hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12917 from egregius313/egregius313/java/dataflow/refactor-inline-flow-test

Browse Source 
Java: Refactor `InlineFlowTest` to remove usage of `DataFlow::Configuration` API
This commit is contained in:
Edward Minnix III
2023-04-25 16:18:56 -04:00
committed by GitHub
parent 95b8a22529 d98723c35a
commit e50f56cc56
6 changed files with 79 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
java/ql/test/TestUtilities/InlineFlowTest.qll
View File

@@ -61,37 +61,11 @@ private module DefaultValueFlow = DataFlow::Global<DefaultFlowConfig>;
private module DefaultTaintFlow = TaintTracking::Global<DefaultFlowConfig>;
class DefaultValueFlowConf extends DataFlow::Configuration {
DefaultValueFlowConf() { this = "qltest:defaultValueFlowConf" }
override predicate isSource(DataFlow::Node n) { defaultSource(n) }
override predicate isSink(DataFlow::Node n) {
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
}
override int fieldFlowBranchLimit() { result = 1000 }
}
class DefaultTaintFlowConf extends TaintTracking::Configuration {
DefaultTaintFlowConf() { this = "qltest:defaultTaintFlowConf" }
override predicate isSource(DataFlow::Node n) { defaultSource(n) }
override predicate isSink(DataFlow::Node n) {
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
}
override int fieldFlowBranchLimit() { result = 1000 }
}
private string getSourceArgString(DataFlow::Node src) {
defaultSource(src) and
src.asExpr().(MethodAccess).getAnArgument().(StringLiteral).getValue() = result
}
abstract class EnableLegacyConfiguration extends Unit { }
class InlineFlowTest extends InlineExpectationsTest {
InlineFlowTest() { this = "HasFlowTest" }
@@ -116,18 +90,10 @@ class InlineFlowTest extends InlineExpectationsTest {
}
predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) {
if exists(EnableLegacyConfiguration e)
then getValueFlowConfig().hasFlow(src, sink)
else DefaultValueFlow::flow(src, sink)
DefaultValueFlow::flow(src, sink)
}
predicate hasTaintFlow(DataFlow::Node src, DataFlow::Node sink) {
if exists(EnableLegacyConfiguration e)
then getTaintFlowConfig().hasFlow(src, sink)
else DefaultTaintFlow::flow(src, sink)
DefaultTaintFlow::flow(src, sink)
}
DataFlow::Configuration getValueFlowConfig() { result = any(DefaultValueFlowConf config) }
DataFlow::Configuration getTaintFlowConfig() { result = any(DefaultTaintFlowConf config) }
}

32
java/ql/test/library-tests/frameworks/JaxWs/JaxRsFlow.ql
View File

@@ -3,22 +3,26 @@ import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.dataflow.FlowSources
import TestUtilities.InlineFlowTest
class EnableLegacy extends EnableLegacyConfiguration {
EnableLegacy() { exists(this) }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) {
DefaultFlowConfig::isSource(node)
or
node instanceof RemoteFlowSource
}
predicate isSink = DefaultFlowConfig::isSink/1;
}
class TaintFlowConf extends DefaultTaintFlowConf {
override predicate isSource(DataFlow::Node n) {
super.isSource(n)
or
n instanceof RemoteFlowSource
}
}
module TaintFlow = TaintTracking::Global<Config>;
class ValueFlowConf extends DefaultValueFlowConf {
override predicate isSource(DataFlow::Node n) {
super.isSource(n)
or
n instanceof RemoteFlowSource
module ValueFlow = DataFlow::Global<Config>;
class Test extends InlineFlowTest {
override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
TaintFlow::flow(source, sink)
}
override predicate hasValueFlow(DataFlow::Node source, DataFlow::Node sink) {
ValueFlow::flow(source, sink)
}
}

