injection")).asExpr().(Argument).getCall() } override Expr getAnInput() { diff --git a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll index 27a54d0ecfa..4fa64846c91 100644 --- a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll @@ -58,7 +58,7 @@ module TaintedPathConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(PathCreation p).getAnInput() or - sinkNode(sink, ["create-file", "read-file"]) + sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { @@ -85,7 +85,7 @@ module TaintedPathLocalConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(PathCreation p).getAnInput() or - sinkNode(sink, "create-file") + sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { diff --git a/java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll b/java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll index 6eaa372075b..4fad191a3e4 100644 --- a/java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll @@ -40,5 +40,5 @@ module ZipSlipFlow = TaintTracking::Global; * A sink that represents a file creation, such as a file write, copy or move operation. */ private class FileCreationSink extends DataFlow::Node { - FileCreationSink() { sinkNode(this, "create-file") } + FileCreationSink() { sinkNode(this, "path-injection") } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll index e8795a25431..ba6c895dc8f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll @@ -8,7 +8,7 @@ import semmle.code.java.frameworks.android.Intent /** A sink representing methods creating a file in Android. */ class AndroidFileSink extends DataFlow::Node { - AndroidFileSink() { sinkNode(this, "create-file") } + AndroidFileSink() { sinkNode(this, "path-injection") } } /** From 5dbb6984815bef54ca3d073a475ca3490dda92bf Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 31 May 2023 15:50:31 -0400 Subject: [PATCH 191/210] Java: update open/jdbc-url sink kinds to request-forgery --- java/ql/lib/ext/com.zaxxer.hikari.model.yml | 4 +- .../lib/ext/generated/kotlinstdlib.model.yml | 4 +- .../generated/org.apache.commons.io.model.yml | 30 ++-- java/ql/lib/ext/hudson.cli.model.yml | 4 +- java/ql/lib/ext/hudson.model.model.yml | 6 +- java/ql/lib/ext/hudson.model.yml | 2 +- java/ql/lib/ext/io.netty.bootstrap.model.yml | 6 +- java/ql/lib/ext/io.netty.channel.model.yml | 18 +- .../ext/io.netty.handler.codec.http.model.yml | 6 +- .../lib/ext/io.netty.util.internal.model.yml | 2 +- .../ql/lib/ext/jakarta.ws.rs.client.model.yml | 2 +- java/ql/lib/ext/java.net.http.model.yml | 4 +- java/ql/lib/ext/java.net.model.yml | 32 ++-- java/ql/lib/ext/java.sql.model.yml | 8 +- java/ql/lib/ext/javafx.scene.web.model.yml | 2 +- java/ql/lib/ext/javax.ws.rs.client.model.yml | 2 +- java/ql/lib/ext/okhttp3.model.yml | 8 +- .../ext/org.apache.commons.jelly.model.yml | 12 +- ...he.hc.client5.http.async.methods.model.yml | 168 +++++++++--------- ....hc.client5.http.classic.methods.model.yml | 74 ++++---- ...rg.apache.hc.client5.http.fluent.model.yml | 38 ++-- .../org.apache.hc.core5.benchmark.model.yml | 2 +- ...che.hc.core5.http.impl.bootstrap.model.yml | 4 +- ....apache.hc.core5.http.io.support.model.yml | 32 ++-- ...org.apache.hc.core5.http.message.model.yml | 16 +- .../ext/org.apache.hc.core5.http.model.yml | 6 +- ...apache.hc.core5.http.nio.support.model.yml | 48 ++--- ...org.apache.hc.core5.http.support.model.yml | 38 ++-- .../org.apache.http.client.fluent.model.yml | 32 ++-- .../org.apache.http.client.methods.model.yml | 38 ++-- .../lib/ext/org.apache.http.client.model.yml | 6 +- .../ext/org.apache.http.impl.client.model.yml | 2 +- .../lib/ext/org.apache.http.message.model.yml | 12 +- java/ql/lib/ext/org.apache.http.model.yml | 2 +- ...dehaus.cargo.container.installer.model.yml | 2 +- .../ext/org.eclipse.jetty.client.model.yml | 2 +- java/ql/lib/ext/org.jdbi.v3.core.model.yml | 12 +- java/ql/lib/ext/org.kohsuke.stapler.model.yml | 2 +- .../org.springframework.boot.jdbc.model.yml | 2 +- .../ext/org.springframework.http.model.yml | 28 +-- ....springframework.jdbc.datasource.model.yml | 8 +- .../org.springframework.web.client.model.yml | 26 +-- ...ork.web.reactive.function.client.model.yml | 4 +- java/ql/lib/ext/retrofit2.model.yml | 2 +- .../code/java/dataflow/ExternalFlow.qll | 13 +- .../semmle/code/java/security/HttpsUrls.qll | 2 +- .../code/java/security/RequestForgery.qll | 8 +- .../Security/CWE/CWE-552/UnsafeUrlForward.qll | 2 +- .../library-tests/frameworks/okhttp/test.ql | 4 +- .../library-tests/frameworks/retrofit/test.ql | 4 +- 50 files changed, 395 insertions(+), 396 deletions(-) diff --git a/java/ql/lib/ext/com.zaxxer.hikari.model.yml b/java/ql/lib/ext/com.zaxxer.hikari.model.yml index 5fcab32cc7e..5c048e7c3c0 100644 --- a/java/ql/lib/ext/com.zaxxer.hikari.model.yml +++ b/java/ql/lib/ext/com.zaxxer.hikari.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/generated/kotlinstdlib.model.yml b/java/ql/lib/ext/generated/kotlinstdlib.model.yml index 16e0cc97420..a4f310b20b9 100644 --- a/java/ql/lib/ext/generated/kotlinstdlib.model.yml +++ b/java/ql/lib/ext/generated/kotlinstdlib.model.yml @@ -16,8 +16,8 @@ extensions: - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] - addsTo: diff --git a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml index e43b2720252..c220b8c82eb 100644 --- a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml @@ -7,10 +7,10 @@ extensions: extensible: sinkModel data: - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "path-injection", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "path-injection", "df-generated"] @@ -18,7 +18,7 @@ extensions: - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "path-injection", "df-generated"] - - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] @@ -60,9 +60,9 @@ extensions: - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] @@ -98,17 +98,17 @@ extensions: - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "open-url", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "request-forgery", "df-generated"] - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "path-injection", "df-generated"] - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "path-injection", "df-generated"] diff --git a/java/ql/lib/ext/hudson.cli.model.yml b/java/ql/lib/ext/hudson.cli.model.yml index b0d3d3a19ff..6b962143625 100644 --- a/java/ql/lib/ext/hudson.cli.model.yml +++ b/java/ql/lib/ext/hudson.cli.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "open-url", "manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/hudson.model.model.yml b/java/ql/lib/ext/hudson.model.model.yml index 2b5423961e3..023265b2c3d 100644 --- a/java/ql/lib/ext/hudson.model.model.yml +++ b/java/ql/lib/ext/hudson.model.