Java: Adjust model generator printing to the new provenance.

2025-12-20 18:56:32 +01:00 · 2023-03-22 11:25:37 +01:00
parent df6d9e1e64
commit df7d58d101
4 changed files with 93 additions and 59 deletions
--- a/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll
+++ b/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll
@@ -4,11 +4,20 @@
 */

 private import CaptureModelsSpecific
+private import CaptureModelsPrinting

 class DataFlowTargetApi extends TargetApiSpecific {
  DataFlowTargetApi() { isRelevantForDataFlowModels(this) }
 }

+private module Printing implements PrintingSig {
+  class Api = DataFlowTargetApi;
+
+  string getProvenance() { result = "df-generated" }
+}
+
+module ModelPrinting = PrintingImpl<Printing>;
+
 /**
 * Holds if data can flow from `node1` to `node2` either via a read or a write of an intermediate field `f`.
 */
@@ -52,58 +61,6 @@ string parameterNodeAsInput(DataFlow::ParameterNode p) {
 */
 string asInputArgument(DataFlow::Node source) { result = asInputArgumentSpecific(source) }

-/**
- * Gets the summary model for `api` with `input`, `output` and `kind`.
- */
-bindingset[input, output, kind]
-private string asSummaryModel(TargetApiSpecific api, string input, string output, string kind) {
-  result =
-    asPartialModel(api) + input + ";" //
-      + output + ";" //
-      + kind + ";" //
-      + "generated"
-}
-
-string asNeutralModel(TargetApiSpecific api) { result = asPartialNeutralModel(api) + "generated" }
-
-/**
- * Gets the value summary model for `api` with `input` and `output`.
- */
-bindingset[input, output]
-string asValueModel(TargetApiSpecific api, string input, string output) {
-  result = asSummaryModel(api, input, output, "value")
-}
-
-/**
- * Gets the taint summary model for `api` with `input` and `output`.
- */
-bindingset[input, output]
-private string asTaintModel(TargetApiSpecific api, string input, string output) {
-  result = asSummaryModel(api, input, output, "taint")
-}
-
-/**
- * Gets the sink model for `api` with `input` and `kind`.
- */
-bindingset[input, kind]
-private string asSinkModel(TargetApiSpecific api, string input, string kind) {
-  result =
-    asPartialModel(api) + input + ";" //
-      + kind + ";" //
-      + "generated"
-}
-
-/**
- * Gets the source model for `api` with `output` and `kind`.
- */
-bindingset[output, kind]
-private string asSourceModel(TargetApiSpecific api, string output, string kind) {
-  result =
-    asPartialModel(api) + output + ";" //
-      + kind + ";" //
-      + "generated"
-}
-
 /**
 * Gets the summary model of `api`, if it follows the `fluent` programming pattern (returns `this`).
 */
@@ -112,7 +69,7 @@ string captureQualifierFlow(TargetApiSpecific api) {
    api = returnNodeEnclosingCallable(ret) and
    isOwnInstanceAccessNode(ret)
  ) and
-  result = asValueModel(api, qualifierString(), "ReturnValue")
+  result = ModelPrinting::asValueModel(api, qualifierString(), "ReturnValue")
 }

 private int accessPathLimit() { result = 2 }
@@ -225,7 +182,7 @@ string captureThroughFlow(DataFlowTargetApi api) {
    input = parameterNodeAsInput(p) and
    output = returnNodeAsOutput(returnNodeExt) and
    input != output and
-    result = asTaintModel(api, input, output)
+    result = ModelPrinting::asTaintModel(api, input, output)
  )
 }

@@ -264,7 +221,7 @@ string captureSource(DataFlowTargetApi api) {
    ExternalFlow::sourceNode(source, kind) and
    api = sink.getEnclosingCallable() and
    isRelevantSourceKind(kind) and
-    result = asSourceModel(api, returnNodeAsOutput(sink), kind)
+    result = ModelPrinting::asSourceModel(api, returnNodeAsOutput(sink), kind)
  )
 }

