diff --git a/config/identical-files.json b/config/identical-files.json index 74ef7b82323..f968690fc49 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -461,5 +461,12 @@ "ReDoS Polynomial Python/JS": [ "javascript/ql/lib/semmle/javascript/security/performance/SuperlinearBackTracking.qll", "python/ql/lib/semmle/python/security/performance/SuperlinearBackTracking.qll" + ], + "CodeQL Tutorial": [ + "cpp/ql/lib/tutorial.qll", + "csharp/ql/lib/tutorial.qll", + "java/ql/lib/tutorial.qll", + "javascript/ql/lib/tutorial.qll", + "python/ql/lib/tutorial.qll" ] -} \ No newline at end of file +} diff --git a/cpp/ql/lib/semmle/code/cpp/Declaration.qll b/cpp/ql/lib/semmle/code/cpp/Declaration.qll index 7ac79fd99c1..b1422aa6342 100644 --- a/cpp/ql/lib/semmle/code/cpp/Declaration.qll +++ b/cpp/ql/lib/semmle/code/cpp/Declaration.qll @@ -275,9 +275,8 @@ class Declaration extends Locatable, @declaration { * `getTemplateArgumentKind(0)`. */ final Locatable getTemplateArgumentKind(int index) { - if exists(getTemplateArgumentValue(index)) - then result = getTemplateArgumentType(index) - else none() + exists(getTemplateArgumentValue(index)) and + result = getTemplateArgumentType(index) } /** Gets the number of template arguments for this declaration. */ diff --git a/cpp/ql/lib/semmle/code/cpp/XML.qll b/cpp/ql/lib/semmle/code/cpp/XML.qll index 4c762f4bf65..76f3b3cb022 100755 --- a/cpp/ql/lib/semmle/code/cpp/XML.qll +++ b/cpp/ql/lib/semmle/code/cpp/XML.qll @@ -108,7 +108,7 @@ class XMLParent extends @xmlparent { } /** Gets the text value contained in this XML parent. */ - string getTextValue() { result = allCharactersString() } + string getTextValue() { result = this.allCharactersString() } /** Gets a printable representation of this XML parent. */ string toString() { result = this.getName() } @@ -119,7 +119,7 @@ class XMLFile extends XMLParent, File { XMLFile() { xmlEncoding(this, _) } /** Gets a printable representation of this XML file. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } /** Gets the name of this XML file. */ override string getName() { result = File.super.getAbsolutePath() } @@ -129,14 +129,14 @@ class XMLFile extends XMLParent, File { * * Gets the path of this XML file. */ - deprecated string getPath() { result = getAbsolutePath() } + deprecated string getPath() { result = this.getAbsolutePath() } /** * DEPRECATED: Use `getParentContainer().getAbsolutePath()` instead. * * Gets the path of the folder that contains this XML file. */ - deprecated string getFolder() { result = getParentContainer().getAbsolutePath() } + deprecated string getFolder() { result = this.getParentContainer().getAbsolutePath() } /** Gets the encoding of this XML file. */ string getEncoding() { xmlEncoding(this, result) } @@ -200,7 +200,7 @@ class XMLDTD extends XMLLocatable, @xmldtd { */ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { /** Holds if this XML element has the given `name`. */ - predicate hasName(string name) { name = getName() } + predicate hasName(string name) { name = this.getName() } /** Gets the name of this XML element. */ override string getName() { xmlElements(this, result, _, _, _) } @@ -239,7 +239,7 @@ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { string getAttributeValue(string name) { result = this.getAttribute(name).getValue() } /** Gets a printable representation of this XML element. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll index 476f626e874..ff27baae965 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll @@ -344,14 +344,13 @@ private int convertIntToType(int val, IntegralType t) { then if val = 0 then result = 0 else result = 1 else if t.isUnsigned() - then if val >= 0 and val.bitShiftRight(t.getSize() * 8) = 0 then result = val else none() + then val >= 0 and val.bitShiftRight(t.getSize() * 8) = 0 and result = val else if val >= 0 and val.bitShiftRight(t.getSize() * 8 - 1) = 0 then result = val - else - if (-(val + 1)).bitShiftRight(t.getSize() * 8 - 1) = 0 - then result = val - else none() + else ( + (-(val + 1)).bitShiftRight(t.getSize() * 8 - 1) = 0 and result = val + ) } /** diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll index f43a550af57..494780d2e1b 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll @@ -937,7 +937,7 @@ class CallContextSpecificCall extends CallContextCall, TSpecificCall { } override predicate relevantFor(DataFlowCallable callable) { - recordDataFlowCallSite(getCall(), callable) + recordDataFlowCallSite(this.getCall(), callable) } override predicate matchesCall(DataFlowCall call) { call = this.getCall() } @@ -1257,7 +1257,7 @@ abstract class AccessPathFront extends TAccessPathFront { TypedContent getHead() { this = TFrontHead(result) } - predicate isClearedAt(Node n) { clearsContentCached(n, getHead().getContent()) } + predicate isClearedAt(Node n) { clearsContentCached(n, this.getHead().getContent()) } } class AccessPathFrontNil extends AccessPathFront, TFrontNil { diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll index f43a550af57..494780d2e1b 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll @@ -937,7 +937,7 @@ class CallContextSpecificCall extends CallContextCall, TSpecificCall { } override predicate relevantFor(DataFlowCallable callable) { - recordDataFlowCallSite(getCall(), callable) + recordDataFlowCallSite(this.getCall(), callable) } override predicate matchesCall(DataFlowCall call) { call = this.getCall() } @@ -1257,7 +1257,7 @@ abstract class AccessPathFront extends TAccessPathFront { TypedContent getHead() { this = TFrontHead(result) } - predicate isClearedAt(Node n) { clearsContentCached(n, getHead().getContent()) } + predicate isClearedAt(Node n) { clearsContentCached(n, this.getHead().getContent()) } } class AccessPathFrontNil extends AccessPathFront, TFrontNil { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll index 4b86f9a7cec..bb8630a5e0c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll @@ -24,7 +24,7 @@ class IRBlockBase extends TIRBlock { final string toString() { result = getFirstInstruction(this).toString() } /** Gets the source location of the first non-`Phi` instruction in this block. */ - final Language::Location getLocation() { result = getFirstInstruction().getLocation() } + final Language::Location getLocation() { result = this.getFirstInstruction().getLocation() } /** * INTERNAL: Do not use. @@ -39,7 +39,7 @@ class IRBlockBase extends TIRBlock { ) and this = rank[result + 1](IRBlock funcBlock, int sortOverride, int sortKey1, int sortKey2 | - funcBlock.getEnclosingFunction() = getEnclosingFunction() and + funcBlock.getEnclosingFunction() = this.getEnclosingFunction() and funcBlock.getFirstInstruction().hasSortKeys(sortKey1, sortKey2) and // Ensure that the block containing `EnterFunction` always comes first. if funcBlock.getFirstInstruction() instanceof EnterFunctionInstruction @@ -59,15 +59,15 @@ class IRBlockBase extends TIRBlock { * Get the `Phi` instructions that appear at the start of this block. */ final PhiInstruction getAPhiInstruction() { - Construction::getPhiInstructionBlockStart(result) = getFirstInstruction() + Construction::getPhiInstructionBlockStart(result) = this.getFirstInstruction() } /** * Gets an instruction in this block. This includes `Phi` instructions. */ final Instruction getAnInstruction() { - result = getInstruction(_) or - result = getAPhiInstruction() + result = this.getInstruction(_) or + result = this.getAPhiInstruction() } /** @@ -78,7 +78,9 @@ class IRBlockBase extends TIRBlock { /** * Gets the last instruction in this block. */ - final Instruction getLastInstruction() { result = getInstruction(getInstructionCount() - 1) } + final Instruction getLastInstruction() { + result = this.getInstruction(this.getInstructionCount() - 1) + } /** * Gets the number of non-`Phi` instructions in this block. @@ -149,7 +151,7 @@ class IRBlock extends IRBlockBase { * Block `A` dominates block `B` if any control flow path from the entry block of the function to * block `B` must pass through block `A`. A block always dominates itself. */ - final predicate dominates(IRBlock block) { strictlyDominates(block) or this = block } + final predicate dominates(IRBlock block) { this.strictlyDominates(block) or this = block } /** * Gets a block on the dominance frontier of this block. @@ -159,8 +161,8 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock dominanceFrontier() { - dominates(result.getAPredecessor()) and - not strictlyDominates(result) + this.dominates(result.getAPredecessor()) and + not this.strictlyDominates(result) } /** @@ -189,7 +191,7 @@ class IRBlock extends IRBlockBase { * Block `A` post-dominates block `B` if any control flow path from `B` to the exit block of the * function must pass through block `A`. A block always post-dominates itself. */ - final predicate postDominates(IRBlock block) { strictlyPostDominates(block) or this = block } + final predicate postDominates(IRBlock block) { this.strictlyPostDominates(block) or this = block } /** * Gets a block on the post-dominance frontier of this block. @@ -199,16 +201,16 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock postPominanceFrontier() { - postDominates(result.getASuccessor()) and - not strictlyPostDominates(result) + this.postDominates(result.getASuccessor()) and + not this.strictlyPostDominates(result) } /** * Holds if this block is reachable from the entry block of its function. */ final predicate isReachableFromFunctionEntry() { - this = getEnclosingIRFunction().getEntryBlock() or - getAPredecessor().isReachableFromFunctionEntry() + this = this.getEnclosingIRFunction().getEntryBlock() or + this.getAPredecessor().isReachableFromFunctionEntry() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll index 6f471d8a7e8..88a973fc5a8 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll @@ -41,7 +41,7 @@ class Instruction extends Construction::TStageInstruction { } /** Gets a textual representation of this element. */ - final string toString() { result = getOpcode().toString() + ": " + getAST().toString() } + final string toString() { result = this.getOpcode().toString() + ": " + this.getAST().toString() } /** * Gets a string showing the result, opcode, and operands of the instruction, equivalent to what @@ -50,7 +50,8 @@ class Instruction extends Construction::TStageInstruction { * `mu0_28(int) = Store r0_26, r0_27` */ final string getDumpString() { - result = getResultString() + " = " + getOperationString() + " " + getOperandsString() + result = + this.getResultString() + " = " + this.getOperationString() + " " + this.getOperandsString() } private predicate shouldGenerateDumpStrings() { @@ -66,10 +67,13 @@ class Instruction extends Construction::TStageInstruction { * VariableAddress[x] */ final string getOperationString() { - shouldGenerateDumpStrings() and - if exists(getImmediateString()) - then result = getOperationPrefix() + getOpcode().toString() + "[" + getImmediateString() + "]" - else result = getOperationPrefix() + getOpcode().toString() + this.shouldGenerateDumpStrings() and + if exists(this.getImmediateString()) + then + result = + this.getOperationPrefix() + this.getOpcode().toString() + "[" + this.getImmediateString() + + "]" + else result = this.getOperationPrefix() + this.getOpcode().toString() } /** @@ -78,17 +82,17 @@ class Instruction extends Construction::TStageInstruction { string getImmediateString() { none() } private string getOperationPrefix() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and if this instanceof SideEffectInstruction then result = "^" else result = "" } private string getResultPrefix() { - shouldGenerateDumpStrings() and - if getResultIRType() instanceof IRVoidType + this.shouldGenerateDumpStrings() and + if this.getResultIRType() instanceof IRVoidType then result = "v" else - if hasMemoryResult() - then if isResultModeled() then result = "m" else result = "mu" + if this.hasMemoryResult() + then if this.isResultModeled() then result = "m" else result = "mu" else result = "r" } @@ -97,7 +101,7 @@ class Instruction extends Construction::TStageInstruction { * used by debugging and printing code only. */ int getDisplayIndexInBlock() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and exists(IRBlock block | this = block.getInstruction(result) or @@ -111,12 +115,12 @@ class Instruction extends Construction::TStageInstruction { } private int getLineRank() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and this = rank[result](Instruction instr | instr = - getAnInstructionAtLine(getEnclosingIRFunction(), getLocation().getFile(), - getLocation().getStartLine()) + getAnInstructionAtLine(this.getEnclosingIRFunction(), this.getLocation().getFile(), + this.getLocation().getStartLine()) | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) @@ -130,8 +134,9 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1` */ string getResultId() { - shouldGenerateDumpStrings() and - result = getResultPrefix() + getAST().getLocation().getStartLine() + "_" + getLineRank() + this.shouldGenerateDumpStrings() and + result = + this.getResultPrefix() + this.getAST().getLocation().getStartLine() + "_" + this.getLineRank() } /** @@ -142,8 +147,8 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1(int*)` */ final string getResultString() { - shouldGenerateDumpStrings() and - result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")" + this.shouldGenerateDumpStrings() and + result = this.getResultId() + "(" + this.getResultLanguageType().getDumpString() + ")" } /** @@ -153,10 +158,10 @@ class Instruction extends Construction::TStageInstruction { * Example: `func:r3_4, this:r3_5` */ string getOperandsString() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and result = concat(Operand operand | - operand = getAnOperand() + operand = this.getAnOperand() | operand.getDumpString(), ", " order by operand.getDumpSortOrder() ) @@ -190,7 +195,7 @@ class Instruction extends Construction::TStageInstruction { * Gets the function that contains this instruction. */ final Language::Function getEnclosingFunction() { - result = getEnclosingIRFunction().getFunction() + result = this.getEnclosingIRFunction().getFunction() } /** @@ -208,7 +213,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets the location of the source code for this instruction. */ - final Language::Location getLocation() { result = getAST().getLocation() } + final Language::Location getLocation() { result = this.getAST().getLocation() } /** * Gets the `Expr` whose result is computed by this instruction, if any. The `Expr` may be a @@ -243,7 +248,7 @@ class Instruction extends Construction::TStageInstruction { * a result, its result type will be `IRVoidType`. */ cached - final IRType getResultIRType() { result = getResultLanguageType().getIRType() } + final IRType getResultIRType() { result = this.getResultLanguageType().getIRType() } /** * Gets the type of the result produced by this instruction. If the @@ -254,7 +259,7 @@ class Instruction extends Construction::TStageInstruction { */ final Language::Type getResultType() { exists(Language::LanguageType resultType | - resultType = getResultLanguageType() and + resultType = this.getResultLanguageType() and ( resultType.hasUnspecifiedType(result, _) or @@ -283,7 +288,7 @@ class Instruction extends Construction::TStageInstruction { * result of the `Load` instruction is a prvalue of type `int`, representing * the integer value loaded from variable `x`. */ - final