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "path-injection", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "open-url", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "path-injection", "ai-manual"] - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: diff --git a/java/ql/lib/ext/hudson.model.yml b/java/ql/lib/ext/hudson.model.yml index 43955cb22f0..5ba20fce0c6 100644 --- a/java/ql/lib/ext/hudson.model.yml +++ b/java/ql/lib/ext/hudson.model.yml @@ -12,7 +12,7 @@ extensions: - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"] - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] - - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "request-forgery", "ai-manual"] - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/io.netty.bootstrap.model.yml b/java/ql/lib/ext/io.netty.bootstrap.model.yml index f38329a8bad..e07853583f7 100644 --- a/java/ql/lib/ext/io.netty.bootstrap.model.yml +++ b/java/ql/lib/ext/io.netty.bootstrap.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.channel.model.yml b/java/ql/lib/ext/io.netty.channel.model.yml index e06a3e0a582..38bdb84786a 100644 --- a/java/ql/lib/ext/io.netty.channel.model.yml +++ b/java/ql/lib/ext/io.netty.channel.model.yml @@ -3,15 +3,15 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: sourceModel diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml index 2912bdce85a..f9ec6702ff9 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "open-url", "manual"] + - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.util.internal.model.yml b/java/ql/lib/ext/io.netty.util.internal.model.yml index d705873cc55..7852b8b9e32 100644 --- a/java/ql/lib/ext/io.netty.util.internal.model.yml +++ b/java/ql/lib/ext/io.netty.util.internal.model.yml @@ -4,7 +4,7 @@ extensions: extensible: sinkModel data: - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] - - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "open-url", "ai-manual"] + - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml index 821ea0ad640..0460c09dc3c 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/java.net.http.model.yml b/java/ql/lib/ext/java.net.http.model.yml index d967f46494b..9fc18d2eaab 100644 --- a/java/ql/lib/ext/java.net.http.model.yml +++ b/java/ql/lib/ext/java.net.http.model.yml @@ -8,5 +8,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "open-url", "manual"] + - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/java.net.model.yml b/java/ql/lib/ext/java.net.model.yml index 9ab8c663506..39a4c484112 100644 --- a/java/ql/lib/ext/java.net.model.yml +++ b/java/ql/lib/ext/java.net.model.yml @@ -9,22 +9,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] + - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index ec0aa84fd21..c93a89cfd2c 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -7,10 +7,10 @@ extensions: - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql-injection", "manual"] - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] - - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql-injection", "manual"] - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/javafx.scene.web.model.yml b/java/ql/lib/ext/javafx.scene.web.model.yml index 64f8eea916b..78d1a00dfde 100644 --- a/java/ql/lib/ext/javafx.scene.web.model.yml +++ b/java/ql/lib/ext/javafx.scene.web.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/javax.ws.rs.client.model.yml b/java/ql/lib/ext/javax.ws.rs.client.model.yml index 0a5a01c3338..e9855623951 100644 --- a/java/ql/lib/ext/javax.ws.rs.client.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/okhttp3.model.yml b/java/ql/lib/ext/okhttp3.model.yml index d5f38bcee57..2368292dab7 100644 --- a/java/ql/lib/ext/okhttp3.model.yml +++ b/java/ql/lib/ext/okhttp3.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "open-url", "ai-manual"] - - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "open-url", "ai-manual"] - - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "open-url", "manual"] - - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "open-url", "manual"] + - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "request-forgery", "manual"] + - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.commons.jelly.model.yml b/java/ql/lib/ext/org.apache.commons.jelly.model.yml index 0669f6744b9..ef9e48d041a 100644 --- a/java/ql/lib/ext/org.apache.commons.jelly.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jelly.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml index 0b0e040c054..17498977d8d 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml @@ -3,87 +3,87 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml index 513a4e7eb7a..8b360282cec 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml index ce3b5567b7b..ff25f6c43a3 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml index 450a46cd1ec..0143a0a68ab 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml index c9515372645..280cf49b175 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml index 86d55853d8f..1f602d987cc 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml index e8cc56f35a5..44ed7ac03c1 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml index 8922ce55637..321b4235ea8 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml @@ -4,9 +4,9 @@ extensions: extensible: sinkModel data: - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml index 263ca830720..9d896b593c9 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml @@ -3,27 +3,27 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml index eee42d496f3..cb8d17d283a 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml index 924ab14fc5e..dad428e4d1a 100644 --- a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.methods.model.yml b/java/ql/lib/ext/org.apache.http.client.methods.model.yml index 5db791422c8..4eccb08eb8c 100644 --- a/java/ql/lib/ext/org.apache.http.client.methods.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.methods.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "open-url", "manual"] + - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.model.yml b/java/ql/lib/ext/org.apache.http.client.model.yml index abdfb6ed91d..681efdf32e7 100644 --- a/java/ql/lib/ext/org.apache.http.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.http.impl.client.model.yml b/java/ql/lib/ext/org.apache.http.impl.client.model.yml index 5cc1aca7498..be517e5344f 100644 --- a/java/ql/lib/ext/org.apache.http.impl.