Merge branch 'main' into js/shared-dataflow

javascript/ql/test/library-tests/frameworks/data/test.expected

@@ -75,6 +75,11 @@ taintFlow
 | test.js:249:28:249:35 | source() | test.js:249:28:249:35 | source() |
 | test.js:252:15:252:22 | source() | test.js:252:15:252:22 | source() |
 | test.js:254:32:254:39 | source() | test.js:254:32:254:39 | source() |
+| test.js:262:10:262:31 | this.ba ... ource() | test.js:262:10:262:31 | this.ba ... ource() |
+| test.js:265:6:265:39 | new MyS ... ource() | test.js:265:6:265:39 | new MyS ... ource() |
+| test.js:269:10:269:31 | this.ba ... ource() | test.js:269:10:269:31 | this.ba ... ource() |
+| test.js:272:6:272:40 | new MyS ... ource() | test.js:272:6:272:40 | new MyS ... ource() |
+| test.js:274:6:274:39 | testlib ... eName() | test.js:274:6:274:39 | testlib ... eName() |
 isSink
 | test.js:54:18:54:25 | source() | test-sink |
 | test.js:55:22:55:29 | source() | test-sink |

javascript/ql/test/library-tests/frameworks/data/test.ext.yml

@@ -0,0 +1,77 @@
+extensions:
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: sourceModel
+    data:
+      - ['testlib', 'Member[BaseClass].Instance.Member[baseclassSource].ReturnValue', 'test-source']
+      - ['testlib', 'Member[ClassDecorator].DecoratedClass.Instance.Member[inputIsSource].Parameter[0]', 'test-source']
+      - ['testlib', 'Member[FieldDecoratorSource].DecoratedMember', 'test-source']
+      - ['testlib', 'Member[MethodDecoratorWithArgs].ReturnValue.DecoratedMember.Parameter[0]', 'test-source']
+      - ['testlib', 'Member[MethodDecorator].DecoratedMember.Parameter[0]', 'test-source']
+      - ['testlib', 'Member[ParamDecoratorSource].DecoratedParameter', 'test-source']
+      - ['testlib', 'Member[getSource].ReturnValue', 'test-source']
+      - ['(testlib)', 'Member[parenthesizedPackageName].ReturnValue', 'test-source']
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: sinkModel
+    data:
+      - ['testlib', 'AnyMember.Member[memberSink].Argument[0]', 'test-sink']
+      - ['testlib', 'Fuzzy.Member[fuzzyCall].Argument[0]', 'test-sink']
+      - ['testlib', 'Member[ClassDecorator].DecoratedClass.Instance.Member[returnValueIsSink].ReturnValue', 'test-sink']
+      - ['testlib', 'Member[FieldDecoratorSink].DecoratedMember', 'test-sink']
+      - ['testlib', 'Member[MethodDecoratorWithArgs].ReturnValue.DecoratedMember.ReturnValue', 'test-sink']
+      - ['testlib', 'Member[MethodDecorator].DecoratedMember.ReturnValue', 'test-sink']
+      - ['testlib', 'Member[ParamDecoratorSink].DecoratedParameter', 'test-sink']
+      - ['testlib', 'Member[foo', 'test-sink']
+      - ['testlib', 'Member[foo] .Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo] Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo], Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo],Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo]. Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo]..Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo]Member[bar]', 'test-sink']
+      - ['testlib', 'Member[foo]]', 'test-sink']
+      - ['testlib', 'Member[foo]].Member[bar]', 'test-sink']
+      - ['testlib', 'Member[mySinkExceptLast].Argument[0..N-2]', 'test-sink']
+      - ['testlib', 'Member[mySinkIfArityTwo].WithArity[2].Argument[0]', 'test-sink']
+      - ['testlib', 'Member[mySinkIfCall].Call.Argument[0]', 'test-sink']
+      - ['testlib', 'Member[mySinkIfNew].NewCall.Argument[0]', 'test-sink']
+      - ['testlib', 'Member[mySinkLast].Argument[N-1]', 'test-sink']
+      - ['testlib', 'Member[mySinkSecondLast].Argument[N-2]', 'test-sink']
+      - ['testlib', 'Member[mySinkTwoLastRange].Argument[N-2..N-1]', 'test-sink']
+      - ['testlib', 'Member[mySinkTwoLast].Argument[N-1,N-2]', 'test-sink']
+      - ['testlib', 'Member[mySink].Argument[0]', 'test-sink']
+      - ['testlib', 'Member[overloadedSink].WithStringArgument[0=danger].Argument[1]', 'test-sink']
+      - ['testlib', 'Member[sink1, sink2, sink3 ].Argument[0]', 'test-sink']
+      - ['testlib', 'Member[typevar].TypeVar[ABC].Member[mySink].Argument[0]', 'test-sink']
+      - ['testlib', 'Member[typevar].TypeVar[ABC].TypeVar[ABC].Member[mySink].Argument[1]', 'test-sink']
+      - ['testlib', 'Member[typevar].TypeVar[LeftRight].Member[mySink].Argument[0]', 'test-sink']
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: summaryModel
+    data:
+      - ['testlib', 'Member[getSource].ReturnValue.Member[continue]', 'Argument[this]', 'ReturnValue', 'taint']
+      - ['testlib', 'Member[preserveAllButFirstArgument]', 'Argument[1..]', 'ReturnValue', 'taint']
+      - ['testlib', 'Member[preserveAllIfCall].Call', 'Argument[0..]', 'ReturnValue', 'taint']
+      - ['testlib', 'Member[preserveArgZeroAndTwo]', 'Argument[0,2]', 'ReturnValue', 'taint']
+      - ['testlib', 'Member[preserveTaint]', 'Argument[0]', 'ReturnValue', 'taint']
+      - ['testlib', 'Member[taintIntoCallbackThis]', 'Argument[0]', 'Argument[1..2].Parameter[this]', 'taint']
+      - ['testlib', 'Member[taintIntoCallback]', 'Argument[0]', 'Argument[1..2].Parameter[0]', 'taint']
+      - ['testlib.~HasThisFlow', '', '', 'Member[getThis].ReturnValue', 'type']
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeModel
+    data:
+      - ['testlib.~HasThisFlow', 'testlib', 'Member[typevar]']
+      - ['testlib.~HasThisFlow', 'testlib.~HasThisFlow', 'Member[left,right,x]']
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeVariableModel
+    data:
+      - ['ABC', 'Member[a].Member[b].WithArity[0].ReturnValue.Member[c]']
+      - ['LeftRight', 'Member[left].TypeVar[LeftRight].Member[right]']
+      - ['LeftRight', 'Member[x]']