predicate isGLValue() { getResultLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getResultLanguageType().hasType(_, true) } /** * Gets the size of the result produced by this instruction, in bytes. If the @@ -292,7 +297,7 @@ class Instruction extends Construction::TStageInstruction { * If `this.isGLValue()` holds for this instruction, the value of * `getResultSize()` will always be the size of a pointer. */ - final int getResultSize() { result = getResultLanguageType().getByteSize() } + final int getResultSize() { result = this.getResultLanguageType().getByteSize() } /** * Gets the opcode that specifies the operation performed by this instruction. @@ -314,14 +319,16 @@ class Instruction extends Construction::TStageInstruction { /** * Holds if this instruction produces a memory result. */ - final predicate hasMemoryResult() { exists(getResultMemoryAccess()) } + final predicate hasMemoryResult() { exists(this.getResultMemoryAccess()) } /** * Gets the kind of memory access performed by this instruction's result. * Holds only for instructions with a memory result. */ pragma[inline] - final MemoryAccessKind getResultMemoryAccess() { result = getOpcode().getWriteMemoryAccess() } + final MemoryAccessKind getResultMemoryAccess() { + result = this.getOpcode().getWriteMemoryAccess() + } /** * Holds if the memory access performed by this instruction's result will not always write to @@ -332,7 +339,7 @@ class Instruction extends Construction::TStageInstruction { * (for example, the global side effects of a function call). */ pragma[inline] - final predicate hasResultMayMemoryAccess() { getOpcode().hasMayWriteMemoryAccess() } + final predicate hasResultMayMemoryAccess() { this.getOpcode().hasMayWriteMemoryAccess() } /** * Gets the operand that holds the memory address to which this instruction stores its @@ -340,7 +347,7 @@ class Instruction extends Construction::TStageInstruction { * is `r1`. */ final AddressOperand getResultAddressOperand() { - getResultMemoryAccess().usesAddressOperand() and + this.getResultMemoryAccess().usesAddressOperand() and result.getUse() = this } @@ -349,7 +356,7 @@ class Instruction extends Construction::TStageInstruction { * result, if any. For example, in `m3 = Store r1, r2`, the result of `getResultAddressOperand()` * is the instruction that defines `r1`. */ - final Instruction getResultAddress() { result = getResultAddressOperand().getDef() } + final Instruction getResultAddress() { result = this.getResultAddressOperand().getDef() } /** * Holds if the result of this instruction is precisely modeled in SSA. Always @@ -368,7 +375,7 @@ class Instruction extends Construction::TStageInstruction { */ final predicate isResultModeled() { // Register results are always in SSA form. - not hasMemoryResult() or + not this.hasMemoryResult() or Construction::hasModeledMemoryResult(this) } @@ -412,7 +419,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct successors of this instruction. */ - final Instruction getASuccessor() { result = getSuccessor(_) } + final Instruction getASuccessor() { result = this.getSuccessor(_) } /** * Gets a predecessor of this instruction such that the predecessor reaches @@ -423,7 +430,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct predecessors of this instruction. */ - final Instruction getAPredecessor() { result = getPredecessor(_) } + final Instruction getAPredecessor() { result = this.getPredecessor(_) } } /** @@ -543,7 +550,7 @@ class IndexedInstruction extends Instruction { * at this instruction. This instruction has no predecessors. */ class EnterFunctionInstruction extends Instruction { - EnterFunctionInstruction() { getOpcode() instanceof Opcode::EnterFunction } + EnterFunctionInstruction() { this.getOpcode() instanceof Opcode::EnterFunction } } /** @@ -554,7 +561,7 @@ class EnterFunctionInstruction extends Instruction { * struct, or union, see `FieldAddressInstruction`. */ class VariableAddressInstruction extends VariableInstruction { - VariableAddressInstruction() { getOpcode() instanceof Opcode::VariableAddress } + VariableAddressInstruction() { this.getOpcode() instanceof Opcode::VariableAddress } } /** @@ -566,7 +573,7 @@ class VariableAddressInstruction extends VariableInstruction { * The result has an `IRFunctionAddress` type. */ class FunctionAddressInstruction extends FunctionInstruction { - FunctionAddressInstruction() { getOpcode() instanceof Opcode::FunctionAddress } + FunctionAddressInstruction() { this.getOpcode() instanceof Opcode::FunctionAddress } } /** @@ -577,7 +584,7 @@ class FunctionAddressInstruction extends FunctionInstruction { * initializes that parameter. */ class InitializeParameterInstruction extends VariableInstruction { - InitializeParameterInstruction() { getOpcode() instanceof Opcode::InitializeParameter } + InitializeParameterInstruction() { this.getOpcode() instanceof Opcode::InitializeParameter } /** * Gets the parameter initialized by this instruction. @@ -603,7 +610,7 @@ class InitializeParameterInstruction extends VariableInstruction { * initialized elsewhere, would not otherwise have a definition in this function. */ class InitializeNonLocalInstruction extends Instruction { - InitializeNonLocalInstruction() { getOpcode() instanceof Opcode::InitializeNonLocal } + InitializeNonLocalInstruction() { this.getOpcode() instanceof Opcode::InitializeNonLocal } } /** @@ -611,7 +618,7 @@ class InitializeNonLocalInstruction extends Instruction { * with the value of that memory on entry to the function. */ class InitializeIndirectionInstruction extends VariableInstruction { - InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection } + InitializeIndirectionInstruction() { this.getOpcode() instanceof Opcode::InitializeIndirection } /** * Gets the parameter initialized by this instruction. @@ -635,24 +642,24 @@ class InitializeIndirectionInstruction extends VariableInstruction { * An instruction that initializes the `this` pointer parameter of the enclosing function. */ class InitializeThisInstruction extends Instruction { - InitializeThisInstruction() { getOpcode() instanceof Opcode::InitializeThis } + InitializeThisInstruction() { this.getOpcode() instanceof Opcode::InitializeThis } } /** * An instruction that computes the address of a non-static field of an object. */ class FieldAddressInstruction extends FieldInstruction { - FieldAddressInstruction() { getOpcode() instanceof Opcode::FieldAddress } + FieldAddressInstruction() { this.getOpcode() instanceof Opcode::FieldAddress } /** * Gets the operand that provides the address of the object containing the field. */ - final UnaryOperand getObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the object containing the field. */ - final Instruction getObjectAddress() { result = getObjectAddressOperand().getDef() } + final Instruction getObjectAddress() { result = this.getObjectAddressOperand().getDef() } } /** @@ -661,17 +668,19 @@ class FieldAddressInstruction extends FieldInstruction { * This instruction is used for element access to C# arrays. */ class ElementsAddressInstruction extends UnaryInstruction { - ElementsAddressInstruction() { getOpcode() instanceof Opcode::ElementsAddress } + ElementsAddressInstruction() { this.getOpcode() instanceof Opcode::ElementsAddress } /** * Gets the operand that provides the address of the array object. */ - final UnaryOperand getArrayObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getArrayObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the array object. */ - final Instruction getArrayObjectAddress() { result = getArrayObjectAddressOperand().getDef() } + final Instruction getArrayObjectAddress() { + result = this.getArrayObjectAddressOperand().getDef() + } } /** @@ -685,7 +694,7 @@ class ElementsAddressInstruction extends UnaryInstruction { * taken may want to ignore any function that contains an `ErrorInstruction`. */ class ErrorInstruction extends Instruction { - ErrorInstruction() { getOpcode() instanceof Opcode::Error } + ErrorInstruction() { this.getOpcode() instanceof Opcode::Error } } /** @@ -695,7 +704,7 @@ class ErrorInstruction extends Instruction { * an initializer, or whose initializer only partially initializes the variable. */ class UninitializedInstruction extends VariableInstruction { - UninitializedInstruction() { getOpcode() instanceof Opcode::Uninitialized } + UninitializedInstruction() { this.getOpcode() instanceof Opcode::Uninitialized } /** * Gets the variable that is uninitialized. @@ -710,7 +719,7 @@ class UninitializedInstruction extends VariableInstruction { * least one instruction, even when the AST has no semantic effect. */ class NoOpInstruction extends Instruction { - NoOpInstruction() { getOpcode() instanceof Opcode::NoOp } + NoOpInstruction() { this.getOpcode() instanceof Opcode::NoOp } } /** @@ -732,32 +741,32 @@ class NoOpInstruction extends Instruction { * `void`-returning function. */ class ReturnInstruction extends Instruction { - ReturnInstruction() { getOpcode() instanceof ReturnOpcode } + ReturnInstruction() { this.getOpcode() instanceof ReturnOpcode } } /** * An instruction that returns control to the caller of the function, without returning a value. */ class ReturnVoidInstruction extends ReturnInstruction { - ReturnVoidInstruction() { getOpcode() instanceof Opcode::ReturnVoid } + ReturnVoidInstruction() { this.getOpcode() instanceof Opcode::ReturnVoid } } /** * An instruction that returns control to the caller of the function, including a return value. */ class ReturnValueInstruction extends ReturnInstruction { - ReturnValueInstruction() { getOpcode() instanceof Opcode::ReturnValue } + ReturnValueInstruction() { this.getOpcode() instanceof Opcode::ReturnValue } /** * Gets the operand that provides the value being returned by the function. */ - final LoadOperand getReturnValueOperand() { result = getAnOperand() } + final LoadOperand getReturnValueOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value being returned by the function, if an * exact definition is available. */ - final Instruction getReturnValue() { result = getReturnValueOperand().getDef() } + final Instruction getReturnValue() { result = this.getReturnValueOperand().getDef() } } /** @@ -770,28 +779,28 @@ class ReturnValueInstruction extends ReturnInstruction { * that the caller initialized the memory pointed to by the parameter before the call. */ class ReturnIndirectionInstruction extends VariableInstruction { - ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection } + ReturnIndirectionInstruction() { this.getOpcode() instanceof Opcode::ReturnIndirection } /** * Gets the operand that provides the value of the pointed-to memory. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the pointed-to memory, if an exact * definition is available. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** * Gets the operand that provides the address of the pointed-to memory. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the pointed-to memory. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } /** * Gets the parameter for which this instruction reads the final pointed-to value within the @@ -826,7 +835,7 @@ class ReturnIndirectionInstruction extends VariableInstruction { * - `StoreInstruction` - Copies a register operand to a memory result. */ class CopyInstruction extends Instruction { - CopyInstruction() { getOpcode() instanceof CopyOpcode } + CopyInstruction() { this.getOpcode() instanceof CopyOpcode } /** * Gets the operand that provides the input value of the copy. @@ -837,16 +846,16 @@ class CopyInstruction extends Instruction { * Gets the instruction whose result provides the input value of the copy, if an exact definition * is available. */ - final Instruction getSourceValue() { result = getSourceValueOperand().getDef() } + final Instruction getSourceValue() { result = this.getSourceValueOperand().getDef() } } /** * An instruction that returns a register result containing a copy of its register operand. */ class CopyValueInstruction extends CopyInstruction, UnaryInstruction { - CopyValueInstruction() { getOpcode() instanceof Opcode::CopyValue } + CopyValueInstruction() { this.getOpcode() instanceof Opcode::CopyValue } - final override UnaryOperand getSourceValueOperand() { result = getAnOperand() } + final override UnaryOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -863,47 +872,49 @@ private string getAddressOperandDescription(AddressOperand operand) { * An instruction that returns a register result containing a copy of its memory operand. */ class LoadInstruction extends CopyInstruction { - LoadInstruction() { getOpcode() instanceof Opcode::Load } + LoadInstruction() { this.getOpcode() instanceof Opcode::Load } final override string getImmediateString() { - result = getAddressOperandDescription(getSourceAddressOperand()) + result = getAddressOperandDescription(this.getSourceAddressOperand()) } /** * Gets the operand that provides the address of the value being loaded. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the value being loaded. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } - final override LoadOperand getSourceValueOperand() { result = getAnOperand() } + final override LoadOperand getSourceValueOperand() { result = this.getAnOperand() } } /** * An instruction that returns a memory result containing a copy of its register operand. */ class StoreInstruction extends CopyInstruction { - StoreInstruction() { getOpcode() instanceof Opcode::Store } + StoreInstruction() { this.getOpcode() instanceof Opcode::Store } final override string getImmediateString() { - result = getAddressOperandDescription(getDestinationAddressOperand()) + result = getAddressOperandDescription(this.getDestinationAddressOperand()) } /** * Gets the operand that provides the address of the location to which the value will be stored. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the location to which the value will * be stored, if an exact definition is available. */ - final Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + final Instruction getDestinationAddress() { + result = this.getDestinationAddressOperand().getDef() + } - final override StoreValueOperand getSourceValueOperand() { result = getAnOperand() } + final override StoreValueOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -911,27 +922,27 @@ class StoreInstruction extends CopyInstruction { * operand. */ class ConditionalBranchInstruction extends Instruction { - ConditionalBranchInstruction() { getOpcode() instanceof Opcode::ConditionalBranch } + ConditionalBranchInstruction() { this.getOpcode() instanceof Opcode::ConditionalBranch } /** * Gets the operand that provides the Boolean condition controlling the branch. */ - final ConditionOperand getConditionOperand() { result = getAnOperand() } + final ConditionOperand getConditionOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the Boolean condition controlling the branch. */ - final Instruction getCondition() { result = getConditionOperand().getDef() } + final Instruction getCondition() { result = this.getConditionOperand().getDef() } /** * Gets the instruction to which control will flow if the condition is true. */ - final Instruction getTrueSuccessor() { result = getSuccessor(EdgeKind::trueEdge()) } + final Instruction getTrueSuccessor() { result = this.getSuccessor(EdgeKind::trueEdge()) } /** * Gets the instruction to which control will flow if the condition is false. */ - final Instruction getFalseSuccessor() { result = getSuccessor(EdgeKind::falseEdge()) } + final Instruction getFalseSuccessor() { result = this.getSuccessor(EdgeKind::falseEdge()) } } /** @@ -943,14 +954,14 @@ class ConditionalBranchInstruction extends Instruction { * successors. */ class ExitFunctionInstruction extends Instruction { - ExitFunctionInstruction() { getOpcode() instanceof Opcode::ExitFunction } + ExitFunctionInstruction() { this.getOpcode() instanceof Opcode::ExitFunction } } /** * An instruction whose result is a constant value. */ class ConstantInstruction extends ConstantValueInstruction { - ConstantInstruction() { getOpcode() instanceof Opcode::Constant } + ConstantInstruction() { this.getOpcode() instanceof Opcode::Constant } } /** @@ -959,7 +970,7 @@ class ConstantInstruction extends ConstantValueInstruction { class IntegerConstantInstruction extends ConstantInstruction { IntegerConstantInstruction() { exists(IRType resultType | - resultType = getResultIRType() and + resultType = this.getResultIRType() and (resultType instanceof IRIntegerType or resultType instanceof IRBooleanType) ) } @@ -969,7 +980,7 @@ class IntegerConstantInstruction extends ConstantInstruction { * An instruction whose result is a constant value of floating-point type. */ class FloatConstantInstruction extends ConstantInstruction { - FloatConstantInstruction() { getResultIRType() instanceof IRFloatingPointType } + FloatConstantInstruction() { this.getResultIRType() instanceof IRFloatingPointType } } /** @@ -978,7 +989,9 @@ class FloatConstantInstruction extends ConstantInstruction { class StringConstantInstruction extends VariableInstruction { override IRStringLiteral var; - final override string getImmediateString() { result = Language::getStringLiteralText(getValue()) } + final override string getImmediateString() { + result = Language::getStringLiteralText(this.getValue()) + } /** * Gets the string literal whose address is returned by this instruction. @@ -990,37 +1003,37 @@ class StringConstantInstruction extends VariableInstruction { * An instruction whose result is computed from two operands. */ class BinaryInstruction extends Instruction { - BinaryInstruction() { getOpcode() instanceof BinaryOpcode } + BinaryInstruction() { this.getOpcode() instanceof BinaryOpcode } /** * Gets the left operand of this binary instruction. */ - final LeftOperand getLeftOperand() { result = getAnOperand() } + final LeftOperand getLeftOperand() { result = this.getAnOperand() } /** * Gets the right operand of this binary instruction. */ - final RightOperand getRightOperand() { result = getAnOperand() } + final RightOperand getRightOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the left operand of this binary * instruction. */ - final Instruction getLeft() { result = getLeftOperand().getDef() } + final Instruction getLeft() { result = this.getLeftOperand().getDef() } /** * Gets the instruction whose result provides the value of the right operand of this binary * instruction. */ - final Instruction getRight() { result = getRightOperand().getDef() } + final Instruction getRight() { result = this.getRightOperand().getDef() } /** * Holds if this instruction's operands are `op1` and `op2`, in either order. */ final predicate hasOperands(Operand op1, Operand op2) { - op1 = getLeftOperand() and op2 = getRightOperand() + op1 = this.getLeftOperand() and op2 = this.getRightOperand() or - op1 = getRightOperand() and op2 = getLeftOperand() + op1 = this.getRightOperand() and op2 = this.getLeftOperand() } } @@ -1028,7 +1041,7 @@ class BinaryInstruction extends Instruction { * An instruction that computes the result of an arithmetic operation. */ class ArithmeticInstruction extends Instruction { - ArithmeticInstruction() { getOpcode() instanceof ArithmeticOpcode } + ArithmeticInstruction() { this.getOpcode() instanceof ArithmeticOpcode } } /** @@ -1050,7 +1063,7 @@ class UnaryArithmeticInstruction extends ArithmeticInstruction, UnaryInstruction * performed according to IEEE-754. */ class AddInstruction extends BinaryArithmeticInstruction { - AddInstruction() { getOpcode() instanceof Opcode::Add } + AddInstruction() { this.getOpcode() instanceof Opcode::Add } } /** @@ -1061,7 +1074,7 @@ class AddInstruction extends BinaryArithmeticInstruction { * according to IEEE-754. */ class SubInstruction extends BinaryArithmeticInstruction { - SubInstruction() { getOpcode() instanceof Opcode::Sub } + SubInstruction() { this.getOpcode() instanceof Opcode::Sub } } /** @@ -1072,7 +1085,7 @@ class SubInstruction extends BinaryArithmeticInstruction { * performed according to IEEE-754. */ class MulInstruction extends BinaryArithmeticInstruction { - MulInstruction() { getOpcode() instanceof Opcode::Mul } + MulInstruction() { this.getOpcode() instanceof Opcode::Mul } } /** @@ -1083,7 +1096,7 @@ class MulInstruction extends BinaryArithmeticInstruction { * to IEEE-754. */ class DivInstruction extends BinaryArithmeticInstruction { - DivInstruction() { getOpcode() instanceof Opcode::Div } + DivInstruction() { this.getOpcode() instanceof Opcode::Div } } /** @@ -1093,7 +1106,7 @@ class DivInstruction extends BinaryArithmeticInstruction { * division by zero or integer overflow is undefined. */ class RemInstruction extends BinaryArithmeticInstruction { - RemInstruction() { getOpcode() instanceof Opcode::Rem } + RemInstruction() { this.getOpcode() instanceof Opcode::Rem } } /** @@ -1104,14 +1117,14 @@ class RemInstruction extends BinaryArithmeticInstruction { * is performed according to IEEE-754. */ class NegateInstruction extends UnaryArithmeticInstruction { - NegateInstruction() { getOpcode() instanceof Opcode::Negate } + NegateInstruction() { this.getOpcode() instanceof Opcode::Negate } } /** * An instruction that computes the result of a bitwise operation. */ class BitwiseInstruction extends Instruction { - BitwiseInstruction() { getOpcode() instanceof BitwiseOpcode } + BitwiseInstruction() { this.getOpcode() instanceof BitwiseOpcode } } /** @@ -1130,7 +1143,7 @@ class UnaryBitwiseInstruction extends BitwiseInstruction, UnaryInstruction { } * Both operands must have the same integer type, which will also be the result type. */ class BitAndInstruction extends BinaryBitwiseInstruction { - BitAndInstruction() { getOpcode() instanceof Opcode::BitAnd } + BitAndInstruction() { this.getOpcode() instanceof Opcode::BitAnd } } /** @@ -1139,7 +1152,7 @@ class BitAndInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitOrInstruction extends BinaryBitwiseInstruction { - BitOrInstruction() { getOpcode() instanceof Opcode::BitOr } + BitOrInstruction() { this.getOpcode() instanceof Opcode::BitOr } } /** @@ -1148,7 +1161,7 @@ class BitOrInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitXorInstruction extends BinaryBitwiseInstruction { - BitXorInstruction() { getOpcode() instanceof Opcode::BitXor } + BitXorInstruction() { this.getOpcode() instanceof Opcode::BitXor } } /** @@ -1159,7 +1172,7 @@ class BitXorInstruction extends BinaryBitwiseInstruction { * rightmost bits are zero-filled. */ class ShiftLeftInstruction extends BinaryBitwiseInstruction { - ShiftLeftInstruction() { getOpcode() instanceof Opcode::ShiftLeft } + ShiftLeftInstruction() { this.getOpcode() instanceof Opcode::ShiftLeft } } /** @@ -1172,7 +1185,7 @@ class ShiftLeftInstruction extends BinaryBitwiseInstruction { * of the left operand. */ class ShiftRightInstruction extends BinaryBitwiseInstruction { - ShiftRightInstruction() { getOpcode() instanceof Opcode::ShiftRight } + ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } /** @@ -1183,7 +1196,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { int elementSize; PointerArithmeticInstruction() { - getOpcode() instanceof PointerArithmeticOpcode and + this.getOpcode() instanceof PointerArithmeticOpcode and elementSize = Raw::getInstructionElementSize(this) } @@ -1206,7 +1219,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { * An instruction that adds or subtracts an integer offset from a pointer. */ class PointerOffsetInstruction extends PointerArithmeticInstruction { - PointerOffsetInstruction() { getOpcode() instanceof PointerOffsetOpcode } + PointerOffsetInstruction() { this.getOpcode() instanceof PointerOffsetOpcode } } /** @@ -1217,7 +1230,7 @@ class PointerOffsetInstruction extends PointerArithmeticInstruction { * overflow is undefined. */ class PointerAddInstruction extends PointerOffsetInstruction { - PointerAddInstruction() { getOpcode() instanceof Opcode::PointerAdd } + PointerAddInstruction() { this.getOpcode() instanceof Opcode::PointerAdd } } /** @@ -1228,7 +1241,7 @@ class PointerAddInstruction extends PointerOffsetInstruction { * pointer underflow is undefined. */ class PointerSubInstruction extends PointerOffsetInstruction { - PointerSubInstruction() { getOpcode() instanceof Opcode::PointerSub } + PointerSubInstruction() { this.getOpcode() instanceof Opcode::PointerSub } } /** @@ -1241,31 +1254,31 @@ class PointerSubInstruction extends PointerOffsetInstruction { * undefined. */ class PointerDiffInstruction extends PointerArithmeticInstruction { - PointerDiffInstruction() { getOpcode() instanceof Opcode::PointerDiff } + PointerDiffInstruction() { this.getOpcode() instanceof Opcode::PointerDiff } } /** * An instruction whose result is computed from a single operand. */ class UnaryInstruction extends Instruction { - UnaryInstruction() { getOpcode() instanceof UnaryOpcode } + UnaryInstruction() { this.getOpcode() instanceof UnaryOpcode } /** * Gets the sole operand of this instruction. */ - final UnaryOperand getUnaryOperand() { result = getAnOperand() } + final UnaryOperand getUnaryOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the sole operand of this instruction. */ - final Instruction getUnary() { result = getUnaryOperand().getDef() } + final Instruction getUnary() { result = this.getUnaryOperand().getDef() } } /** * An instruction that converts the value of its operand to a value of a different type. */ class ConvertInstruction extends UnaryInstruction { - ConvertInstruction() { getOpcode() instanceof Opcode::Convert } + ConvertInstruction() { this.getOpcode() instanceof Opcode::Convert } } /** @@ -1279,7 +1292,7 @@ class ConvertInstruction extends UnaryInstruction { * `as` expression. */ class CheckedConvertOrNullInstruction extends UnaryInstruction { - CheckedConvertOrNullInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrNull } + CheckedConvertOrNullInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrNull } } /** @@ -1293,7 +1306,7 @@ class CheckedConvertOrNullInstruction extends UnaryInstruction { * expression. */ class CheckedConvertOrThrowInstruction extends UnaryInstruction { - CheckedConvertOrThrowInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrThrow } + CheckedConvertOrThrowInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrThrow } } /** @@ -1306,7 +1319,7 @@ class CheckedConvertOrThrowInstruction extends UnaryInstruction { * the most-derived object. */ class CompleteObjectAddressInstruction extends UnaryInstruction { - CompleteObjectAddressInstruction() { getOpcode() instanceof Opcode::CompleteObjectAddress } + CompleteObjectAddressInstruction() { this.getOpcode() instanceof Opcode::CompleteObjectAddress } } /** @@ -1351,7 +1364,7 @@ class InheritanceConversionInstruction extends UnaryInstruction { * An instruction that converts from the address of a derived class to the address of a base class. */ class ConvertToBaseInstruction extends InheritanceConversionInstruction { - ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode } + ConvertToBaseInstruction() { this.getOpcode() instanceof ConvertToBaseOpcode } } /** @@ -1361,7 +1374,9 @@ class ConvertToBaseInstruction extends InheritanceConversionInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase } + ConvertToNonVirtualBaseInstruction() { + this.getOpcode() instanceof Opcode::ConvertToNonVirtualBase + } } /** @@ -1371,7 +1386,7 @@ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase } + ConvertToVirtualBaseInstruction() { this.getOpcode() instanceof Opcode::ConvertToVirtualBase } } /** @@ -1381,7 +1396,7 @@ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { - ConvertToDerivedInstruction() { getOpcode() instanceof Opcode::ConvertToDerived } + ConvertToDerivedInstruction() { this.getOpcode() instanceof Opcode::ConvertToDerived } } /** @@ -1390,7 +1405,7 @@ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { * The operand must have an integer type, which will also be the result type. */ class BitComplementInstruction extends UnaryBitwiseInstruction { - BitComplementInstruction() { getOpcode() instanceof Opcode::BitComplement } + BitComplementInstruction() { this.getOpcode() instanceof Opcode::BitComplement } } /** @@ -1399,14 +1414,14 @@ class BitComplementInstruction extends UnaryBitwiseInstruction { * The operand must have a Boolean type, which will also be the result type. */ class LogicalNotInstruction extends UnaryInstruction { - LogicalNotInstruction() { getOpcode() instanceof Opcode::LogicalNot } + LogicalNotInstruction() { this.getOpcode() instanceof Opcode::LogicalNot } } /** * An instruction that compares two numeric operands. */ class CompareInstruction extends BinaryInstruction { - CompareInstruction() { getOpcode() instanceof CompareOpcode } + CompareInstruction() { this.getOpcode() instanceof CompareOpcode } } /** @@ -1417,7 +1432,7 @@ class CompareInstruction extends BinaryInstruction { * unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareEQInstruction extends CompareInstruction { - CompareEQInstruction() { getOpcode() instanceof Opcode::CompareEQ } + CompareEQInstruction() { this.getOpcode() instanceof Opcode::CompareEQ } } /** @@ -1428,14 +1443,14 @@ class CompareEQInstruction extends CompareInstruction { * `left == right`. Floating-point comparison is performed according to IEEE-754. */ class CompareNEInstruction extends CompareInstruction { - CompareNEInstruction() { getOpcode() instanceof Opcode::CompareNE } + CompareNEInstruction() { this.getOpcode() instanceof Opcode::CompareNE } } /** * An instruction that does a relative comparison of two values, such as `<` or `>=`. */ class RelationalInstruction extends CompareInstruction { - RelationalInstruction() { getOpcode() instanceof RelationalOpcode } + RelationalInstruction() { this.getOpcode() instanceof RelationalOpcode } /** * Gets the operand on the "greater" (or "greater-or-equal") side @@ -1467,11 +1482,11 @@ class RelationalInstruction extends CompareInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLTInstruction extends RelationalInstruction { - CompareLTInstruction() { getOpcode() instanceof Opcode::CompareLT } + CompareLTInstruction() { this.getOpcode() instanceof Opcode::CompareLT } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { any() } } @@ -1484,11 +1499,11 @@ class CompareLTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGTInstruction extends RelationalInstruction { - CompareGTInstruction() { getOpcode() instanceof Opcode::CompareGT } + CompareGTInstruction() { this.getOpcode() instanceof Opcode::CompareGT } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { any() } } @@ -1502,11 +1517,11 @@ class CompareGTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLEInstruction extends RelationalInstruction { - CompareLEInstruction() { getOpcode() instanceof Opcode::CompareLE } + CompareLEInstruction() { this.getOpcode() instanceof