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.impl.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.message.model.yml b/java/ql/lib/ext/org.apache.http.message.model.yml index c727b57b210..4ee0d13d8c1 100644 --- a/java/ql/lib/ext/org.apache.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.http.message.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.model.yml b/java/ql/lib/ext/org.apache.http.model.yml index d03d2fa1a50..ff0bd813d83 100644 --- a/java/ql/lib/ext/org.apache.http.model.yml +++ b/java/ql/lib/ext/org.apache.http.model.yml @@ -9,7 +9,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml index ddd4d24577e..602a6223fe8 100644 --- a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml +++ b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "path-injection", "ai-manual"] - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml index 23f0e2a48a8..28c3430e818 100644 --- a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml +++ b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.jdbi.v3.core.model.yml b/java/ql/lib/ext/org.jdbi.v3.core.model.yml index fd7f4e824ac..a80c0a3d90e 100644 --- a/java/ql/lib/ext/org.jdbi.v3.core.model.yml +++ b/java/ql/lib/ext/org.jdbi.v3.core.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.model.yml index 7b6dea2e669..7a242051485 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.model.yml @@ -4,4 +4,4 @@ extensions: extensible: sinkModel data: - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirection", "ai-manual"] - - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml index bd7c5d8c5c1..7d61e1431c9 100644 --- a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml +++ b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.http.model.yml b/java/ql/lib/ext/org.springframework.http.model.yml index 8835a471c28..cb5f18a7732 100644 --- a/java/ql/lib/ext/org.springframework.http.model.yml +++ b/java/ql/lib/ext/org.springframework.http.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml index 7bb84c37e2c..3c274d264f9 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.web.client.model.yml b/java/ql/lib/ext/org.springframework.web.client.model.yml index 69f4cb64fc6..79a7f577c3d 100644 --- a/java/ql/lib/ext/org.springframework.web.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.client.model.yml @@ -10,16 +10,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml index cb2d1db4444..a76582b5e80 100644 --- a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/retrofit2.model.yml b/java/ql/lib/ext/retrofit2.model.yml index 51c4c0eed83..4ea997169a9 100644 --- a/java/ql/lib/ext/retrofit2.model.yml +++ b/java/ql/lib/ext/retrofit2.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index b4d1e146312..5776d64f402 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -274,13 +274,12 @@ module ModelValidation { exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url", - "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", - "html-injection", "js-injection", "ognl-injection", "intent-redirection", - "pending-intents", "url-redirection", "path-injection", "file-content-store", - "hostname-verification", "response-splitting", "information-leak", "xslt-injection", - "jexl-injection", "bean-validation", "template-injection", "fragment-injection", - "command-injection" + "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection", + "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection", + "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", + "path-injection", "file-content-store", "hostname-verification", "response-splitting", + "information-leak", "xslt-injection", "jexl-injection", "bean-validation", + "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and diff --git a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll index a2b144a3833..23ccb306a16 100644 --- a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll +++ b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll @@ -30,7 +30,7 @@ class HttpStringLiteral extends StringLiteral { abstract class UrlOpenSink extends DataFlow::Node { } private class DefaultUrlOpenSink extends UrlOpenSink { - DefaultUrlOpenSink() { sinkNode(this, "open-url") } + DefaultUrlOpenSink() { sinkNode(this, "request-forgery") } } /** diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index f9b98490dfa..0eeea1c2afd 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -52,12 +52,8 @@ private class TypePropertiesRequestForgeryAdditionalTaintStep extends RequestFor /** A data flow sink for server-side request forgery (SSRF) vulnerabilities. */ abstract class RequestForgerySink extends DataFlow::Node { } -private class UrlOpenSinkAsRequestForgerySink extends RequestForgerySink { - UrlOpenSinkAsRequestForgerySink() { sinkNode(this, "open-url") } -} - -private class JdbcUrlSinkAsRequestForgerySink extends RequestForgerySink { - JdbcUrlSinkAsRequestForgerySink() { sinkNode(this, "jdbc-url") } +private class DefaultRequestForgerySink extends RequestForgerySink { + DefaultRequestForgerySink() { sinkNode(this, "request-forgery") } } /** A sanitizer for request forgery vulnerabilities. */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll index bff6a0a3893..3b5a8940239 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll @@ -89,7 +89,7 @@ class GetVirtualFileChildMethod extends Method { /** An argument to `getResource()` or `getResourceAsStream()`. */ private class GetResourceSink extends UnsafeUrlForwardSink { GetResourceSink() { - sinkNode(this, "open-url") + sinkNode(this, "request-forgery") or sinkNode(this, "get-resource") or diff --git a/java/ql/test/library-tests/frameworks/okhttp/test.ql b/java/ql/test/library-tests/frameworks/okhttp/test.ql index 2992a519e64..52e8a47132a 100644 --- a/java/ql/test/library-tests/frameworks/okhttp/test.ql +++ b/java/ql/test/library-tests/frameworks/okhttp/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module OkHttpFlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module OkHttpFlow = DataFlow::Global; diff --git a/java/ql/test/library-tests/frameworks/retrofit/test.ql b/java/ql/test/library-tests/frameworks/retrofit/test.ql index 5db5201aad0..e09f1ed41d7 100644 --- a/java/ql/test/library-tests/frameworks/retrofit/test.ql +++ b/java/ql/test/library-tests/frameworks/retrofit/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module FlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module Flow = DataFlow::Global; From 0a8c0f58b2c3f12889cb64f55174c050abad21fd Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 