39
java/ql/test/library-tests/frameworks/android/slice/test.ql
View File

@@ -1,22 +1,37 @@
import java
import semmle.code.java.dataflow.TaintTracking
import TestUtilities.InlineFlowTest
import semmle.code.java.dataflow.FlowSources
class EnableLegacy extends EnableLegacyConfiguration {
EnableLegacy() { exists(this) }
}
class SliceValueFlowConf extends DefaultValueFlowConf {
override predicate isSource(DataFlow::Node source) {
super.isSource(source) or source instanceof RemoteFlowSource
module SliceValueFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
DefaultFlowConfig::isSource(source) or source instanceof RemoteFlowSource
}
predicate isSink = DefaultFlowConfig::isSink/1;
}
class SliceTaintFlowConf extends DefaultTaintFlowConf {
override predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
super.allowImplicitRead(node, c)
or
isSink(node) and
module SliceValueFlow = DataFlow::Global<SliceValueFlowConfig>;
module SliceTaintFlowConfig implements DataFlow::ConfigSig {
predicate isSource = DefaultFlowConfig::isSource/1;
predicate isSink = DefaultFlowConfig::isSink/1;
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
DefaultFlowConfig::isSink(node) and
c.(DataFlow::SyntheticFieldContent).getField() = "androidx.slice.Slice.action"
}
}
module SliceTaintFlow = TaintTracking::Global<SliceTaintFlowConfig>;
class SliceFlowTest extends InlineFlowTest {
override predicate hasValueFlow(DataFlow::Node source, DataFlow::Node sink) {
SliceValueFlow::flow(source, sink)
}
override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
SliceTaintFlow::flow(source, sink)
}
}

17
java/ql/test/library-tests/frameworks/netty/manual/test.ql
View File

@@ -1,15 +1,22 @@
import java
import semmle.code.java.dataflow.DataFlow
import semmle.code.java.dataflow.FlowSources
import TestUtilities.InlineFlowTest
class Conf extends DefaultTaintFlowConf {
override predicate isSource(DataFlow::Node node) {
super.isSource(node)
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) {
DefaultFlowConfig::isSource(node)
or
node instanceof RemoteFlowSource
}
predicate isSink = DefaultFlowConfig::isSink/1;
}
class LegacyConfig extends EnableLegacyConfiguration {
LegacyConfig() { this instanceof Unit }
module Flow = TaintTracking::Global<Config>;
class Test extends InlineFlowTest {
override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
Flow::flow(source, sink)
}
}

15
java/ql/test/library-tests/frameworks/okhttp/test.ql
View File

@@ -1,10 +1,17 @@
import java
import semmle.code.java.dataflow.DataFlow
import TestUtilities.InlineFlowTest
class EnableLegacy extends EnableLegacyConfiguration {
EnableLegacy() { exists(this) }
module OkHttpFlowConfig implements DataFlow::ConfigSig {
predicate isSource = DefaultFlowConfig::isSource/1;
predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") }
}
class FlowConf extends DefaultValueFlowConf {
override predicate isSink(DataFlow::Node n) { super.isSink(n) or sinkNode(n, "open-url") }
module OkHttpFlow = DataFlow::Global<OkHttpFlowConfig>;
class OkHttpTest extends InlineFlowTest {
override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) {
OkHttpFlow::flow(src, sink)
}
}

13
java/ql/test/library-tests/frameworks/retrofit/test.ql
View File

@@ -1,10 +1,15 @@
import java
import semmle.code.java.dataflow.DataFlow
import TestUtilities.InlineFlowTest
class EnableLegacy extends EnableLegacyConfiguration {
EnableLegacy() { exists(this) }
module FlowConfig implements DataFlow::ConfigSig {
predicate isSource = DefaultFlowConfig::isSource/1;
predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") }
}
class FlowConf extends DefaultValueFlowConf {
override predicate isSink(DataFlow::Node n) { super.isSink(n) or sinkNode(n, "open-url") }
module Flow = DataFlow::Global<FlowConfig>;
class RetrofitFlowTest extends InlineFlowTest {
override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) { Flow::flow(src, sink) }
}