javascript/ql/test/library-tests/frameworks/data/test.js

@@ -256,3 +256,19 @@ function fuzzy() {
   fuzzyCall(source()); // OK - does not come from 'testlib'
   require('blah').fuzzyCall(source()); // OK - does not come from 'testlib'
 }
+
+class MySubclass extends testlib.BaseClass {
+  foo() {
+    sink(this.baseclassSource()); // NOT OK
+  }
+}
+sink(new MySubclass().baseclassSource()); // NOT OK
+
+class MySubclass2 extends MySubclass {
+  foo2() {
+    sink(this.baseclassSource()); // NOT OK
+  }
+}
+sink(new MySubclass2().baseclassSource()); // NOT OK
+
+sink(testlib.parenthesizedPackageName()); // NOT OK

javascript/ql/test/library-tests/frameworks/data/test.ql

@@ -2,88 +2,6 @@ import javascript
 import testUtilities.ConsistencyChecking
 import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels
 
-class Steps extends ModelInput::SummaryModelCsv {
-  override predicate row(string row) {
-    // type;path;input;output;kind
-    row =
-      [
-        "testlib;Member[preserveTaint];Argument[0];ReturnValue;taint",
-        "testlib;Member[taintIntoCallback];Argument[0];Argument[1..2].Parameter[0];taint",
-        "testlib;Member[taintIntoCallbackThis];Argument[0];Argument[1..2].Parameter[this];taint",
-        "testlib;Member[preserveArgZeroAndTwo];Argument[0,2];ReturnValue;taint",
-        "testlib;Member[preserveAllButFirstArgument];Argument[1..];ReturnValue;taint",
-        "testlib;Member[preserveAllIfCall].Call;Argument[0..];ReturnValue;taint",
-        "testlib;Member[getSource].ReturnValue.Member[continue];Argument[this];ReturnValue;taint",
-        "testlib.~HasThisFlow;;;Member[getThis].ReturnValue;type",
-      ]
-  }
-}
-
-class TypeDefs extends ModelInput::TypeModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "testlib.~HasThisFlow;testlib;Member[typevar]",
-        "testlib.~HasThisFlow;testlib.~HasThisFlow;Member[left,right,x]",
-      ]
-  }
-}
-
-class Sinks extends ModelInput::SinkModelCsv {
-  override predicate row(string row) {
-    // type;path;kind
-    row =
-      [
-        "testlib;Member[mySink].Argument[0];test-sink",
-        "testlib;Member[mySinkIfCall].Call.Argument[0];test-sink",
-        "testlib;Member[mySinkIfNew].NewCall.Argument[0];test-sink",
-        "testlib;Member[mySinkLast].Argument[N-1];test-sink",
-        "testlib;Member[mySinkSecondLast].Argument[N-2];test-sink",
-        "testlib;Member[mySinkTwoLast].Argument[N-1,N-2];test-sink",
-        "testlib;Member[mySinkTwoLastRange].Argument[N-2..N-1];test-sink",
-        "testlib;Member[mySinkExceptLast].Argument[0..N-2];test-sink",
-        "testlib;Member[mySinkIfArityTwo].WithArity[2].Argument[0];test-sink",
-        "testlib;Member[sink1, sink2, sink3 ].Argument[0];test-sink",
-        "testlib;Member[ClassDecorator].DecoratedClass.Instance.Member[returnValueIsSink].ReturnValue;test-sink",
-        "testlib;Member[FieldDecoratorSink].DecoratedMember;test-sink",
-        "testlib;Member[MethodDecorator].DecoratedMember.ReturnValue;test-sink",
-        "testlib;Member[MethodDecoratorWithArgs].ReturnValue.DecoratedMember.ReturnValue;test-sink",
-        "testlib;Member[ParamDecoratorSink].DecoratedParameter;test-sink",
-        "testlib;AnyMember.Member[memberSink].Argument[0];test-sink",
-        "testlib;Member[overloadedSink].WithStringArgument[0=danger].Argument[1];test-sink",
-        "testlib;Member[typevar].TypeVar[ABC].Member[mySink].Argument[0];test-sink",
-        "testlib;Member[typevar].TypeVar[ABC].TypeVar[ABC].Member[mySink].Argument[1];test-sink",
-        "testlib;Member[typevar].TypeVar[LeftRight].Member[mySink].Argument[0];test-sink",
-        "testlib;Fuzzy.Member[fuzzyCall].Argument[0];test-sink"
-      ]
-  }
-}
-
-class TypeVars extends ModelInput::TypeVariableModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "ABC;Member[a].Member[b].WithArity[0].ReturnValue.Member[c]", //
-        "LeftRight;Member[left].TypeVar[LeftRight].Member[right]", //
-        "LeftRight;Member[x]",
-      ]
-  }
-}
-
-class Sources extends ModelInput::SourceModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "testlib;Member[getSource].ReturnValue;test-source",
-        "testlib;Member[ClassDecorator].DecoratedClass.Instance.Member[inputIsSource].Parameter[0];test-source",
-        "testlib;Member[FieldDecoratorSource].DecoratedMember;test-source",
-        "testlib;Member[ParamDecoratorSource].DecoratedParameter;test-source",
-        "testlib;Member[MethodDecorator].DecoratedMember.Parameter[0];test-source",
-        "testlib;Member[MethodDecoratorWithArgs].ReturnValue.DecoratedMember.Parameter[0];test-source",
-      ]
-  }
-}
-
 module TestConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     source.(DataFlow::CallNode).getCalleeName() = "source"
@@ -124,24 +42,6 @@ query predicate isSink(DataFlow::Node node, string kind) {
   node = ModelOutput::getASinkNode(kind).asSink()
 }
 