12:30:14 -0400 Subject: [PATCH 192/210] Java: add sink kinds documentation --- .../customizing-library-models-for-java.rst | 37 +++++++++++++------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst index baa93e8eb0a..d45ce942964 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst @@ -327,18 +327,31 @@ Taint sink. As opposed to source kinds, there are many different kinds of sinks The following sink kinds are supported: -- **sql**: A SQL injection vulnerability sink. -- **xss**: A cross-site scripting vulnerability sink. -- **logging**: A log output sink. - -Below is an enumeration of the remaining sinks, but they are out of scope for this documentation: - -- **open-url**, **jndi-injection**, **ldap**, **jdbc-url** -- **mvel**, **xpath**, **groovy**, **ognl-injection** -- **intent-start**, **pending-intent-sent**, **url-redirect** -- **create-file**, **read-file**, **write-file**, **set-hostname-verifier** -- **header-splitting**, **information-leak**, **xslt**, **jexl** -- **bean-validation**, **ssti**, **fragment-injection**, **regex-use[**\ `arg`\ **]** +- **bean-validation**: A sink that can be used for insecure bean validation, such as in calls to **ConstraintValidatorContext.buildConstraintViolationWithTemplate**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **Runtime.exec**. +- **file-content-store**: A sink that can be used to control the contents of a file, such as in a **Files.write** call. +- **fragment-injection**: A sink that can be used for Android fragment injection, such as in a **FragmentTransaction.replace** call. +- **groovy-injection**: A sink that can be used for Groovy injection, such as in a **GroovyShell.evaluate** call. +- **hostname-verification**: A sink that can be used for unsafe hostname verification, such as in calls to **HttpsURLConnection.setHostnameVerifier**. +- **html-injection**: A sink that can be used for XSS via HTML injection, such as in a **ResponseStream.write** call. +- **information-leak**: A sink that can be used to leak information to an HTTP response, such as in calls to **HttpServletResponse.sendError**. +- **intent-redirection**: A sink that can be used for Android intent redirection, such as in a **Context.startActivity** call. +- **jexl-injection**: A sink that can be used for JEXL expression injection, such as in a **JexlExpression.evaluate** call. +- **jndi-injection**: A sink that can be used for JNDI injection, such as in a **Context.lookup** call. +- **js-injection**: A sink that can be used for XSS via JavaScript injection, such as in a **Webview.evaluateJavaScript** call. +- **ldap-injection**: A sink that can be used for LDAP injection, such as in a **DirContext.search** call. +- **log-injection**: A sink that can be used for log injection, such as in a **Logger.warn** call. +- **mvel-injection**: A sink that can be used for MVEL expression injection, such as in a **MVEL.eval** call. +- **ognl-injection**: A sink that can be used for OGNL injection, such as in an **Ognl.getValue** call. +- **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **new FileReader**. +- **pending-intents**: A sink that can be used to send an implicit and mutable `PendingIntent` to a third party, such as in an **Activity.setResult** call. +- **request-forgery**: A sink that controls the URL of a request, such as in an **HttpRequest.newBuilder** call. +- **response-splitting**: A sink that can be used for HTTP response splitting, such as in calls to **HttpServletResponse.setHeader**. +- **sql-injection**: A sink that can be used for SQL injection, such as in a **Statement.executeQuery** call. +- **template-injection**: A sink that can be used for server side template injection, such as in a **Velocity.evaluate** call. +- **url-redirection**: A sink that can be used to redirect the user to a malicious URL, such as in a **Response.temporaryRedirect** call. +- **xpath-injection**: A sink that can be used for XPath injection, such as in a **XPath.evaluate** call. +- **xslt-injection**: A sink that can be used for XSLT injection, such as in a **Transformer.transform** call. summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From 36e467e74adba329b72c4e494bc0235b55363c9c Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 14:49:07 -0400 Subject: [PATCH 193/210] Java: update cwe-sink.csv --- java/documentation/library-coverage/cwe-sink.csv | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/java/documentation/library-coverage/cwe-sink.csv b/java/documentation/library-coverage/cwe-sink.csv index a4e2f5b9af9..16fff1e653b 100644 --- a/java/documentation/library-coverage/cwe-sink.csv +++ b/java/documentation/library-coverage/cwe-sink.csv @@ -1,7 +1,7 @@ CWE,Sink identifier,Label -CWE‑089,sql,SQL injection -CWE‑022,create-file,Path injection +CWE‑089,sql-injection,SQL injection +CWE‑022,path-injection,Path injection CWE‑094,bean-validation,Code injection -CWE‑319,open-url,Cleartext transmission -CWE‑079,xss,Cross-site scripting -CWE‑090,ldap,LDAP injection +CWE‑918,request-forgery,Request Forgery +CWE‑079,html-injection js-injection,Cross-site scripting +CWE‑090,ldap-injection,LDAP injection From ad771984f12e8056f9958614b0c3c65a81b5aab0 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 15:09:49 -0400 Subject: [PATCH 194/210] Java: update recently added path-injection sinks --- java/ql/lib/ext/org.springframework.util.model.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/java/ql/lib/ext/org.springframework.util.model.yml b/java/ql/lib/ext/org.springframework.util.model.yml index a0203a0ce9e..a868638c4df 100644 --- a/java/ql/lib/ext/org.springframework.util.model.yml +++ b/java/ql/lib/ext/org.springframework.util.