Refactor content flow into predicate

2025-12-20 18:56:32 +01:00 · 2021-11-15 16:30:55 +01:00
parent f4310898b3
commit d7ed325b3f
3 changed files with 20 additions and 26 deletions
--- a/java/ql/src/utils/model-generator/CaptureSourceModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSourceModels.ql
@@ -35,19 +35,7 @@ class FromSourceConfiguration extends TaintTracking::Configuration {
  }

  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    exists(DataFlow::Content f |
-      readStep(node1, f, node2) and
-      if f instanceof DataFlow::FieldContent
-      then isRelevantType(f.(DataFlow::FieldContent).getField().getType())
-      else any()
-    )
-    or
-    exists(DataFlow::Content f | storeStep(node1, f, node2) |
-      f instanceof DataFlow::ArrayContent or
-      f instanceof DataFlow::CollectionContent or
-      f instanceof DataFlow::MapKeyContent or
-      f instanceof DataFlow::MapValueContent
-    )
+    isRelevantTaintStep(node1, node2)
  }
 }

--- a/java/ql/src/utils/model-generator/CaptureSummaryModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSummaryModels.ql
@@ -54,19 +54,7 @@ class FieldToReturnConfig extends TaintTracking::Configuration {
  }

  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    exists(DataFlow::Content f |
-      readStep(node1, f, node2) and
-      if f instanceof DataFlow::FieldContent
-      then isRelevantType(f.(DataFlow::FieldContent).getField().getType())
-      else any()
-    )
-    or
-    exists(DataFlow::Content f | storeStep(node1, f, node2) |
-      f instanceof DataFlow::ArrayContent or
-      f instanceof DataFlow::CollectionContent or
-      f instanceof DataFlow::MapKeyContent or
-      f instanceof DataFlow::MapValueContent
-    )
+    isRelevantTaintStep(node1, node2)
  }

  override DataFlow::FlowFeature getAFeature() {
--- a/java/ql/src/utils/model-generator/ModelGeneratorUtils.qll
+++ b/java/ql/src/utils/model-generator/ModelGeneratorUtils.qll
@@ -2,6 +2,8 @@ import java
 private import semmle.code.java.dataflow.ExternalFlow
 private import semmle.code.java.dataflow.internal.ContainerFlow
 private import semmle.code.java.dataflow.internal.DataFlowImplCommon
+private import semmle.code.java.dataflow.DataFlow
+private import semmle.code.java.dataflow.internal.DataFlowPrivate

 Method superImpl(Method m) {
  result = m.getAnOverride() and
@@ -132,6 +134,22 @@ predicate isRelevantType(Type t) {
  )
 }

+predicate isRelevantTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
+  exists(DataFlow::Content f |
+    readStep(node1, f, node2) and
+    if f instanceof DataFlow::FieldContent
+    then isRelevantType(f.(DataFlow::FieldContent).getField().getType())
+    else any()
+  )
+  or
+  exists(DataFlow::Content f | storeStep(node1, f, node2) |
+    f instanceof DataFlow::ArrayContent or
+    f instanceof DataFlow::CollectionContent or
+    f instanceof DataFlow::MapKeyContent or
+    f instanceof DataFlow::MapValueContent
+  )
+}
+
 string returnNodeAsOutput(TargetAPI api, ReturnNodeExt node) {
  if node.getKind() instanceof ValueReturnKind
  then result = "ReturnValue"