@@ -296,6 +253,6 @@ string captureSink(DataFlowTargetApi api) {
    ExternalFlow::sinkNode(sink, kind) and
    api = src.getEnclosingCallable() and
    isRelevantSinkKind(kind) and
-    result = asSinkModel(api, asInputArgument(src), kind)
+    result = ModelPrinting::asSinkModel(api, asInputArgument(src), kind)
  )
 }
--- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsPrinting.qll
+++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsPrinting.qll
@@ -0,0 +1,69 @@
+private import CaptureModelsSpecific
+
+signature module PrintingSig {
+  /**
+   * The class of APIs relevant for model generation.
+   */
+  class Api extends TargetApiSpecific;
+
+  /**
+   * Gets the string representation of the provenance of the models.
+   */
+  string getProvenance();
+}
+
+module PrintingImpl<PrintingSig Printing> {
+  /**
+   * Gets the summary model for `api` with `input`, `output` and `kind`.
+   */
+  bindingset[input, output, kind]
+  private string asSummaryModel(Printing::Api api, string input, string output, string kind) {
+    result =
+      asPartialModel(api) + input + ";" //
+        + output + ";" //
+        + kind + ";" //
+        + Printing::getProvenance()
+  }
+
+  string asNeutralModel(Printing::Api api) {
+    result = asPartialNeutralModel(api) + Printing::getProvenance()
+  }
+
+  /**
+   * Gets the value summary model for `api` with `input` and `output`.
+   */
+  bindingset[input, output]
+  string asValueModel(Printing::Api api, string input, string output) {
+    result = asSummaryModel(api, input, output, "value")
+  }
+
+  /**
+   * Gets the taint summary model for `api` with `input` and `output`.
+   */
+  bindingset[input, output]
+  string asTaintModel(Printing::Api api, string input, string output) {
+    result = asSummaryModel(api, input, output, "taint")
+  }
+
+  /**
+   * Gets the sink model for `api` with `input` and `kind`.
+   */
+  bindingset[input, kind]
+  string asSinkModel(Printing::Api api, string input, string kind) {
+    result =
+      asPartialModel(api) + input + ";" //
+        + kind + ";" //
+        + Printing::getProvenance()
+  }
+
+  /**
+   * Gets the source model for `api` with `output` and `kind`.
+   */
+  bindingset[output, kind]
+  string asSourceModel(Printing::Api api, string output, string kind) {
+    result =
+      asPartialModel(api) + output + ";" //
+        + kind + ";" //
+        + Printing::getProvenance()
+  }
+}
--- a/java/ql/src/utils/modelgenerator/internal/CaptureSummaryFlowQuery.qll
+++ b/java/ql/src/utils/modelgenerator/internal/CaptureSummaryFlowQuery.qll
@@ -78,5 +78,5 @@ string captureFlow(DataFlowTargetApi api) {
 */
 string captureNoFlow(DataFlowTargetApi api) {
  not exists(captureFlow(api)) and
-  result = asNeutralModel(api)
+  result = ModelPrinting::asNeutralModel(api)
 }
--- a/java/ql/src/utils/modelgenerator/internal/CaptureTypeBasedSummaryModels.qll
+++ b/java/ql/src/utils/modelgenerator/internal/CaptureTypeBasedSummaryModels.qll
@@ -2,7 +2,7 @@ private import java
 private import semmle.code.java.Collections
 private import semmle.code.java.dataflow.internal.ContainerFlow
 private import CaptureModelsSpecific as Specific
-private import CaptureModels
+private import CaptureModelsPrinting

 /**
 * A type representing instantiations of class types
@@ -283,6 +283,14 @@ private predicate output(Callable callable, TypeVariable tv, string output) {
  functionalSink(callable, tv, output)
 }

+module Printing implements PrintingSig {
+  class Api = TypeBasedFlowTargetApi;
+
+  string getProvenance() { result = "tb-generated" }
+}
+
+private module ModelPrinting = PrintingImpl<Printing>;
+
 /**
 * A class of callables that are relevant generating summaries for based
 * on the Theorems for Free approach.
@@ -319,7 +327,7 @@ class TypeBasedFlowTargetApi extends Specific::TargetApiSpecific {
      output(this, tv, output) and
      input != output
    |
-      result = asValueModel(this, input, output)
+      result = ModelPrinting::asValueModel(this, input, output)
    )
  }
 }