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "read-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "create-file", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all From e28ce959a3168f01c5f879fbade26f88f9a149c1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 15:10:32 -0400 Subject: [PATCH 195/210] Java: update CaptureSinkModels test case --- .../modelgenerator/dataflow/CaptureSinkModels.expected | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index b0c363c1b4a..799a1a37dd4 100644 --- a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,5 +1,5 @@ -| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];create-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];read-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];create-file;df-generated | -| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];open-url;df-generated | -| p;Sources;true;readUrl;(URL);;Argument[0];open-url;df-generated | +| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];path-injection;df-generated | +| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];request-forgery;df-generated | +| p;Sources;true;readUrl;(URL);;Argument[0];request-forgery;df-generated | From 6bb6802fb8c90f831634e306ef9f974a78a7db04 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 9 May 2023 15:26:05 -0400 Subject: [PATCH 196/210] Java: add change note draft --- .../2023-05-05-java-sink-kind-revamp.md | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md diff --git a/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md new file mode 100644 index 00000000000..2ca5dedff2e --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md @@ -0,0 +1,22 @@ +--- +category: minorAnalysis +--- +* Updated the following Java sink kind names: + * `sql` to `sql-injection` + * `url-redirect` to `url-redirection` + * `xpath` to `xpath-injection` + * `ssti` to `template-injection` + * `logging` to `log-injection` + * `groovy` to `groovy-injection` + * `jexl` to `jexl-injection` + * `mvel` to `mvel-injection` + * `xslt` to `xslt-injection` + * `ldap` to `ldap-injection` + * `pending-intent-sent` to `pending-intents` + * `intent-start` to `intent-redirection` + * `set-hostname-verifier` to `hostname-verification` + * `header-splitting` to `response-splitting` + * `xss` to `html-injection` and `js-injection` + * `write-file` to `file-system-store` + * `create-file` and `read-file` to `path-injection` + * `open-url` and `jdbc-url` to `request-forgery` From 3e5dc28c0a64048b1c1a2d98d4632e20601589f5 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 10 May 2023 17:27:03 -0400 Subject: [PATCH 197/210] Java: update more recently added sinks: path-injection and request-forgery --- .../lib/ext/org.apache.commons.net.model.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/java/ql/lib/ext/org.apache.commons.net.model.yml b/java/ql/lib/ext/org.apache.commons.net.model.yml index 1ea8876a4e1..0a4c46e6a3c 100644 --- a/java/ql/lib/ext/org.apache.commons.net.model.yml +++ b/java/ql/lib/ext/org.apache.commons.net.model.yml @@ -3,15 +3,15 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int,InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int)", "", "Argument[0]", "open-url", "df-manual"] - - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int,InetAddress,int)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String)", "", "Argument[0]", "read-file", "df-manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String,String)", "", "Argument[0]", "read-file", "df-manual"] - - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(String,File,String,String,String)", "", "Argument[1]", "read-file", "df-manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "df-manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(String,File,String,String,String)", "", "Argument[1]", "path-injection", "df-manual"] - addsTo: pack: codeql/java-all extensible: sourceModel From 9853a66b327f871ce0ddd42cb97dd1e62153fa80 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 11 May 2023 12:20:23 -0400 Subject: [PATCH 198/210] Java: update change note --- java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md index 2ca5dedff2e..ef54f491051 100644 --- a/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md +++ b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md @@ -1,7 +1,7 @@ --- category: minorAnalysis --- -* Updated the following Java sink kind names: +* Updated the following Java sink kind names. Any custom data extensions will need to be updated accordingly in order to continue working. * `sql` to `sql-injection` * `url-redirect` to `url-redirection` * `xpath` to `xpath-injection` From ca8ac0c93fbd94aab092ee88e71c1d0f28472293 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 11 May 2023 12:40:29 -0400 Subject: [PATCH 199/210] Java: add comment about request-forgery sinks --- java/ql/lib/semmle/code/java/security/HttpsUrls.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll index 23ccb306a16..07435889fd9 100644 --- a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll +++ b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll @@ -30,6 +30,7 @@ class HttpStringLiteral extends StringLiteral { abstract class UrlOpenSink extends DataFlow::Node { } private class DefaultUrlOpenSink extends UrlOpenSink { + // request-forgery sinks control the URL of a request DefaultUrlOpenSink() { sinkNode(this, "request-forgery") } } From 51f8f98118be37d62da93069c92ae3c235df9450 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 30 May 2023 14:39:20 -0400 Subject: [PATCH 200/210] Java: update recently added 'sql' sinks --- ...ingframework.jdbc.core.namedparam.model.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml index 9ecd0973558..a2ba27f6062 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "batchUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "query", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForList", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForMap", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForObject", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForRowSet", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForStream", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "update", "", "", "Argument[0]", "sql", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "update", "", "", "Argument[0]", "sql-injection", "manual"] From 82f208ca7a113ebd04276a1011ec6336307b6882 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 31 May 2023 17:47:36 -0400 Subject: [PATCH 201/210] Java: add isNeutralSink test case --- .../neutrals/neutralsinks/NeutralSinksTest.ql | 24 ++++++++- .../neutrals/neutralsinks/Test.java | 52 +++++++++---------- 2 files changed, 48 insertions(+), 28 deletions(-) diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql index 422508f5711..224b03ea51c 100644 --- a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql +++ b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql @@ -2,9 +2,10 @@ import java import TestUtilities.InlineExpectationsTest import semmle.code.java.dataflow.DataFlow import semmle.code.java.dataflow.ExternalFlow +import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl -class NeutralSinksTest extends InlineExpectationsTest { - NeutralSinksTest() { this = "NeutralSinksTest" } +class SinkTest extends InlineExpectationsTest { + SinkTest() { this = "SinkTest" } override string getARelevantTag() { result = "isSink" } @@ -18,3 +19,22 @@ class NeutralSinksTest extends InlineExpectationsTest { ) } } + +class NeutralSinkTest extends InlineExpectationsTest { + NeutralSinkTest() { this = "NeutralSinkTest" } + + override string getARelevantTag() { result = "isNeutralSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isNeutralSink" and + exists(Call call, Callable callable | + call.getCallee() = callable and + neutralModel(callable.getDeclaringType().getCompilationUnit().getPackage().getName(), + callable.getDeclaringType().getSourceDeclaration().nestedName(), callable.getName(), + [paramsString(callable), ""], "sink", _) and + call.getLocation() = location and + element = call.toString() and + value = "" + ) + } +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/Test.java b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java index fee2cbbb7dd..a234132226f 100644 --- a/java/ql/test/library-tests/neutrals/neutralsinks/Test.java +++ b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java @@ -14,48 +14,48 @@ public class Test { // java.io File file = null; - file.exists(); // Neutral Sink - file.compareTo(null); // Neutral Sink + file.exists(); // $ isNeutralSink + file.compareTo(null); // $ isNeutralSink // java.nio.file - Files.exists(null, (LinkOption[])null); // Neutral Sink - Files.getLastModifiedTime(null, (LinkOption[])null); // Neutral Sink - Files.getOwner(null, (LinkOption[])null); // Neutral Sink - Files.getPosixFilePermissions(null, (LinkOption[])null); // Neutral Sink - Files.isDirectory(null, (LinkOption[])null); // Neutral Sink - Files.isExecutable(null); // Neutral Sink - Files.isHidden(null); // Neutral Sink - Files.isReadable(null); // Neutral Sink - Files.isRegularFile(null, (LinkOption[])null); // Neutral Sink - Files.isSameFile(null, null); // Neutral Sink - Files.isSymbolicLink(null); // Neutral Sink - Files.isWritable(null); // Neutral Sink - Files.notExists(null, (LinkOption[])null); // Neutral Sink - Files.setLastModifiedTime(null, null); // Neutral Sink - Files.size(null); // Neutral Sink + Files.exists(null, (LinkOption[])null); // $ isNeutralSink + Files.getLastModifiedTime(null, (LinkOption[])null); // $ isNeutralSink + Files.getOwner(null, (LinkOption[])null); // $ isNeutralSink + Files.getPosixFilePermissions(null, (LinkOption[])null); // $ isNeutralSink + Files.isDirectory(null, (LinkOption[])null); // $ isNeutralSink + Files.isExecutable(null); // $ isNeutralSink + Files.isHidden(null); // $ isNeutralSink + Files.isReadable(null); // $ isNeutralSink + Files.isRegularFile(null, (LinkOption[])null); // $ isNeutralSink + Files.isSameFile(null, null); // $ isNeutralSink + Files.isSymbolicLink(null); // $ isNeutralSink + Files.isWritable(null); // $ isNeutralSink + Files.notExists(null, (LinkOption[])null); // $ isNeutralSink + Files.setLastModifiedTime(null, null); // $ isNeutralSink + Files.size(null); // $ isNeutralSink // java.nio.file.spi FileSystemProvider fsp = null; - fsp.isHidden(null); // Neutral Sink - fsp.isSameFile(null, null); // Neutral Sink + fsp.isHidden(null); // $ isNeutralSink + fsp.isSameFile(null, null); // $ isNeutralSink // java.text Collator c = null; - c.compare(null, null); // Neutral Sink - c.equals(null); // Neutral Sink - c.equals(null, null); // Neutral Sink + c.compare(null, null); // $ isNeutralSink + c.equals(null); // $ isNeutralSink + c.equals(null, null); // $ isNeutralSink RuleBasedCollator rbc = null; - rbc.compare(null, null); // Neutral Sink + rbc.compare(null, null); // $ isNeutralSink // java.util.prefs AbstractPreferences ap = null; - ap.nodeExists(null); // Neutral Sink + ap.nodeExists(null); // $ isNeutralSink Preferences p = null; - p.nodeExists(null); // Neutral Sink + p.nodeExists(null); // $ isNeutralSink // org.apache.hc.client5.http.protocol RedirectLocations rl = null; - rl.contains(null); // Neutral Sink + rl.contains(null); // $ isNeutralSink } } From 13ce6a6d8e9ef6a7285e9e47825100ae29187560 Mon Sep 17 00:00:00 2001 From: Maiky <76447395+maikypedia@users.noreply.github.com> Date: Thu, 1 Jun 2023 00:53:01 +0200 Subject: [PATCH 202/210] Update Frameworks.qll --- ruby/ql/lib/codeql/ruby/Frameworks.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/ruby/ql/lib/codeql/ruby/Frameworks.qll b/ruby/ql/lib/codeql/ruby/Frameworks.qll index d7b76c090b2..ffa6e8219a4 100644 --- a/ruby/ql/lib/codeql/ruby/Frameworks.qll +++ b/ruby/ql/lib/codeql/ruby/Frameworks.qll @@ -32,4 +32,5 @@ private import codeql.ruby.frameworks.Slim private import codeql.ruby.frameworks.Sinatra private import codeql.ruby.frameworks.Twirp private import codeql.ruby.frameworks.Sqlite3 +private import codeql.ruby.frameworks.Pg private import codeql.ruby.frameworks.Sequel From 3ef08d5baf25d1cfdef5c3f159b31aa360f8fb36 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 1 Jun 2023 00:20:17 +0000 Subject: [PATCH 203/210] Add changed framework coverage reports --- java/documentation/library-coverage/coverage.csv | 6 ++++-- java/documentation/library-coverage/coverage.rst | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/java/documentation/library-coverage/coverage.csv b/java/documentation/library-coverage/coverage.csv index 48f5dd8ae41..0bd4f53a9a7 100644 --- a/java/documentation/library-coverage/coverage.csv +++ b/java/documentation/library-coverage/coverage.csv @@ -21,6 +21,7 @@ com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17 com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551 com.google.common.flogger,29,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,,,,, com.google.common.io,8,,73,,2,,,,,,,,,,,,,,,5,,,,,,,,,,,,1,,,,,,,,72,1 +com.google.gson,,,39,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,25,14 com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,,, @@ -77,7 +78,7 @@ jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10 kotlin,16,,1843,,11,,,,,,,,,,,,,2,,3,,,,,,,,,,,,,,,,,,,,1836,7 net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,,,, ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,, -okhttp3,2,,47,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,22,25 +okhttp3,4,,47,,,,,,,,,,,,,,,4,,,,,,,,,,,,,,,,,,,,,,22,25 org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6, org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 @@ -152,7 +153,8 @@ org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25 org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,2, org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,, -play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,, +play.libs.ws,2,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,, +play.mvc,,13,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13,24, ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, diff --git a/java/documentation/library-coverage/coverage.rst b/java/documentation/library-coverage/coverage.rst index d89fce45524..b87eeb390fe 100644 --- a/java/documentation/library-coverage/coverage.rst +++ b/java/documentation/library-coverage/coverage.rst @@ -22,6 +22,6 @@ Java framework & library support Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,1,4,,1,1,2 Kotlin Standard Library,``kotlin*``,,1843,16,11,,,,,2 `Spring `_,``org.springframework.