Merge branch 'main' into extractor-pack

.github/workflows/build.yml

@@ -14,7 +14,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ubuntu-latest, macos-latest]
+        #os: [ubuntu-latest, macos-latest, windows-latest]
 
     runs-on: ${{ matrix.os }}
 
@@ -73,10 +74,10 @@ jobs:
         with:
           name: extractor-ubuntu-latest
           path: linux64
-      - uses: actions/download-artifact@v2
-        with:
-          name: extractor-windows-latest
-          path: win64
+#      - uses: actions/download-artifact@v2
+#        with:
+#          name: extractor-windows-latest
+#          path: win64
       - uses: actions/download-artifact@v2
         with:
           name: extractor-macos-latest
@@ -84,10 +85,9 @@ jobs:
       - run: |
           mkdir -p ql
           cp -r codeql-extractor.yml tools ql/src/ql.dbscheme.stats ql/
-          mkdir -p ql/tools/{linux64,osx64,win64}
+          mkdir -p ql/tools/{linux64,osx64}
           cp linux64/ql-extractor ql/tools/linux64/extractor
           cp osx64/ql-extractor ql/tools/osx64/extractor
-          cp win64/ql-extractor.exe ql/tools/win64/extractor.exe
           chmod +x ql/tools/{linux64,osx64}/extractor
           zip -rq codeql-ql.zip ql
       - uses: actions/upload-artifact@v2

.gitignore

@@ -5,3 +5,4 @@ extractor-pack
 ql/test/**/*.testproj
 ql/test/**/*.actual
 ql/test/**/CONSISTENCY
+work

README.md

@@ -6,7 +6,7 @@ Under development.
 
 ## Building the tools from source
 
-[Install Rust](https://www.rust-lang.org/tools/install), then run:
+[Install Rust](https://www.rust-lang.org/tools/install) (if using VSCode, you may also want the `rust-analyzer` extension), then run:
 
 ```bash
 cargo build --release

ql/src/codeql_ql/ast/Ast.qll

@@ -771,7 +771,7 @@ class NewTypeBranch extends TNewTypeBranch, TypeDeclaration {
  * or a member call `foo.bar()`,
  * or a special call to `none()` or `any()`.
  */
-class Call extends TCall, Expr {
+class Call extends TCall, Expr, Formula {
   /** Gets the `i`th argument of this call. */
   Expr getArgument(int i) {
     none() // overriden in sublcasses.
@@ -1014,7 +1014,7 @@ class Conjunction extends TConjunction, AstNode, Formula {
 }
 
 /** An `or` formula, with 2 or more operands. */
-class Disjunction extends TDisjunction, AstNode {
+class Disjunction extends TDisjunction, AstNode, Formula {
   Generated::Disjunction disj;
 
   Disjunction() { this = TDisjunction(disj) }

ql/src/codeql_ql/ast/internal/Builtins.qll

@@ -42,7 +42,7 @@ predicate isBuiltinMember(string sig) {
       "string string.toLowerCase()", "string string.toUpperCase()", "string string.trim()",
       "int date.daysTo(date)", "int date.getDay()", "int date.getHours()", "int date.getMinutes()",
       "int date.getMonth()", "int date.getSeconds()", "int date.getYear()",
-      "string date.toString()", "string date.toISO()"
+      "string date.toString()", "string date.toISO()", "string int.toUnicode()"
     ]
 }
 

ql/src/queries/style/suggestInstanceofExtension.ql

@@ -0,0 +1,47 @@
+/**
+ * @name Suggest using non-extending subtype relationships.
+ * @description Non-extending subtypes ("instanceof extensions") are generally preferrable to instanceof expressions in characteristic predicates.
+ * @kind problem
+ * @problem.severity warning
+ * @id ql/suggest-instanceof-extension
+ * @tags maintainability
+ * @precision medium
+ */
+
+import ql
+
+InstanceOf instanceofInCharPred(Class c) {
+  result = c.getCharPred().getBody()
+  or
+  exists(Conjunction conj |
+    conj = c.getCharPred().getBody() and
+    result = conj.getAnOperand()
+  )
+}
+
+predicate instanceofThisInCharPred(Class c, TypeExpr type) {
+  exists(InstanceOf instanceOf |
+    instanceOf = instanceofInCharPred(c) and
+    instanceOf.getExpr() instanceof ThisAccess and
+    type = instanceOf.getType()
+  )
+}
+
+predicate classWithInstanceofThis(Class c, TypeExpr type) {
+  instanceofThisInCharPred(c, type) and
+  exists(ClassPredicate classPred |
+    classPred = c.getAClassPredicate() and
+    exists(MemberCall call, InlineCast cast |
+      call.getEnclosingPredicate() = classPred and
+      cast = call.getBase() and
+      cast.getBase() instanceof ThisAccess and
+      cast.getTypeExpr().getResolvedType() = type.getResolvedType()
+    )
+  )
+}
+
+from Class c, TypeExpr type, string message
+where
+  classWithInstanceofThis(c, type) and
+  message = "consider defining $@ as non-extending subtype of $@"
+select c, message, c, c.getName(), type, type.getResolvedType().getName()