Opcode::CompareLE } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { none() } } @@ -1520,11 +1535,11 @@ class CompareLEInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGEInstruction extends RelationalInstruction { - CompareGEInstruction() { getOpcode() instanceof Opcode::CompareGE } + CompareGEInstruction() { this.getOpcode() instanceof Opcode::CompareGE } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { none() } } @@ -1543,78 +1558,78 @@ class CompareGEInstruction extends RelationalInstruction { * of any case edge. */ class SwitchInstruction extends Instruction { - SwitchInstruction() { getOpcode() instanceof Opcode::Switch } + SwitchInstruction() { this.getOpcode() instanceof Opcode::Switch } /** Gets the operand that provides the integer value controlling the switch. */ - final ConditionOperand getExpressionOperand() { result = getAnOperand() } + final ConditionOperand getExpressionOperand() { result = this.getAnOperand() } /** Gets the instruction whose result provides the integer value controlling the switch. */ - final Instruction getExpression() { result = getExpressionOperand().getDef() } + final Instruction getExpression() { result = this.getExpressionOperand().getDef() } /** Gets the successor instructions along the case edges of the switch. */ - final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = getSuccessor(edge)) } + final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = this.getSuccessor(edge)) } /** Gets the successor instruction along the default edge of the switch, if any. */ - final Instruction getDefaultSuccessor() { result = getSuccessor(EdgeKind::defaultEdge()) } + final Instruction getDefaultSuccessor() { result = this.getSuccessor(EdgeKind::defaultEdge()) } } /** * An instruction that calls a function. */ class CallInstruction extends Instruction { - CallInstruction() { getOpcode() instanceof Opcode::Call } + CallInstruction() { this.getOpcode() instanceof Opcode::Call } final override string getImmediateString() { - result = getStaticCallTarget().toString() + result = this.getStaticCallTarget().toString() or - not exists(getStaticCallTarget()) and result = "?" + not exists(this.getStaticCallTarget()) and result = "?" } /** * Gets the operand the specifies the target function of the call. */ - final CallTargetOperand getCallTargetOperand() { result = getAnOperand() } + final CallTargetOperand getCallTargetOperand() { result = this.getAnOperand() } /** * Gets the `Instruction` that computes the target function of the call. This is usually a * `FunctionAddress` instruction, but can also be an arbitrary instruction that produces a * function pointer. */ - final Instruction getCallTarget() { result = getCallTargetOperand().getDef() } + final Instruction getCallTarget() { result = this.getCallTargetOperand().getDef() } /** * Gets all of the argument operands of the call, including the `this` pointer, if any. */ - final ArgumentOperand getAnArgumentOperand() { result = getAnOperand() } + final ArgumentOperand getAnArgumentOperand() { result = this.getAnOperand() } /** * Gets the `Function` that the call targets, if this is statically known. */ final Language::Function getStaticCallTarget() { - result = getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() + result = this.getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() } /** * Gets all of the arguments of the call, including the `this` pointer, if any. */ - final Instruction getAnArgument() { result = getAnArgumentOperand().getDef() } + final Instruction getAnArgument() { result = this.getAnArgumentOperand().getDef() } /** * Gets the `this` pointer argument operand of the call, if any. */ - final ThisArgumentOperand getThisArgumentOperand() { result = getAnOperand() } + final ThisArgumentOperand getThisArgumentOperand() { result = this.getAnOperand() } /** * Gets the `this` pointer argument of the call, if any. */ - final Instruction getThisArgument() { result = getThisArgumentOperand().getDef() } + final Instruction getThisArgument() { result = this.getThisArgumentOperand().getDef() } /** * Gets the argument operand at the specified index. */ pragma[noinline] final PositionalArgumentOperand getPositionalArgumentOperand(int index) { - result = getAnOperand() and + result = this.getAnOperand() and result.getIndex() = index } @@ -1623,7 +1638,7 @@ class CallInstruction extends Instruction { */ pragma[noinline] final Instruction getPositionalArgument(int index) { - result = getPositionalArgumentOperand(index).getDef() + result = this.getPositionalArgumentOperand(index).getDef() } /** @@ -1631,16 +1646,16 @@ class CallInstruction extends Instruction { */ pragma[noinline] final ArgumentOperand getArgumentOperand(int index) { - index >= 0 and result = getPositionalArgumentOperand(index) + index >= 0 and result = this.getPositionalArgumentOperand(index) or - index = -1 and result = getThisArgumentOperand() + index = -1 and result = this.getThisArgumentOperand() } /** * Gets the argument at the specified index, or `this` if `index` is `-1`. */ pragma[noinline] - final Instruction getArgument(int index) { result = getArgumentOperand(index).getDef() } + final Instruction getArgument(int index) { result = this.getArgumentOperand(index).getDef() } /** * Gets the number of arguments of the call, including the `this` pointer, if any. @@ -1665,7 +1680,7 @@ class CallInstruction extends Instruction { * An instruction representing a side effect of a function call. */ class SideEffectInstruction extends Instruction { - SideEffectInstruction() { getOpcode() instanceof SideEffectOpcode } + SideEffectInstruction() { this.getOpcode() instanceof SideEffectOpcode } /** * Gets the instruction whose execution causes this side effect. @@ -1680,7 +1695,7 @@ class SideEffectInstruction extends Instruction { * accessed by that call. */ class CallSideEffectInstruction extends SideEffectInstruction { - CallSideEffectInstruction() { getOpcode() instanceof Opcode::CallSideEffect } + CallSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallSideEffect } } /** @@ -1691,7 +1706,7 @@ class CallSideEffectInstruction extends SideEffectInstruction { * call target cannot write to escaped memory. */ class CallReadSideEffectInstruction extends SideEffectInstruction { - CallReadSideEffectInstruction() { getOpcode() instanceof Opcode::CallReadSideEffect } + CallReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallReadSideEffect } } /** @@ -1699,33 +1714,33 @@ class CallReadSideEffectInstruction extends SideEffectInstruction { * specific parameter. */ class ReadSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - ReadSideEffectInstruction() { getOpcode() instanceof ReadSideEffectOpcode } + ReadSideEffectInstruction() { this.getOpcode() instanceof ReadSideEffectOpcode } /** Gets the operand for the value that will be read from this instruction, if known. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** Gets the value that will be read from this instruction, if known. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** Gets the operand for the address from which this instruction may read. */ - final AddressOperand getArgumentOperand() { result = getAnOperand() } + final AddressOperand getArgumentOperand() { result = this.getAnOperand() } /** Gets the address from which this instruction may read. */ - final Instruction getArgumentDef() { result = getArgumentOperand().getDef() } + final Instruction getArgumentDef() { result = this.getArgumentOperand().getDef() } } /** * An instruction representing the read of an indirect parameter within a function call. */ class IndirectReadSideEffectInstruction extends ReadSideEffectInstruction { - IndirectReadSideEffectInstruction() { getOpcode() instanceof Opcode::IndirectReadSideEffect } + IndirectReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::IndirectReadSideEffect } } /** * An instruction representing the read of an indirect buffer parameter within a function call. */ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { - BufferReadSideEffectInstruction() { getOpcode() instanceof Opcode::BufferReadSideEffect } + BufferReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::BufferReadSideEffect } } /** @@ -1733,18 +1748,18 @@ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { */ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { SizedBufferReadSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferReadSideEffect + this.getOpcode() instanceof Opcode::SizedBufferReadSideEffect } /** * Gets the operand that holds the number of bytes read from the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes read from the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1752,17 +1767,17 @@ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { * specific parameter. */ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - WriteSideEffectInstruction() { getOpcode() instanceof WriteSideEffectOpcode } + WriteSideEffectInstruction() { this.getOpcode() instanceof WriteSideEffectOpcode } /** * Get the operand that holds the address of the memory to be written. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the memory to be written. */ - Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + Instruction getDestinationAddress() { result = this.getDestinationAddressOperand().getDef() } } /** @@ -1770,7 +1785,7 @@ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstructi */ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMustWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMustWriteSideEffect } } @@ -1780,7 +1795,7 @@ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction */ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { BufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::BufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::BufferMustWriteSideEffect } } @@ -1790,18 +1805,18 @@ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1812,7 +1827,7 @@ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstructi */ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMayWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMayWriteSideEffect } } @@ -1822,7 +1837,9 @@ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { * Unlike `BufferWriteSideEffectInstruction`, the buffer might not be completely overwritten. */ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { - BufferMayWriteSideEffectInstruction() { getOpcode() instanceof Opcode::BufferMayWriteSideEffect } + BufferMayWriteSideEffectInstruction() { + this.getOpcode() instanceof Opcode::BufferMayWriteSideEffect + } } /** @@ -1832,18 +1849,18 @@ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1852,80 +1869,80 @@ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstructio */ class InitializeDynamicAllocationInstruction extends SideEffectInstruction { InitializeDynamicAllocationInstruction() { - getOpcode() instanceof Opcode::InitializeDynamicAllocation + this.getOpcode() instanceof Opcode::InitializeDynamicAllocation } /** * Gets the operand that represents the address of the allocation this instruction is initializing. */ - final AddressOperand getAllocationAddressOperand() { result = getAnOperand() } + final AddressOperand getAllocationAddressOperand() { result = this.getAnOperand() } /** * Gets the address for the allocation this instruction is initializing. */ - final Instruction getAllocationAddress() { result = getAllocationAddressOperand().getDef() } + final Instruction getAllocationAddress() { result = this.getAllocationAddressOperand().getDef() } } /** * An instruction representing a GNU or MSVC inline assembly statement. */ class InlineAsmInstruction extends Instruction { - InlineAsmInstruction() { getOpcode() instanceof Opcode::InlineAsm } + InlineAsmInstruction() { this.getOpcode() instanceof Opcode::InlineAsm } } /** * An instruction that throws an exception. */ class ThrowInstruction extends Instruction { - ThrowInstruction() { getOpcode() instanceof ThrowOpcode } + ThrowInstruction() { this.getOpcode() instanceof ThrowOpcode } } /** * An instruction that throws a new exception. */ class ThrowValueInstruction extends ThrowInstruction { - ThrowValueInstruction() { getOpcode() instanceof Opcode::ThrowValue } + ThrowValueInstruction() { this.getOpcode() instanceof Opcode::ThrowValue } /** * Gets the address operand of the exception thrown by this instruction. */ - final AddressOperand getExceptionAddressOperand() { result = getAnOperand() } + final AddressOperand getExceptionAddressOperand() { result = this.getAnOperand() } /** * Gets the address of the exception thrown by this instruction. */ - final Instruction getExceptionAddress() { result = getExceptionAddressOperand().getDef() } + final Instruction getExceptionAddress() { result = this.getExceptionAddressOperand().getDef() } /** * Gets the operand for the exception thrown by this instruction. */ - final LoadOperand getExceptionOperand() { result = getAnOperand() } + final LoadOperand getExceptionOperand() { result = this.getAnOperand() } /** * Gets the exception thrown by this instruction. */ - final Instruction getException() { result = getExceptionOperand().getDef() } + final Instruction getException() { result = this.getExceptionOperand().getDef() } } /** * An instruction that re-throws the current exception. */ class ReThrowInstruction extends ThrowInstruction { - ReThrowInstruction() { getOpcode() instanceof Opcode::ReThrow } + ReThrowInstruction() { this.getOpcode() instanceof Opcode::ReThrow } } /** * An instruction that exits the current function by propagating an exception. */ class UnwindInstruction extends Instruction { - UnwindInstruction() { getOpcode() instanceof Opcode::Unwind } + UnwindInstruction() { this.getOpcode() instanceof Opcode::Unwind } } /** * An instruction that starts a `catch` handler. */ class CatchInstruction extends Instruction { - CatchInstruction() { getOpcode() instanceof CatchOpcode } + CatchInstruction() { this.getOpcode() instanceof CatchOpcode } } /** @@ -1935,7 +1952,7 @@ class CatchByTypeInstruction extends CatchInstruction { Language::LanguageType exceptionType; CatchByTypeInstruction() { - getOpcode() instanceof Opcode::CatchByType and + this.getOpcode() instanceof Opcode::CatchByType and exceptionType = Raw::getInstructionExceptionType(this) } @@ -1951,21 +1968,21 @@ class CatchByTypeInstruction extends CatchInstruction { * An instruction that catches any exception. */ class CatchAnyInstruction extends CatchInstruction { - CatchAnyInstruction() { getOpcode() instanceof Opcode::CatchAny } + CatchAnyInstruction() { this.getOpcode() instanceof Opcode::CatchAny } } /** * An instruction that initializes all escaped memory. */ class AliasedDefinitionInstruction extends Instruction { - AliasedDefinitionInstruction() { getOpcode() instanceof Opcode::AliasedDefinition } + AliasedDefinitionInstruction() { this.getOpcode() instanceof Opcode::AliasedDefinition } } /** * An instruction that consumes all escaped memory on exit from the function. */ class AliasedUseInstruction extends Instruction { - AliasedUseInstruction() { getOpcode() instanceof Opcode::AliasedUse } + AliasedUseInstruction() { this.getOpcode() instanceof Opcode::AliasedUse } } /** @@ -1979,7 +1996,7 @@ class AliasedUseInstruction extends Instruction { * runtime. */ class PhiInstruction extends Instruction { - PhiInstruction() { getOpcode() instanceof Opcode::Phi } + PhiInstruction() { this.getOpcode() instanceof