*``,29,483,113,2,,28,14,,29 - Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",89,827,516,26,,18,18,,181 - Totals,,246,9119,1969,175,10,122,33,1,361 + Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.google.gson``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.libs.ws``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",98,890,520,26,,18,18,,185 + Totals,,255,9182,1973,175,10,122,33,1,365 From 58845eca7ca785026f4e4fffd01e213806920c8d Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 1 Jun 2023 08:10:44 -0400 Subject: [PATCH 204/210] Java: update recently added 'open-url' sinks to 'request-forgery' --- java/ql/lib/ext/play.libs.ws.model.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/ext/play.libs.ws.model.yml b/java/ql/lib/ext/play.libs.ws.model.yml index ab905bc463a..3547414a7ad 100644 --- a/java/ql/lib/ext/play.libs.ws.model.yml +++ b/java/ql/lib/ext/play.libs.ws.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["play.libs.ws", "WSClient", True, "url", "", "", "Argument[0]", "open-url", "manual"] - - ["play.libs.ws", "StandaloneWSClient", True, "url", "", "", "Argument[0]", "open-url", "manual"] + - ["play.libs.ws", "WSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] + - ["play.libs.ws", "StandaloneWSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] From 7d943c7621e18abc88dcef65da64af6f5266c4c2 Mon Sep 17 00:00:00 2001 From: Alex Ford Date: Thu, 1 Jun 2023 13:50:32 +0100 Subject: [PATCH 205/210] Ruby: update test output --- .../dataflow/local/TaintStep.expected | 1 + .../frameworks/sequel/Sequel.expected | 42 +++++++++---------- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected index 76aeb7fc310..2bfe1e9a9ab 100644 --- a/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected +++ b/ruby/ql/test/library-tests/dataflow/local/TaintStep.expected @@ -2815,6 +2815,7 @@ | file://:0:0:0:0 | parameter position 0 of File.realpath | file://:0:0:0:0 | [summary] to write: return (return) in File.realpath | | file://:0:0:0:0 | parameter position 0 of Hash[] | file://:0:0:0:0 | [summary] read: argument position 0.any element in Hash[] | | file://:0:0:0:0 | parameter position 0 of PG.new() | file://:0:0:0:0 | [summary] to write: return (return) in PG.new() | +| file://:0:0:0:0 | parameter position 0 of Sequel.connect | file://:0:0:0:0 | [summary] to write: return (return) in Sequel.connect | | file://:0:0:0:0 | parameter position 0 of String.try_convert | file://:0:0:0:0 | [summary] to write: return (return) in String.try_convert | | file://:0:0:0:0 | parameter position 0 of \| | file://:0:0:0:0 | [summary] read: argument position 0.any element in \| | | file://:0:0:0:0 | parameter position 1.. of File.join | file://:0:0:0:0 | [summary] to write: return (return) in File.join | diff --git a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected index b44d06e6c19..dca651d9412 100644 --- a/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected +++ b/ruby/ql/test/library-tests/frameworks/sequel/Sequel.expected @@ -1,23 +1,23 @@ sequelSqlConstruction -| sequel.rb:63:29:63:49 | call to cast | sequel.rb:63:45:63:48 | name | -| sequel.rb:66:29:66:49 | call to function | sequel.rb:66:45:66:48 | name | +| sequel.rb:62:29:62:49 | call to cast | sequel.rb:62:45:62:48 | name | +| sequel.rb:65:29:65:49 | call to function | sequel.rb:65:45:65:48 | name | sequelSqlExecution -| sequel.rb:10:9:10:60 | ...[...] | sequel.rb:10:14:10:59 | "SELECT * FROM users WHERE use..." | -| sequel.rb:13:9:13:64 | call to run | sequel.rb:13:18:13:63 | "SELECT * FROM users WHERE use..." | -| sequel.rb:16:9:18:11 | call to fetch | sequel.rb:16:20:16:65 | "SELECT * FROM users WHERE use..." | -| sequel.rb:21:9:21:65 | ...[...] | sequel.rb:21:14:21:64 | "SELECT * FROM users WHERE use..." | -| sequel.rb:24:9:24:65 | call to execute | sequel.rb:24:22:24:65 | "SELECT * FROM users WHERE use..." | -| sequel.rb:27:9:27:71 | call to execute_ddl | sequel.rb:27:26:27:71 | "SELECT * FROM users WHERE use..." | -| sequel.rb:30:9:30:71 | call to execute_dui | sequel.rb:30:26:30:71 | "SELECT * FROM users WHERE use..." | -| sequel.rb:33:9:33:74 | call to execute_insert | sequel.rb:33:29:33:74 | "SELECT * FROM users WHERE use..." | -| sequel.rb:36:9:36:62 | ... << ... | sequel.rb:36:17:36:62 | "SELECT * FROM users WHERE use..." | -| sequel.rb:39:9:39:79 | call to fetch_rows | sequel.rb:39:25:39:70 | "SELECT * FROM users WHERE use..." | -| sequel.rb:42:9:42:81 | call to with_sql_all | sequel.rb:42:35:42:80 | "SELECT * FROM users WHERE use..." | -| sequel.rb:45:9:45:84 | call to with_sql_delete | sequel.rb:45:38:45:83 | "SELECT * FROM users WHERE use..." | -| sequel.rb:48:9:48:90 | call to with_sql_each | sequel.rb:48:36:48:81 | "SELECT * FROM users WHERE use..." | -| sequel.rb:51:9:51:83 | call to with_sql_first | sequel.rb:51:37:51:82 | "SELECT * FROM users WHERE use..." | -| sequel.rb:54:9:54:84 | call to with_sql_insert | sequel.rb:54:38:54:83 | "SELECT * FROM users WHERE use..." | -| sequel.rb:57:9:57:90 | call to with_sql_single_value | sequel.rb:57:44:57:89 | "SELECT * FROM users WHERE use..." | -| sequel.rb:60:9:60:84 | call to with_sql_update | sequel.rb:60:38:60:83 | "SELECT * FROM users WHERE use..." | -| sequel.rb:63:9:63:20 | ...[...] | sequel.rb:63:14:63:19 | :table | -| sequel.rb:66:9:66:20 | ...[...] | sequel.rb:66:14:66:19 | :table | +| sequel.rb:9:9:9:60 | ...[...] | sequel.rb:9:14:9:59 | "SELECT * FROM users WHERE use..." | +| sequel.rb:12:9:12:64 | call to run | sequel.rb:12:18:12:63 | "SELECT * FROM users WHERE use..." | +| sequel.rb:15:9:17:11 | call to fetch | sequel.rb:15:20:15:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:20:9:20:65 | ...