-class SyntaxErrorTest extends ModelInput::SinkModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "testlib;Member[foo],Member[bar];test-sink", //
-        "testlib;Member[foo] Member[bar];test-sink", //
-        "testlib;Member[foo]. Member[bar];test-sink", //
-        "testlib;Member[foo], Member[bar];test-sink", //
-        "testlib;Member[foo]..Member[bar];test-sink", //
-        "testlib;Member[foo] .Member[bar];test-sink", //
-        "testlib;Member[foo]Member[bar];test-sink", //
-        "testlib;Member[foo;test-sink", //
-        "testlib;Member[foo]];test-sink", //
-        "testlib;Member[foo]].Member[bar];test-sink"
-      ]
-  }
-}
-
 query predicate syntaxErrors(ApiGraphModels::AccessPath path) { path.hasSyntaxError() }
 
 query predicate warning = ModelOutput::getAWarning/0;

javascript/ql/test/library-tests/frameworks/data/warnings.expected

@@ -1,5 +1,3 @@
-| CSV type row should have 3 columns but has 1: test.TooFewColumns |
-| CSV type row should have 3 columns but has 6: test.TooManyColumns;;Member[Foo].Instance;too;many;columns |
 | Invalid argument '0-1' in token 'Argument[0-1]' in access path: Method[foo].Argument[0-1] |
 | Invalid argument '*' in token 'Argument[*]' in access path: Method[foo].Argument[*] |
 | Invalid token 'Argument' is missing its arguments, in access path: Method[foo].Argument |

javascript/ql/test/library-tests/frameworks/data/warnings.ext.yml

@@ -0,0 +1,10 @@
+extensions:
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeModel
+    data:
+      - ['test.X', 'test.Y', 'Method[foo].Arg[0]']
+      - ['test.X', 'test.Y', 'Method[foo].Argument[0-1]']
+      - ['test.X', 'test.Y', 'Method[foo].Argument[*]']
+      - ['test.X', 'test.Y', 'Method[foo].Argument']
+      - ['test.X', 'test.Y', 'Method[foo].Member']

javascript/ql/test/library-tests/frameworks/data/warnings.ql

@@ -1,21 +1,6 @@
 import javascript
 import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels
 
-private class InvalidTypeModel extends ModelInput::TypeModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "test.TooManyColumns;;Member[Foo].Instance;too;many;columns", //
-        "test.TooFewColumns", //
-        "test.X;test.Y;Method[foo].Arg[0]", //
-        "test.X;test.Y;Method[foo].Argument[0-1]", //
-        "test.X;test.Y;Method[foo].Argument[*]", //
-        "test.X;test.Y;Method[foo].Argument", //
-        "test.X;test.Y;Method[foo].Member", //
-      ]
-  }
-}
-
 class IsTesting extends ApiGraphModels::TestAllModels {
   IsTesting() { this = this }
 }