Opcode::Phi } /** * Gets all of the instruction's `PhiInputOperand`s, representing the values that flow from each predecessor block. @@ -2047,29 +2064,29 @@ class PhiInstruction extends Instruction { * https://link.springer.com/content/pdf/10.1007%2F3-540-61053-7_66.pdf. */ class ChiInstruction extends Instruction { - ChiInstruction() { getOpcode() instanceof Opcode::Chi } + ChiInstruction() { this.getOpcode() instanceof Opcode::Chi } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final ChiTotalOperand getTotalOperand() { result = getAnOperand() } + final ChiTotalOperand getTotalOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final Instruction getTotal() { result = getTotalOperand().getDef() } + final Instruction getTotal() { result = this.getTotalOperand().getDef() } /** * Gets the operand that represents the new value written by the memory write. */ - final ChiPartialOperand getPartialOperand() { result = getAnOperand() } + final ChiPartialOperand getPartialOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the new value written by the memory write. */ - final Instruction getPartial() { result = getPartialOperand().getDef() } + final Instruction getPartial() { result = this.getPartialOperand().getDef() } /** * Gets the bit range `[startBit, endBit)` updated by the partial operand of this `ChiInstruction`, relative to the start address of the total operand. @@ -2093,7 +2110,7 @@ class ChiInstruction extends Instruction { * or `Switch` instruction where that particular edge is infeasible. */ class UnreachedInstruction extends Instruction { - UnreachedInstruction() { getOpcode() instanceof Opcode::Unreached } + UnreachedInstruction() { this.getOpcode() instanceof Opcode::Unreached } } /** @@ -2106,7 +2123,7 @@ class BuiltInOperationInstruction extends Instruction { Language::BuiltInOperation operation; BuiltInOperationInstruction() { - getOpcode() instanceof BuiltInOperationOpcode and + this.getOpcode() instanceof BuiltInOperationOpcode and operation = Raw::getInstructionBuiltInOperation(this) } @@ -2122,9 +2139,9 @@ class BuiltInOperationInstruction extends Instruction { * actual operation is specified by the `getBuiltInOperation()` predicate. */ class BuiltInInstruction extends BuiltInOperationInstruction { - BuiltInInstruction() { getOpcode() instanceof Opcode::BuiltIn } + BuiltInInstruction() { this.getOpcode() instanceof Opcode::BuiltIn } - final override string getImmediateString() { result = getBuiltInOperation().toString() } + final override string getImmediateString() { result = this.getBuiltInOperation().toString() } } /** @@ -2135,7 +2152,7 @@ class BuiltInInstruction extends BuiltInOperationInstruction { * to the `...` parameter. */ class VarArgsStartInstruction extends UnaryInstruction { - VarArgsStartInstruction() { getOpcode() instanceof Opcode::VarArgsStart } + VarArgsStartInstruction() { this.getOpcode() instanceof Opcode::VarArgsStart } } /** @@ -2145,7 +2162,7 @@ class VarArgsStartInstruction extends UnaryInstruction { * a result. */ class VarArgsEndInstruction extends UnaryInstruction { - VarArgsEndInstruction() { getOpcode() instanceof Opcode::VarArgsEnd } + VarArgsEndInstruction() { this.getOpcode() instanceof Opcode::VarArgsEnd } } /** @@ -2155,7 +2172,7 @@ class VarArgsEndInstruction extends UnaryInstruction { * argument. */ class VarArgInstruction extends UnaryInstruction { - VarArgInstruction() { getOpcode() instanceof Opcode::VarArg } + VarArgInstruction() { this.getOpcode() instanceof Opcode::VarArg } } /** @@ -2166,7 +2183,7 @@ class VarArgInstruction extends UnaryInstruction { * argument of the `...` parameter. */ class NextVarArgInstruction extends UnaryInstruction { - NextVarArgInstruction() { getOpcode() instanceof Opcode::NextVarArg } + NextVarArgInstruction() { this.getOpcode() instanceof Opcode::NextVarArg } } /** @@ -2180,5 +2197,5 @@ class NextVarArgInstruction extends UnaryInstruction { * The result is the address of the newly allocated object. */ class NewObjInstruction extends Instruction { - NewObjInstruction() { getOpcode() instanceof Opcode::NewObj } + NewObjInstruction() { this.getOpcode() instanceof Opcode::NewObj } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll index d7cf89ca9aa..85d217bd361 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll @@ -46,12 +46,12 @@ class Operand extends TStageOperand { /** * Gets the location of the source code for this operand. */ - final Language::Location getLocation() { result = getUse().getLocation() } + final Language::Location getLocation() { result = this.getUse().getLocation() } /** * Gets the function that contains this operand. */ - final IRFunction getEnclosingIRFunction() { result = getUse().getEnclosingIRFunction() } + final IRFunction getEnclosingIRFunction() { result = this.getUse().getEnclosingIRFunction() } /** * Gets the `Instruction` that consumes this operand. @@ -74,7 +74,7 @@ class Operand extends TStageOperand { */ final Instruction getDef() { result = this.getAnyDef() and - getDefinitionOverlap() instanceof MustExactlyOverlap + this.getDefinitionOverlap() instanceof MustExactlyOverlap } /** @@ -82,7 +82,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` that consumes this operand. */ - deprecated final Instruction getUseInstruction() { result = getUse() } + deprecated final Instruction getUseInstruction() { result = this.getUse() } /** * DEPRECATED: use `getAnyDef` or `getDef`. The exact replacement for this @@ -91,7 +91,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` whose result is the value of the operand. */ - deprecated final Instruction getDefinitionInstruction() { result = getAnyDef() } + deprecated final Instruction getDefinitionInstruction() { result = this.getAnyDef() } /** * Gets the overlap relationship between the operand's definition and its use. @@ -101,7 +101,9 @@ class Operand extends TStageOperand { /** * Holds if the result of the definition instruction does not exactly overlap this use. */ - final predicate isDefinitionInexact() { not getDefinitionOverlap() instanceof MustExactlyOverlap } + final predicate isDefinitionInexact() { + not this.getDefinitionOverlap() instanceof MustExactlyOverlap + } /** * Gets a prefix to use when dumping the operand in an operand list. @@ -121,7 +123,7 @@ class Operand extends TStageOperand { * For example: `this:r3_5` */ final string getDumpString() { - result = getDumpLabel() + getInexactSpecifier() + getDefinitionId() + result = this.getDumpLabel() + this.getInexactSpecifier() + this.getDefinitionId() } /** @@ -129,9 +131,9 @@ class Operand extends TStageOperand { * definition is not modeled in SSA. */ private string getDefinitionId() { - result = getAnyDef().getResultId() + result = this.getAnyDef().getResultId() or - not exists(getAnyDef()) and result = "m?" + not exists(this.getAnyDef()) and result = "m?" } /** @@ -140,7 +142,7 @@ class Operand extends TStageOperand { * the empty string. */ private string getInexactSpecifier() { - if isDefinitionInexact() then result = "~" else result = "" + if this.isDefinitionInexact() then result = "~" else result = "" } /** @@ -155,7 +157,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - Language::LanguageType getLanguageType() { result = getAnyDef().getResultLanguageType() } + Language::LanguageType getLanguageType() { result = this.getAnyDef().getResultLanguageType() } /** * Gets the language-neutral type of the value consumed by this operand. This is usually the same @@ -164,7 +166,7 @@ class Operand extends TStageOperand { * from the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the value consumed by this operand. This is usually the same as the @@ -173,7 +175,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final Language::Type getType() { getLanguageType().hasType(result, _) } + final Language::Type getType() { this.getLanguageType().hasType(result, _) } /** * Holds if the value consumed by this operand is a glvalue. If this @@ -182,13 +184,13 @@ class Operand extends TStageOperand { * not hold, the value of the operand represents a value whose type is * given by `getType()`. */ - final predicate isGLValue() { getLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getLanguageType().hasType(_, true) } /** * Gets the size of the value consumed by this operand, in bytes. If the operand does not have * a known constant size, this predicate does not hold. */ - final int getSize() { result = getLanguageType().getByteSize() } + final int getSize() { result = this.getLanguageType().getByteSize() } } /** @@ -205,7 +207,7 @@ class MemoryOperand extends Operand { /** * Gets the kind of memory access performed by the operand. */ - MemoryAccessKind getMemoryAccess() { result = getUse().getOpcode().getReadMemoryAccess() } + MemoryAccessKind getMemoryAccess() { result = this.getUse().getOpcode().getReadMemoryAccess() } /** * Holds if the memory access performed by this operand will not always read from every bit in the @@ -215,7 +217,7 @@ class MemoryOperand extends Operand { * conservative estimate of the memory that might actually be accessed at runtime (for example, * the global side effects of a function call). */ - predicate hasMayReadMemoryAccess() { getUse().getOpcode().hasMayReadMemoryAccess() } + predicate hasMayReadMemoryAccess() { this.getUse().getOpcode().hasMayReadMemoryAccess() } /** * Returns the operand that holds the memory address from which the current operand loads its @@ -223,8 +225,8 @@ class MemoryOperand extends Operand { * is `r1`. */ final AddressOperand getAddressOperand() { - getMemoryAccess().usesAddressOperand() and - result.getUse() = getUse() + this.getMemoryAccess().usesAddressOperand() and + result.getUse() = this.getUse() } } @@ -294,7 +296,7 @@ class NonPhiMemoryOperand extends NonPhiOperand, MemoryOperand, TNonPhiMemoryOpe result = unique(Instruction defInstr | hasDefinition(defInstr, _)) } - final override Overlap getDefinitionOverlap() { hasDefinition(_, result) } + final override Overlap getDefinitionOverlap() { this.hasDefinition(_, result) } pragma[noinline] private predicate hasDefinition(Instruction defInstr, Overlap overlap) { @@ -449,13 +451,17 @@ class PhiInputOperand extends MemoryOperand, TPhiOperand { final override Overlap getDefinitionOverlap() { result = overlap } - final override int getDumpSortOrder() { result = 11 + getPredecessorBlock().getDisplayIndex() } - - final override string getDumpLabel() { - result = "from " + getPredecessorBlock().getDisplayIndex().toString() + ":" + final override int getDumpSortOrder() { + result = 11 + this.getPredecessorBlock().getDisplayIndex() } - final override string getDumpId() { result = getPredecessorBlock().getDisplayIndex().toString() } + final override string getDumpLabel() { + result = "from " + this.getPredecessorBlock().getDisplayIndex().toString() + ":" + } + + final override string getDumpId() { + result = this.getPredecessorBlock().getDisplayIndex().toString() + } /** * Gets the predecessor block from which this value comes. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll index 4b86f9a7cec..bb8630a5e0c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll @@ -24,7 +24,7 @@ class IRBlockBase extends TIRBlock { final string toString() { result = getFirstInstruction(this).toString() } /** Gets the source location of the first non-`Phi` instruction in this block. */ - final Language::Location getLocation() { result = getFirstInstruction().getLocation() } + final Language::Location getLocation() { result = this.getFirstInstruction().getLocation() } /** * INTERNAL: Do not use. @@ -39,7 +39,7 @@ class IRBlockBase extends TIRBlock { ) and this = rank[result + 1](IRBlock funcBlock, int sortOverride, int sortKey1, int sortKey2 | - funcBlock.getEnclosingFunction() = getEnclosingFunction() and + funcBlock.getEnclosingFunction() = this.getEnclosingFunction() and funcBlock.getFirstInstruction().hasSortKeys(sortKey1, sortKey2) and // Ensure that the block containing `EnterFunction` always comes first. if funcBlock.getFirstInstruction() instanceof EnterFunctionInstruction @@ -59,15 +59,15 @@ class IRBlockBase extends TIRBlock { * Get the `Phi` instructions that appear at the start of this block. */ final PhiInstruction getAPhiInstruction() { - Construction::getPhiInstructionBlockStart(result) = getFirstInstruction() + Construction::getPhiInstructionBlockStart(result) = this.getFirstInstruction() } /** * Gets an instruction in this block. This includes `Phi` instructions. */ final Instruction getAnInstruction() { - result = getInstruction(_) or - result = getAPhiInstruction() + result = this.getInstruction(_) or + result = this.getAPhiInstruction() } /** @@ -78,7 +78,9 @@ class IRBlockBase extends TIRBlock { /** * Gets the last instruction in this block. */ - final Instruction getLastInstruction() { result = getInstruction(getInstructionCount() - 1) } + final Instruction getLastInstruction() { + result = this.getInstruction(this.getInstructionCount() - 1) + } /** * Gets the number of non-`Phi` instructions in this block. @@ -149,7 +151,7 @@ class IRBlock extends IRBlockBase { * Block `A` dominates block `B` if any control flow path from the entry block of the function to * block `B` must pass through block `A`. A block always dominates itself. */ - final predicate dominates(IRBlock block) { strictlyDominates(block) or this = block } + final predicate dominates(IRBlock block) { this.strictlyDominates(block) or this = block } /** * Gets a block on the dominance frontier of this block. @@ -159,8 +161,8 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock dominanceFrontier() { - dominates(result.getAPredecessor()) and - not strictlyDominates(result) + this.dominates(result.getAPredecessor()) and + not this.strictlyDominates(result) } /** @@ -189,7 +191,7 @@ class IRBlock extends IRBlockBase { * Block `A` post-dominates block `B` if any control flow path from `B` to the exit block of the * function must pass through block `A`. A block always post-dominates itself. */ - final predicate postDominates(IRBlock block) { strictlyPostDominates(block) or this = block } + final predicate postDominates(IRBlock block) { this.strictlyPostDominates(block) or this = block } /** * Gets a block on the post-dominance frontier of this block. @@ -199,16 +201,16 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock postPominanceFrontier() { - postDominates(result.getASuccessor()) and - not strictlyPostDominates(result) + this.postDominates(result.getASuccessor()) and + not this.strictlyPostDominates(result) } /** * Holds if this block is reachable from the entry block of its function. */ final predicate isReachableFromFunctionEntry() { - this = getEnclosingIRFunction().getEntryBlock() or - getAPredecessor().isReachableFromFunctionEntry() + this = this.getEnclosingIRFunction().getEntryBlock() or + this.getAPredecessor().isReachableFromFunctionEntry() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll index 6f471d8a7e8..88a973fc5a8 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll @@ -41,7 +41,7 @@ class Instruction extends Construction::TStageInstruction { } /** Gets a textual representation of this element. */ - final string toString() { result = getOpcode().toString() + ": " + getAST().toString() } + final string toString() { result = this.getOpcode().toString() + ": " + this.getAST().toString() } /** * Gets a string showing the result, opcode, and operands of the instruction, equivalent