[...] | sequel.rb:20:14:20:64 | "SELECT * FROM users WHERE use..." | +| sequel.rb:23:9:23:65 | call to execute | sequel.rb:23:22:23:65 | "SELECT * FROM users WHERE use..." | +| sequel.rb:26:9:26:71 | call to execute_ddl | sequel.rb:26:26:26:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:29:9:29:71 | call to execute_dui | sequel.rb:29:26:29:71 | "SELECT * FROM users WHERE use..." | +| sequel.rb:32:9:32:74 | call to execute_insert | sequel.rb:32:29:32:74 | "SELECT * FROM users WHERE use..." | +| sequel.rb:35:9:35:62 | ... << ... | sequel.rb:35:17:35:62 | "SELECT * FROM users WHERE use..." | +| sequel.rb:38:9:38:79 | call to fetch_rows | sequel.rb:38:25:38:70 | "SELECT * FROM users WHERE use..." | +| sequel.rb:41:9:41:81 | call to with_sql_all | sequel.rb:41:35:41:80 | "SELECT * FROM users WHERE use..." | +| sequel.rb:44:9:44:84 | call to with_sql_delete | sequel.rb:44:38:44:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:47:9:47:90 | call to with_sql_each | sequel.rb:47:36:47:81 | "SELECT * FROM users WHERE use..." | +| sequel.rb:50:9:50:83 | call to with_sql_first | sequel.rb:50:37:50:82 | "SELECT * FROM users WHERE use..." | +| sequel.rb:53:9:53:84 | call to with_sql_insert | sequel.rb:53:38:53:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:56:9:56:90 | call to with_sql_single_value | sequel.rb:56:44:56:89 | "SELECT * FROM users WHERE use..." | +| sequel.rb:59:9:59:84 | call to with_sql_update | sequel.rb:59:38:59:83 | "SELECT * FROM users WHERE use..." | +| sequel.rb:62:9:62:20 | ...[...] | sequel.rb:62:14:62:19 | :table | +| sequel.rb:65:9:65:20 | ...[...] | sequel.rb:65:14:65:19 | :table | From 6722892828f03977688a0f157854dfa6879d322c Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 09:02:56 -0400 Subject: [PATCH 206/210] Java: switch 'android-widget' source kind to 'remote' --- java/ql/lib/ext/android.widget.model.yml | 2 +- java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 +- java/ql/lib/semmle/code/java/frameworks/android/Widget.qll | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/java/ql/lib/ext/android.widget.model.yml b/java/ql/lib/ext/android.widget.model.yml index ef4b015700a..aa6222c77d2 100644 --- a/java/ql/lib/ext/android.widget.model.yml +++ b/java/ql/lib/ext/android.widget.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "android-widget", "manual"] + - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "remote", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 4cb21496f5f..629b7140f19 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -286,7 +286,7 @@ module ModelValidation { ) or exists(string kind | sourceModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["remote", "contentprovider", "android-widget", "android-external-storage-dir"] and + not kind = ["remote", "contentprovider", "android-external-storage-dir"] and not kind.matches("qltest%") and result = "Invalid kind \"" + kind + "\" in source model." ) diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll index 81c34179c15..506f11a9112 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll @@ -5,7 +5,7 @@ private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSources private class DefaultAndroidWidgetSources extends RemoteFlowSource { - DefaultAndroidWidgetSources() { sourceNode(this, "android-widget") } + DefaultAndroidWidgetSources() { sourceNode(this, "remote") } override string getSourceType() { result = "Android widget source" } } From d035a29b4dcd99591463c1c5e54900069c05d302 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 09:23:42 -0400 Subject: [PATCH 207/210] Java: update source kind documentation --- .../customizing-library-models-for-java.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst index baa93e8eb0a..262a608f391 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst @@ -315,7 +315,7 @@ The following source kinds are supported: Below is an enumeration of the remaining source kinds, but they are out of scope for this documentation: -- **contentprovider**, **android-widget**, **android-external-storage-dir**. +- **contentprovider**, **android-external-storage-dir**. sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From 119b446dbcf0114d570caa458f6d707d9654df4f Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 09:29:37 -0400 Subject: [PATCH 208/210] Java: add change note --- .../2023-05-12-androidwidget-source-kind-to-remote.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md diff --git a/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md new file mode 100644 index 00000000000..7a2714a6527 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Changed the `android-widget` Java source kind to `remote`. Any custom data extensions that use the `android-widget` source kind will need to be updated accordingly in order to continue working. From 5700a6eea4b9ffff98e929714e1f7ffafcf4cc5b Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 09:48:50 -0400 Subject: [PATCH 209/210] Java: remove DefaultAndroidWidgetSources class --- java/ql/lib/semmle/code/java/frameworks/android/Widget.qll | 6 ------ 1 file changed, 6 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll index 506f11a9112..9cb39ed83a7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll @@ -4,12 +4,6 @@ import java private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSources -private class DefaultAndroidWidgetSources extends RemoteFlowSource { - DefaultAndroidWidgetSources() { sourceNode(this, "remote") } - - override string getSourceType() { result = "Android widget source" } -} - private class EditableToStringStep extends AdditionalTaintStep { override predicate step(DataFlow::Node n1, DataFlow::Node n2) { exists(MethodAccess ma | From de15013715b39f2c4e9c05680601bc2d09c81f43 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 12 May 2023 09:49:58 -0400 Subject: [PATCH 210/210] Java: remove RemoteFlowSources module --- java/ql/lib/semmle/code/java/dataflow/FlowSources.qll | 7 ------- 1 file changed, 7 deletions(-) diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index e10cd0db708..d26aa5d35f6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -36,13 +36,6 @@ abstract class RemoteFlowSource extends DataFlow::Node { abstract string getSourceType(); } -/** - * A module for importing frameworks that define remote flow sources. - */ -private module RemoteFlowSources { - private import semmle.code.java.frameworks.android.Widget -} - private class ExternalRemoteFlowSource extends RemoteFlowSource { ExternalRemoteFlowSource() { sourceNode(this, "remote") }

    +

    Welcome

    +

    Learn about building Web apps with ASP.NET Core.

    +