C++: Combine the member swap models.

cpp/ql/src/semmle/code/cpp/models/implementations/Swap.qll

@@ -2,7 +2,10 @@ import semmle.code.cpp.models.interfaces.DataFlow
 import semmle.code.cpp.models.interfaces.Taint
 
 /**
- * The standard function `swap`.
+ * The standard function `swap`. A use of `swap` looks like this:
+ * ```
+ * std::swap(obj1, obj2)
+ * ```
  */
 private class Swap extends DataFlowFunction {
   Swap() { this.hasQualifiedName("std", "swap") }
@@ -17,82 +20,23 @@ private class Swap extends DataFlowFunction {
 }
 
 /**
- * The standard functions `std::string.swap` and `std::stringstream::swap`.
+ * A `swap` member function that is used as follows:
+ * ```
+ * obj1.swap(obj2)
+ * ```
  */
-private class StdStringSwap extends TaintFunction {
-  StdStringSwap() {
+private class MemberSwap extends TaintFunction {
+  MemberSwap() {
     this.hasQualifiedName("std", "basic_string", "swap") or
-    this.hasQualifiedName("std", "basic_stringstream", "swap")
+    this.hasQualifiedName("std", "basic_stringstream", "swap") or
+    this.hasQualifiedName("std", ["array", "vector", "deque", "list", "forward_list"], "swap") or
+    this.hasQualifiedName("std", ["set", "unordered_set"], "swap") or
+    this.hasQualifiedName("std", "pair", "swap") or
+    this.hasQualifiedName("std", ["map", "unordered_map"], "swap") or
+    this.hasQualifiedName("std", ["map", "unordered_map"], "swap")
   }
 
   override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
-    // str1.swap(str2)
-    input.isQualifierObject() and
-    output.isParameterDeref(0)
-    or
-    input.isParameterDeref(0) and
-    output.isQualifierObject()
-  }
-}
-
-/**
- * The standard container `swap` functions.
- */
-private class StdSequenceContainerSwap extends TaintFunction {
-  StdSequenceContainerSwap() {
-    this.hasQualifiedName("std", ["array", "vector", "deque", "list", "forward_list"], "swap")
-  }
-
-  override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
-    // container1.swap(container2)
-    input.isQualifierObject() and
-    output.isParameterDeref(0)
-    or
-    input.isParameterDeref(0) and
-    output.isQualifierObject()
-  }
-}
-
-/**
- * The standard set `swap` functions.
- */
-private class StdSetSwap extends TaintFunction {
-  StdSetSwap() { this.hasQualifiedName("std", ["set", "unordered_set"], "swap") }
-
-  override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
-    // container1.swap(container2)
-    input.isQualifierObject() and
-    output.isParameterDeref(0)
-    or
-    input.isParameterDeref(0) and
-    output.isQualifierObject()
-  }
-}
-
-/**
- * The standard pair `swap` function.
- */
-private class StdPairSwap extends TaintFunction {
-  StdPairSwap() { this.hasQualifiedName("std", "pair", "swap") }
-
-  override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
-    // container1.swap(container2)
-    input.isQualifierObject() and
-    output.isParameterDeref(0)
-    or
-    input.isParameterDeref(0) and
-    output.isQualifierObject()
-  }
-}
-
-/**
- * The standard map `swap` function.
- */
-private class StdMapSwap extends TaintFunction {
-  StdMapSwap() { this.hasQualifiedName("std", ["map", "unordered_map"], "swap") }
-
-  override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
-    // container1.swap(container2)
     input.isQualifierObject() and
     output.isParameterDeref(0)
     or