to what @@ -50,7 +50,8 @@ class Instruction extends Construction::TStageInstruction { * `mu0_28(int) = Store r0_26, r0_27` */ final string getDumpString() { - result = getResultString() + " = " + getOperationString() + " " + getOperandsString() + result = + this.getResultString() + " = " + this.getOperationString() + " " + this.getOperandsString() } private predicate shouldGenerateDumpStrings() { @@ -66,10 +67,13 @@ class Instruction extends Construction::TStageInstruction { * VariableAddress[x] */ final string getOperationString() { - shouldGenerateDumpStrings() and - if exists(getImmediateString()) - then result = getOperationPrefix() + getOpcode().toString() + "[" + getImmediateString() + "]" - else result = getOperationPrefix() + getOpcode().toString() + this.shouldGenerateDumpStrings() and + if exists(this.getImmediateString()) + then + result = + this.getOperationPrefix() + this.getOpcode().toString() + "[" + this.getImmediateString() + + "]" + else result = this.getOperationPrefix() + this.getOpcode().toString() } /** @@ -78,17 +82,17 @@ class Instruction extends Construction::TStageInstruction { string getImmediateString() { none() } private string getOperationPrefix() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and if this instanceof SideEffectInstruction then result = "^" else result = "" } private string getResultPrefix() { - shouldGenerateDumpStrings() and - if getResultIRType() instanceof IRVoidType + this.shouldGenerateDumpStrings() and + if this.getResultIRType() instanceof IRVoidType then result = "v" else - if hasMemoryResult() - then if isResultModeled() then result = "m" else result = "mu" + if this.hasMemoryResult() + then if this.isResultModeled() then result = "m" else result = "mu" else result = "r" } @@ -97,7 +101,7 @@ class Instruction extends Construction::TStageInstruction { * used by debugging and printing code only. */ int getDisplayIndexInBlock() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and exists(IRBlock block | this = block.getInstruction(result) or @@ -111,12 +115,12 @@ class Instruction extends Construction::TStageInstruction { } private int getLineRank() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and this = rank[result](Instruction instr | instr = - getAnInstructionAtLine(getEnclosingIRFunction(), getLocation().getFile(), - getLocation().getStartLine()) + getAnInstructionAtLine(this.getEnclosingIRFunction(), this.getLocation().getFile(), + this.getLocation().getStartLine()) | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) @@ -130,8 +134,9 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1` */ string getResultId() { - shouldGenerateDumpStrings() and - result = getResultPrefix() + getAST().getLocation().getStartLine() + "_" + getLineRank() + this.shouldGenerateDumpStrings() and + result = + this.getResultPrefix() + this.getAST().getLocation().getStartLine() + "_" + this.getLineRank() } /** @@ -142,8 +147,8 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1(int*)` */ final string getResultString() { - shouldGenerateDumpStrings() and - result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")" + this.shouldGenerateDumpStrings() and + result = this.getResultId() + "(" + this.getResultLanguageType().getDumpString() + ")" } /** @@ -153,10 +158,10 @@ class Instruction extends Construction::TStageInstruction { * Example: `func:r3_4, this:r3_5` */ string getOperandsString() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and result = concat(Operand operand | - operand = getAnOperand() + operand = this.getAnOperand() | operand.getDumpString(), ", " order by operand.getDumpSortOrder() ) @@ -190,7 +195,7 @@ class Instruction extends Construction::TStageInstruction { * Gets the function that contains this instruction. */ final Language::Function getEnclosingFunction() { - result = getEnclosingIRFunction().getFunction() + result = this.getEnclosingIRFunction().getFunction() } /** @@ -208,7 +213,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets the location of the source code for this instruction. */ - final Language::Location getLocation() { result = getAST().getLocation() } + final Language::Location getLocation() { result = this.getAST().getLocation() } /** * Gets the `Expr` whose result is computed by this instruction, if any. The `Expr` may be a @@ -243,7 +248,7 @@ class Instruction extends Construction::TStageInstruction { * a result, its result type will be `IRVoidType`. */ cached - final IRType getResultIRType() { result = getResultLanguageType().getIRType() } + final IRType getResultIRType() { result = this.getResultLanguageType().getIRType() } /** * Gets the type of the result produced by this instruction. If the @@ -254,7 +259,7 @@ class Instruction extends Construction::TStageInstruction { */ final Language::Type getResultType() { exists(Language::LanguageType resultType | - resultType = getResultLanguageType() and + resultType = this.getResultLanguageType() and ( resultType.hasUnspecifiedType(result, _) or @@ -283,7 +288,7 @@ class Instruction extends Construction::TStageInstruction { * result of the `Load` instruction is a prvalue of type `int`, representing * the integer value loaded from variable `x`. */ - final predicate isGLValue() { getResultLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getResultLanguageType().hasType(_, true) } /** * Gets the size of the result produced by this instruction, in bytes. If the @@ -292,7 +297,7 @@ class Instruction extends Construction::TStageInstruction { * If `this.isGLValue()` holds for this instruction, the value of * `getResultSize()` will always be the size of a pointer. */ - final int getResultSize() { result = getResultLanguageType().getByteSize() } + final int getResultSize() { result = this.getResultLanguageType().getByteSize() } /** * Gets the opcode that specifies the operation performed by this instruction. @@ -314,14 +319,16 @@ class Instruction extends Construction::TStageInstruction { /** * Holds if this instruction produces a memory result. */ - final predicate hasMemoryResult() { exists(getResultMemoryAccess()) } + final predicate hasMemoryResult() { exists(this.getResultMemoryAccess()) } /** * Gets the kind of memory access performed by this instruction's result. * Holds only for instructions with a memory result. */ pragma[inline] - final MemoryAccessKind getResultMemoryAccess() { result = getOpcode().getWriteMemoryAccess() } + final MemoryAccessKind getResultMemoryAccess() { + result = this.getOpcode().getWriteMemoryAccess() + } /** * Holds if the memory access performed by this instruction's result will not always write to @@ -332,7 +339,7 @@ class Instruction extends Construction::TStageInstruction { * (for example, the global side effects of a function call). */ pragma[inline] - final predicate hasResultMayMemoryAccess() { getOpcode().hasMayWriteMemoryAccess() } + final predicate hasResultMayMemoryAccess() { this.getOpcode().hasMayWriteMemoryAccess() } /** * Gets the operand that holds the memory address to which this instruction stores its @@ -340,7 +347,7 @@ class Instruction extends Construction::TStageInstruction { * is `r1`. */ final AddressOperand getResultAddressOperand() { - getResultMemoryAccess().usesAddressOperand() and + this.getResultMemoryAccess().usesAddressOperand() and result.getUse() = this } @@ -349,7 +356,7 @@ class Instruction extends Construction::TStageInstruction { * result, if any. For example, in `m3 = Store r1, r2`, the result of `getResultAddressOperand()` * is the instruction that defines `r1`. */ - final Instruction getResultAddress() { result = getResultAddressOperand().getDef() } + final Instruction getResultAddress() { result = this.getResultAddressOperand().getDef() } /** * Holds if the result of this instruction is precisely modeled in SSA. Always @@ -368,7 +375,7 @@ class Instruction extends Construction::TStageInstruction { */ final predicate isResultModeled() { // Register results are always in SSA form. - not hasMemoryResult() or + not this.hasMemoryResult() or Construction::hasModeledMemoryResult(this) } @@ -412,7 +419,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct successors of this instruction. */ - final Instruction getASuccessor() { result = getSuccessor(_) } + final Instruction getASuccessor() { result = this.getSuccessor(_) } /** * Gets a predecessor of this instruction such that the predecessor reaches @@ -423,7 +430,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct predecessors of this instruction. */ - final Instruction getAPredecessor() { result = getPredecessor(_) } + final Instruction getAPredecessor() { result = this.getPredecessor(_) } } /** @@ -543,7 +550,7 @@ class IndexedInstruction extends Instruction { * at this instruction. This instruction has no predecessors. */ class EnterFunctionInstruction extends Instruction { - EnterFunctionInstruction() { getOpcode() instanceof Opcode::EnterFunction } + EnterFunctionInstruction() { this.getOpcode() instanceof Opcode::EnterFunction } } /** @@ -554,7 +561,7 @@ class EnterFunctionInstruction extends Instruction { * struct, or union, see `FieldAddressInstruction`. */ class VariableAddressInstruction extends VariableInstruction { - VariableAddressInstruction() { getOpcode() instanceof Opcode::VariableAddress } + VariableAddressInstruction() { this.getOpcode() instanceof Opcode::VariableAddress } } /** @@ -566,7 +573,7 @@ class VariableAddressInstruction extends VariableInstruction { * The result has an `IRFunctionAddress` type. */ class FunctionAddressInstruction extends FunctionInstruction { - FunctionAddressInstruction() { getOpcode() instanceof Opcode::FunctionAddress } + FunctionAddressInstruction() { this.getOpcode() instanceof Opcode::FunctionAddress } } /** @@ -577,7 +584,7 @@ class FunctionAddressInstruction extends FunctionInstruction { * initializes that parameter. */ class InitializeParameterInstruction extends VariableInstruction { - InitializeParameterInstruction() { getOpcode() instanceof Opcode::InitializeParameter } + InitializeParameterInstruction() { this.getOpcode() instanceof Opcode::InitializeParameter } /** * Gets the parameter initialized by this instruction. @@ -603,7 +610,7 @@ class InitializeParameterInstruction extends VariableInstruction { * initialized elsewhere, would not otherwise have a definition in this function. */ class InitializeNonLocalInstruction extends Instruction { - InitializeNonLocalInstruction() { getOpcode() instanceof Opcode::InitializeNonLocal } + InitializeNonLocalInstruction() { this.getOpcode() instanceof Opcode::InitializeNonLocal } } /** @@ -611,7 +618,7 @@ class InitializeNonLocalInstruction extends Instruction { * with the value of that memory on entry to the function. */ class InitializeIndirectionInstruction extends VariableInstruction { - InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection } + InitializeIndirectionInstruction() { this.getOpcode() instanceof Opcode::InitializeIndirection } /** * Gets the parameter initialized by this instruction. @@ -635,24 +642,24 @@ class InitializeIndirectionInstruction extends VariableInstruction { * An instruction that initializes the `this` pointer parameter of the enclosing function. */ class InitializeThisInstruction extends Instruction { - InitializeThisInstruction() { getOpcode() instanceof Opcode::InitializeThis } + InitializeThisInstruction() { this.getOpcode() instanceof Opcode::InitializeThis } } /** * An instruction that computes the address of a non-static field of an object. */ class FieldAddressInstruction extends FieldInstruction { - FieldAddressInstruction() { getOpcode() instanceof Opcode::FieldAddress } + FieldAddressInstruction() { this.getOpcode() instanceof Opcode::FieldAddress } /** * Gets the operand that provides the address of the object containing the field. */ - final UnaryOperand getObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the object containing the field. */ - final Instruction getObjectAddress() { result = getObjectAddressOperand().getDef() } + final Instruction getObjectAddress() { result = this.getObjectAddressOperand().getDef() } } /** @@ -661,17 +668,19 @@ class FieldAddressInstruction extends FieldInstruction { * This instruction is used for element access to C# arrays. */ class ElementsAddressInstruction extends UnaryInstruction { - ElementsAddressInstruction() { getOpcode() instanceof Opcode::ElementsAddress } + ElementsAddressInstruction() { this.getOpcode() instanceof Opcode::ElementsAddress } /** * Gets the operand that provides the address of the array object. */ - final UnaryOperand getArrayObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getArrayObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the array object. */ - final Instruction getArrayObjectAddress() { result = getArrayObjectAddressOperand().getDef() } + final Instruction getArrayObjectAddress() { + result = this.getArrayObjectAddressOperand().getDef() + } } /** @@ -685,7 +694,7 @@ class ElementsAddressInstruction extends UnaryInstruction { * taken may want to ignore any function that contains an `ErrorInstruction`. */ class ErrorInstruction extends Instruction { - ErrorInstruction() { getOpcode() instanceof Opcode::Error } + ErrorInstruction() { this.getOpcode() instanceof Opcode::Error } } /** @@ -695,7 +704,7 @@ class ErrorInstruction extends Instruction { * an initializer, or whose initializer only partially initializes the variable. */ class UninitializedInstruction extends VariableInstruction { - UninitializedInstruction() { getOpcode() instanceof Opcode::Uninitialized } + UninitializedInstruction() { this.getOpcode() instanceof Opcode::Uninitialized } /** * Gets the variable that is uninitialized. @@ -710,7 +719,7 @@ class UninitializedInstruction extends VariableInstruction { * least one instruction, even when the AST has no semantic effect. */ class NoOpInstruction extends Instruction { - NoOpInstruction() { getOpcode() instanceof Opcode::NoOp } + NoOpInstruction() { this.getOpcode() instanceof Opcode::NoOp } } /** @@ -732,32 +741,32 @@ class NoOpInstruction extends Instruction { * `void`-returning function. */ class ReturnInstruction extends Instruction { - ReturnInstruction() { getOpcode() instanceof ReturnOpcode } + ReturnInstruction() { this.getOpcode() instanceof ReturnOpcode } } /** * An instruction that returns control to the caller of the function, without returning a value. */ class ReturnVoidInstruction extends ReturnInstruction { - ReturnVoidInstruction() { getOpcode() instanceof Opcode::ReturnVoid } + ReturnVoidInstruction() { this.getOpcode() instanceof Opcode::ReturnVoid } } /** * An instruction that returns control to the caller of the function, including a return value. */ class ReturnValueInstruction extends ReturnInstruction { - ReturnValueInstruction() { getOpcode() instanceof Opcode::ReturnValue } + ReturnValueInstruction() { this.getOpcode() instanceof Opcode::ReturnValue } /** * Gets the operand that provides the value being returned by the function. */ - final LoadOperand getReturnValueOperand() { result = getAnOperand() } + final LoadOperand getReturnValueOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value being returned by the function, if an * exact definition is available. */ - final Instruction getReturnValue() { result = getReturnValueOperand().getDef() } + final Instruction getReturnValue() { result = this.getReturnValueOperand().getDef() } } /** @@ -770,28 +779,28 @@ class ReturnValueInstruction extends ReturnInstruction { * that the caller initialized the memory pointed to by the parameter before the call. */ class ReturnIndirectionInstruction extends VariableInstruction { - ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection } + ReturnIndirectionInstruction() { this.getOpcode() instanceof Opcode::ReturnIndirection } /** * Gets the operand that provides the value of the pointed-to memory. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the pointed-to memory, if an exact * definition is available. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** * Gets the operand that provides the address of the pointed-to memory. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the pointed-to memory. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } /** * Gets the parameter for which this instruction reads the final pointed-to value within the @@ -826,7 +835,7 @@ class ReturnIndirectionInstruction extends VariableInstruction { * - `StoreInstruction` - Copies a register operand to a memory result. */ class CopyInstruction extends Instruction { - CopyInstruction() { getOpcode() instanceof CopyOpcode } + CopyInstruction() { this.getOpcode() instanceof CopyOpcode } /** * Gets the operand that provides the input value of the copy. @@ -837,16 +846,16 @@ class CopyInstruction extends Instruction { * Gets the instruction whose result provides the input value of the copy, if an exact definition * is available. */ - final Instruction getSourceValue() { result = getSourceValueOperand().getDef() } + final Instruction getSourceValue() { result = this.getSourceValueOperand().getDef() } } /** * An instruction that returns a register result containing a copy of its register operand. */ class CopyValueInstruction extends CopyInstruction, UnaryInstruction { - CopyValueInstruction() { getOpcode() instanceof Opcode::CopyValue } + CopyValueInstruction() { this.getOpcode() instanceof Opcode::CopyValue } - final override UnaryOperand getSourceValueOperand() { result = getAnOperand() } + final override UnaryOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -863,47 +872,49 @@ private string getAddressOperandDescription(AddressOperand operand) { * An instruction that returns a register result containing a copy of its memory operand. */ class LoadInstruction extends CopyInstruction { - LoadInstruction() { getOpcode() instanceof Opcode::Load } + LoadInstruction() { this.getOpcode() instanceof Opcode::Load } final override string getImmediateString() { - result = getAddressOperandDescription(getSourceAddressOperand()) + result = getAddressOperandDescription(this.getSourceAddressOperand()) } /** * Gets the operand that provides the address of the value being loaded. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the value being loaded. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } - final override LoadOperand getSourceValueOperand() { result = getAnOperand() } + final override LoadOperand getSourceValueOperand() { result = this.getAnOperand() } } /** * An instruction that returns a memory result containing a copy of its register operand. */ class StoreInstruction extends CopyInstruction { - StoreInstruction() { getOpcode() instanceof Opcode::Store } + StoreInstruction() { this.getOpcode() instanceof Opcode::Store } final override string getImmediateString() { - result = getAddressOperandDescription(getDestinationAddressOperand()) + result = getAddressOperandDescription(this.getDestinationAddressOperand()) } /** * Gets the operand that provides the address of the location to which the value will be stored. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the location to which the value will * be stored, if an exact definition is available. */ - final Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + final Instruction getDestinationAddress() { + result = this.getDestinationAddressOperand().getDef() + } - final override StoreValueOperand getSourceValueOperand() { result = getAnOperand() } + final override StoreValueOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -911,27 +922,27 @@ class StoreInstruction extends CopyInstruction { * operand. */ class ConditionalBranchInstruction extends Instruction { - ConditionalBranchInstruction() { getOpcode() instanceof Opcode::ConditionalBranch } + ConditionalBranchInstruction() { this.getOpcode() instanceof Opcode::ConditionalBranch } /** * Gets the operand that provides the Boolean condition controlling the branch. */ - final ConditionOperand getConditionOperand() { result = getAnOperand() } + final ConditionOperand getConditionOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the Boolean condition controlling the branch. */ - final Instruction getCondition() { result = getConditionOperand().getDef() } + final Instruction getCondition() { result = this.getConditionOperand().getDef() } /** * Gets the instruction to which control will flow if the condition is true. */ - final Instruction getTrueSuccessor() { result = getSuccessor(EdgeKind::trueEdge()) } + final Instruction getTrueSuccessor() { result = this.getSuccessor(EdgeKind::trueEdge()) } /** * Gets the instruction to which control will flow if the condition is false. */ - final Instruction getFalseSuccessor() { result = getSuccessor(EdgeKind::falseEdge()) } + final Instruction getFalseSuccessor() { result = this.getSuccessor(EdgeKind::falseEdge()) } } /** @@ -943,14 +954,14 @@ class ConditionalBranchInstruction extends Instruction { * successors. */ class ExitFunctionInstruction extends Instruction { - ExitFunctionInstruction() { getOpcode() instanceof Opcode::ExitFunction } + ExitFunctionInstruction() { this.getOpcode() instanceof Opcode::ExitFunction } } /** * An instruction whose result is a constant value. */ class ConstantInstruction extends ConstantValueInstruction { - ConstantInstruction() { getOpcode() instanceof Opcode::Constant } + ConstantInstruction() { this.getOpcode() instanceof Opcode::Constant } } /** @@ -959,7 +970,7 @@ class ConstantInstruction extends ConstantValueInstruction { class IntegerConstantInstruction extends ConstantInstruction { IntegerConstantInstruction() { exists(IRType resultType | - resultType = getResultIRType() and + resultType = this.getResultIRType() and (resultType instanceof IRIntegerType or resultType instanceof IRBooleanType) ) } @@ -969,7 +980,7 @@ class IntegerConstantInstruction extends ConstantInstruction { * An instruction whose result is a constant value of floating-point type. */ class FloatConstantInstruction extends ConstantInstruction { - FloatConstantInstruction() { getResultIRType() instanceof IRFloatingPointType } + FloatConstantInstruction() { this.getResultIRType() instanceof IRFloatingPointType } } /** @@ -978,7 +989,9 @@ class FloatConstantInstruction extends ConstantInstruction { class StringConstantInstruction extends VariableInstruction { override IRStringLiteral var; - final override string getImmediateString() { result = Language::getStringLiteralText(getValue()) } + final override string getImmediateString() { + result = Language::getStringLiteralText(this.getValue()) + } /** * Gets the string literal whose address is returned by this instruction. @@ -990,37 +1003,37 @@ class StringConstantInstruction extends VariableInstruction { * An instruction whose result is computed from two operands. */ class BinaryInstruction extends Instruction { - BinaryInstruction() { getOpcode() instanceof BinaryOpcode } + BinaryInstruction() { this.getOpcode() instanceof BinaryOpcode } /** * Gets the left operand of this binary instruction. */ - final LeftOperand getLeftOperand() { result = getAnOperand() } + final LeftOperand getLeftOperand() { result = this.getAnOperand() } /** * Gets the right operand of this binary instruction. */ - final RightOperand getRightOperand() { result = getAnOperand() } + final RightOperand getRightOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the left operand of this binary * instruction. */ - final Instruction getLeft() { result = getLeftOperand().getDef() } + final Instruction getLeft() { result = this.getLeftOperand().getDef() } /** * Gets the instruction whose result provides the value of the right operand of this binary * instruction. */ - final Instruction getRight() { result = getRightOperand().getDef() } + final Instruction getRight() { result = this.getRightOperand().getDef() } /** * Holds if this instruction's operands are `op1` and `op2`, in either order. */ final predicate hasOperands(Operand op1, Operand op2) { - op1 = getLeftOperand() and op2 = getRightOperand() + op1 = this.getLeftOperand() and op2 = this.getRightOperand() or - op1 = getRightOperand() and op2 = getLeftOperand() + op1 = this.getRightOperand() and op2 = this.getLeftOperand() } } @@ -1028,7 +1041,7 @@ class BinaryInstruction extends Instruction { * An instruction that computes the result of an arithmetic operation. */ class ArithmeticInstruction extends Instruction { - ArithmeticInstruction() { getOpcode() instanceof ArithmeticOpcode } + ArithmeticInstruction() { this.getOpcode() instanceof ArithmeticOpcode } } /** @@ -1050,7 +1063,7 @@ class UnaryArithmeticInstruction extends ArithmeticInstruction, UnaryInstruction * performed according to IEEE-754. */ class AddInstruction extends BinaryArithmeticInstruction { - AddInstruction() { getOpcode() instanceof Opcode::Add } + AddInstruction() { this.getOpcode() instanceof Opcode::Add } } /** @@ -1061,7 +1074,7 @@ class AddInstruction extends BinaryArithmeticInstruction { * according to IEEE-754. */ class SubInstruction extends BinaryArithmeticInstruction { - SubInstruction() { getOpcode() instanceof Opcode::Sub } + SubInstruction() { this.getOpcode() instanceof Opcode::Sub } } /** @@ -1072,7 +1085,7 @@ class SubInstruction extends BinaryArithmeticInstruction { * performed according to IEEE-754. */ class MulInstruction extends BinaryArithmeticInstruction { - MulInstruction() { getOpcode() instanceof Opcode::Mul } + MulInstruction() { this.getOpcode() instanceof Opcode::Mul } } /** @@ -1083,7 +1096,7 @@ class MulInstruction extends BinaryArithmeticInstruction { * to IEEE-754. */ class DivInstruction extends BinaryArithmeticInstruction { - DivInstruction() { getOpcode() instanceof Opcode::Div } + DivInstruction() { this.getOpcode() instanceof Opcode::Div } } /** @@ -1093,7 +1106,7 @@ class DivInstruction extends BinaryArithmeticInstruction { * division by zero or integer overflow is undefined. */ class RemInstruction extends BinaryArithmeticInstruction { - RemInstruction() { getOpcode() instanceof Opcode::Rem } + RemInstruction() { this.getOpcode() instanceof Opcode::Rem } } /** @@ -1104,14 +1117,14 @@ class RemInstruction extends BinaryArithmeticInstruction { * is performed according to IEEE-754. */ class NegateInstruction extends UnaryArithmeticInstruction { - NegateInstruction() { getOpcode() instanceof Opcode::Negate } + NegateInstruction() { this.getOpcode() instanceof Opcode::Negate } } /** * An instruction that computes the result of a bitwise operation. */ class BitwiseInstruction extends Instruction { - BitwiseInstruction() { getOpcode() instanceof BitwiseOpcode } + BitwiseInstruction() { this.getOpcode() instanceof BitwiseOpcode } } /** @@ -1130,7 +1143,7 @@ class UnaryBitwiseInstruction extends BitwiseInstruction, UnaryInstruction { } * Both operands must have the same integer type, which will also be the result type. */ class BitAndInstruction extends BinaryBitwiseInstruction { - BitAndInstruction() { getOpcode() instanceof Opcode::BitAnd } + BitAndInstruction() { this.getOpcode() instanceof Opcode::BitAnd } } /** @@ -1139,7 +1152,7 @@ class BitAndInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitOrInstruction extends BinaryBitwiseInstruction { - BitOrInstruction() { getOpcode() instanceof Opcode::BitOr } + BitOrInstruction() { this.getOpcode() instanceof Opcode::BitOr } } /** @@ -1148,7 +1161,7 @@ class BitOrInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitXorInstruction extends BinaryBitwiseInstruction { - BitXorInstruction() { getOpcode() instanceof Opcode::BitXor } + BitXorInstruction() { this.getOpcode() instanceof Opcode::BitXor } } /** @@ -1159,7 +1172,7 @@ class BitXorInstruction extends BinaryBitwiseInstruction { * rightmost bits are zero-filled. */ class ShiftLeftInstruction extends BinaryBitwiseInstruction { - ShiftLeftInstruction() { getOpcode() instanceof Opcode::ShiftLeft } + ShiftLeftInstruction() { this.getOpcode() instanceof Opcode::ShiftLeft } } /** @@ -1172,7 +1185,7 @@ class ShiftLeftInstruction extends BinaryBitwiseInstruction { * of the left operand. */ class ShiftRightInstruction extends BinaryBitwiseInstruction { - ShiftRightInstruction() { getOpcode() instanceof Opcode::ShiftRight } + ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } /** @@ -1183,7 +1196,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { int elementSize; PointerArithmeticInstruction() { - getOpcode() instanceof PointerArithmeticOpcode and + this.getOpcode() instanceof PointerArithmeticOpcode and elementSize = Raw::getInstructionElementSize(this) } @@ -1206,7 +1219,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { * An instruction that adds or subtracts an integer offset from a pointer. */ class PointerOffsetInstruction extends PointerArithmeticInstruction { - PointerOffsetInstruction() { getOpcode() instanceof PointerOffsetOpcode } + PointerOffsetInstruction() { this.getOpcode() instanceof PointerOffsetOpcode } } /** @@ -1217,7 +1230,7 @@ class PointerOffsetInstruction extends PointerArithmeticInstruction { * overflow is undefined. */ class PointerAddInstruction extends PointerOffsetInstruction { - PointerAddInstruction() { getOpcode() instanceof Opcode::PointerAdd } + PointerAddInstruction() { this.getOpcode() instanceof Opcode::PointerAdd } } /** @@ -1228,7 +1241,7 @@ class PointerAddInstruction extends PointerOffsetInstruction { * pointer underflow is undefined. */ class PointerSubInstruction extends PointerOffsetInstruction { - PointerSubInstruction() { getOpcode() instanceof Opcode::PointerSub } + PointerSubInstruction() { this.getOpcode() instanceof Opcode::PointerSub } } /** @@ -1241,31 +1254,31 @@ class PointerSubInstruction extends PointerOffsetInstruction { * undefined. */ class PointerDiffInstruction extends PointerArithmeticInstruction { - PointerDiffInstruction() { getOpcode() instanceof Opcode::PointerDiff } + PointerDiffInstruction() { this.getOpcode() instanceof Opcode::PointerDiff } } /** * An instruction whose result is computed from a single operand. */ class UnaryInstruction extends Instruction { - UnaryInstruction() { getOpcode() instanceof UnaryOpcode } + UnaryInstruction() { this.getOpcode() instanceof UnaryOpcode } /** * Gets the sole operand of this instruction. */ - final UnaryOperand getUnaryOperand() { result = getAnOperand() } + final UnaryOperand getUnaryOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the sole operand of this instruction. */ - final Instruction getUnary() { result = getUnaryOperand().getDef() } + final Instruction getUnary() { result = this.getUnaryOperand().getDef() } } /** * An instruction that converts the value of its operand to a value of a different type. */ class ConvertInstruction extends UnaryInstruction { - ConvertInstruction() { getOpcode() instanceof Opcode::Convert } + ConvertInstruction() { this.getOpcode() instanceof Opcode::Convert } } /** @@ -1279,7 +1292,7 @@ class ConvertInstruction extends UnaryInstruction { * `as` expression. */ class CheckedConvertOrNullInstruction extends UnaryInstruction { - CheckedConvertOrNullInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrNull } + CheckedConvertOrNullInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrNull } } /** @@ -1293,7 +1306,7 @@ class CheckedConvertOrNullInstruction extends UnaryInstruction { * expression. */ class CheckedConvertOrThrowInstruction extends UnaryInstruction { - CheckedConvertOrThrowInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrThrow } + CheckedConvertOrThrowInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrThrow } } /** @@ -1306,7 +1319,7 @@ class CheckedConvertOrThrowInstruction extends UnaryInstruction { * the most-derived object. */ class CompleteObjectAddressInstruction extends UnaryInstruction { - CompleteObjectAddressInstruction() { getOpcode() instanceof Opcode::CompleteObjectAddress } + CompleteObjectAddressInstruction() { this.getOpcode() instanceof Opcode::CompleteObjectAddress } } /** @@ -1351,7 +1364,7 @@ class InheritanceConversionInstruction extends UnaryInstruction { * An instruction that converts from the address of a derived class to the address of a base class. */ class ConvertToBaseInstruction extends InheritanceConversionInstruction { - ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode } + ConvertToBaseInstruction() { this.getOpcode() instanceof ConvertToBaseOpcode } } /** @@ -1361,7 +1374,9 @@ class ConvertToBaseInstruction extends InheritanceConversionInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase } + ConvertToNonVirtualBaseInstruction() { + this.getOpcode() instanceof Opcode::ConvertToNonVirtualBase + } } /** @@ -1371,7 +1386,7 @@ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase } + ConvertToVirtualBaseInstruction() { this.getOpcode() instanceof Opcode::ConvertToVirtualBase } } /** @@ -1381,7 +1396,7 @@ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { - ConvertToDerivedInstruction() { getOpcode() instanceof Opcode::ConvertToDerived } + ConvertToDerivedInstruction() { this.getOpcode() instanceof Opcode::ConvertToDerived } } /** @@ -1390,7 +1405,7 @@ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { * The operand must have an integer type, which will also be the result type. */ class BitComplementInstruction extends UnaryBitwiseInstruction { - BitComplementInstruction() { getOpcode() instanceof Opcode::BitComplement } + BitComplementInstruction() { this.getOpcode() instanceof Opcode::BitComplement } } /** @@ -1399,14 +1414,14 @@ class BitComplementInstruction extends UnaryBitwiseInstruction { * The operand must have a Boolean type, which will also be the result type. */ class LogicalNotInstruction extends UnaryInstruction { - LogicalNotInstruction() { getOpcode() instanceof Opcode::LogicalNot } + LogicalNotInstruction() { this.getOpcode() instanceof Opcode::LogicalNot } } /** * An instruction that compares two numeric operands. */ class CompareInstruction extends BinaryInstruction { - CompareInstruction() { getOpcode() instanceof CompareOpcode } + CompareInstruction() { this.getOpcode() instanceof CompareOpcode } } /** @@ -1417,7 +1432,7 @@ class CompareInstruction extends BinaryInstruction { * unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareEQInstruction extends CompareInstruction { - CompareEQInstruction() { getOpcode() instanceof Opcode::CompareEQ } + CompareEQInstruction() { this.getOpcode() instanceof Opcode::CompareEQ } } /** @@ -1428,14 +1443,14 @@ class CompareEQInstruction extends CompareInstruction { * `left == right`. Floating-point comparison is performed according to IEEE-754. */ class CompareNEInstruction extends CompareInstruction { - CompareNEInstruction() { getOpcode() instanceof Opcode::CompareNE } + CompareNEInstruction() { this.getOpcode() instanceof Opcode::CompareNE } } /** * An instruction that does a relative comparison of two values, such as `<` or `>=`. */ class RelationalInstruction extends CompareInstruction { - RelationalInstruction() { getOpcode() instanceof RelationalOpcode } + RelationalInstruction() { this.getOpcode() instanceof RelationalOpcode } /** * Gets the operand on the "greater" (or "greater-or-equal") side @@ -1467,11 +1482,11 @@ class RelationalInstruction extends CompareInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLTInstruction extends RelationalInstruction { - CompareLTInstruction() { getOpcode() instanceof Opcode::CompareLT } + CompareLTInstruction() { this.getOpcode() instanceof Opcode::CompareLT } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { any() } } @@ -1484,11 +1499,11 @@ class CompareLTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGTInstruction extends RelationalInstruction { - CompareGTInstruction() { getOpcode() instanceof Opcode::CompareGT } + CompareGTInstruction() { this.getOpcode() instanceof Opcode::CompareGT } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { any() } } @@ -1502,11 +1517,11 @@ class CompareGTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLEInstruction extends RelationalInstruction { - CompareLEInstruction() { getOpcode() instanceof Opcode::CompareLE } + CompareLEInstruction() { this.getOpcode() instanceof Opcode::CompareLE } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { none() } } @@ -1520,11 +1535,11 @@ class CompareLEInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGEInstruction extends RelationalInstruction { - CompareGEInstruction() { getOpcode() instanceof Opcode::CompareGE } + CompareGEInstruction() { this.getOpcode() instanceof Opcode::CompareGE } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { none() } } @@ -1543,78 +1558,78 @@ class CompareGEInstruction extends RelationalInstruction { * of any case edge. */ class SwitchInstruction extends Instruction { - SwitchInstruction() { getOpcode() instanceof Opcode::Switch } + SwitchInstruction() { this.getOpcode() instanceof Opcode::Switch } /** Gets the operand that provides the integer value controlling the switch. */ - final ConditionOperand getExpressionOperand() { result = getAnOperand() } + final ConditionOperand getExpressionOperand() { result = this.getAnOperand() } /** Gets the instruction whose result provides the integer value controlling the switch. */ - final Instruction getExpression() { result = getExpressionOperand().getDef() } + final Instruction getExpression() { result = this.getExpressionOperand().getDef() } /** Gets the successor instructions along the case edges of the switch. */ - final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = getSuccessor(edge)) } + final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = this.getSuccessor(edge)) } /** Gets the successor instruction along the default edge of the switch, if any. */ - final Instruction getDefaultSuccessor() { result = getSuccessor(EdgeKind::defaultEdge()) } + final Instruction getDefaultSuccessor() { result = this.getSuccessor(EdgeKind::defaultEdge()) } } /** * An instruction that calls a function. */ class CallInstruction extends Instruction { - CallInstruction() { getOpcode() instanceof Opcode::Call } + CallInstruction() { this.getOpcode() instanceof Opcode::Call } final override string getImmediateString() { - result = getStaticCallTarget().toString() + result = this.getStaticCallTarget().toString() or - not exists(getStaticCallTarget()) and result = "?" + not exists(this.getStaticCallTarget()) and result = "?" } /** * Gets the operand the specifies the target function of the call. */ - final CallTargetOperand getCallTargetOperand() { result = getAnOperand() } + final CallTargetOperand getCallTargetOperand() { result = this.getAnOperand() } /** * Gets the `Instruction` that computes the target function of the call. This is usually a * `FunctionAddress` instruction, but can also be an arbitrary instruction that produces a * function pointer. */ - final Instruction getCallTarget() { result = getCallTargetOperand().getDef() } + final Instruction getCallTarget() { result = this.getCallTargetOperand().getDef() } /** * Gets all of the argument operands of the call, including the `this` pointer, if any. */ - final ArgumentOperand getAnArgumentOperand() { result = getAnOperand() } + final ArgumentOperand getAnArgumentOperand() { result = this.getAnOperand() } /** * Gets the `Function` that the call targets, if this is statically known. */ final Language::Function getStaticCallTarget() { - result = getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() + result = this.getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() } /** * Gets all of the arguments of the call, including the `this` pointer, if any. */ - final Instruction getAnArgument() { result = getAnArgumentOperand().getDef() } + final Instruction getAnArgument() { result = this.getAnArgumentOperand().getDef() } /** * Gets the `this` pointer argument operand of the call, if any. */ - final ThisArgumentOperand getThisArgumentOperand() { result = getAnOperand() } + final ThisArgumentOperand getThisArgumentOperand() { result = this.getAnOperand() } /** * Gets the `this` pointer argument of the call, if any. */ - final Instruction getThisArgument() { result = getThisArgumentOperand().getDef() } + final Instruction getThisArgument() { result = this.getThisArgumentOperand().getDef() } /** * Gets the argument operand at the specified index. */ pragma[noinline] final PositionalArgumentOperand getPositionalArgumentOperand(int index) { - result = getAnOperand() and + result = this.getAnOperand() and result.getIndex() = index } @@ -1623,7 +1638,7 @@ class CallInstruction extends Instruction { */ pragma[noinline] final Instruction getPositionalArgument(int index) { - result = getPositionalArgumentOperand(index).getDef() + result = this.getPositionalArgumentOperand(index).getDef() } /** @@ -1631,16 +1646,16 @@ class CallInstruction extends Instruction { */ pragma[noinline] final ArgumentOperand getArgumentOperand(int index) { - index >= 0 and result = getPositionalArgumentOperand(index) + index >= 0 and result = this.getPositionalArgumentOperand(index) or - index = -1 and result = getThisArgumentOperand() + index = -1 and result = this.getThisArgumentOperand() } /** * Gets the argument at the specified index, or `this` if `index` is `-1`. */ pragma[noinline] - final Instruction getArgument(int index) { result = getArgumentOperand(index).getDef() } + final Instruction getArgument(int index) { result = this.getArgumentOperand(index).getDef() } /** * Gets the number of arguments of the call, including the `this` pointer, if any. @@ -1665,7 +1680,7 @@ class CallInstruction extends Instruction { * An instruction representing a side effect of a function call. */ class SideEffectInstruction extends Instruction { - SideEffectInstruction() { getOpcode() instanceof SideEffectOpcode } + SideEffectInstruction() { this.getOpcode() instanceof SideEffectOpcode } /** * Gets the instruction whose execution causes this side effect. @@ -1680,7 +1695,7 @@ class SideEffectInstruction extends Instruction { * accessed by that call. */ class CallSideEffectInstruction extends SideEffectInstruction { - CallSideEffectInstruction() { getOpcode() instanceof Opcode::CallSideEffect } + CallSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallSideEffect } } /** @@ -1691,7 +1706,7 @@ class CallSideEffectInstruction extends SideEffectInstruction { * call target cannot write to escaped memory. */ class CallReadSideEffectInstruction extends SideEffectInstruction { - CallReadSideEffectInstruction() { getOpcode() instanceof Opcode::CallReadSideEffect } + CallReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallReadSideEffect } } /** @@ -1699,33 +1714,33 @@ class CallReadSideEffectInstruction extends SideEffectInstruction { * specific parameter. */ class ReadSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - ReadSideEffectInstruction() { getOpcode() instanceof ReadSideEffectOpcode } + ReadSideEffectInstruction() { this.getOpcode() instanceof ReadSideEffectOpcode } /** Gets the operand for the value that will be read from this instruction, if known. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** Gets the value that will be read from this instruction, if known. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** Gets the operand for the address from which this instruction may read. */ - final AddressOperand getArgumentOperand() { result = getAnOperand() } + final AddressOperand getArgumentOperand() { result = this.getAnOperand() } /** Gets the address from which this instruction may read. */ - final Instruction getArgumentDef() { result = getArgumentOperand().getDef() } + final Instruction getArgumentDef() { result = this.getArgumentOperand().getDef() } } /** * An instruction representing the read of an indirect parameter within a function call. */ class IndirectReadSideEffectInstruction extends ReadSideEffectInstruction { - IndirectReadSideEffectInstruction() { getOpcode() instanceof Opcode::IndirectReadSideEffect } + IndirectReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::IndirectReadSideEffect } } /** * An instruction representing the read of an indirect buffer parameter within a function call. */ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { - BufferReadSideEffectInstruction() { getOpcode() instanceof Opcode::BufferReadSideEffect } + BufferReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::BufferReadSideEffect } } /** @@ -1733,18 +1748,18 @@ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { */ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { SizedBufferReadSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferReadSideEffect + this.getOpcode() instanceof Opcode::SizedBufferReadSideEffect } /** * Gets the operand that holds the number of bytes read from the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes read from the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1752,17 +1767,17 @@ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { * specific parameter. */ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - WriteSideEffectInstruction() { getOpcode() instanceof WriteSideEffectOpcode } + WriteSideEffectInstruction() { this.getOpcode() instanceof WriteSideEffectOpcode } /** * Get the operand that holds the address of the memory to be written. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the memory to be written. */ - Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + Instruction getDestinationAddress() { result = this.getDestinationAddressOperand().getDef() } } /** @@ -1770,7 +1785,7 @@ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstructi */ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMustWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMustWriteSideEffect } } @@ -1780,7 +1795,7 @@ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction */ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { BufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::BufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::BufferMustWriteSideEffect } } @@ -1790,18 +1805,18 @@ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1812,7 +1827,7 @@ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstructi */ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMayWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMayWriteSideEffect } } @@ -1822,7 +1837,9 @@ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { * Unlike `BufferWriteSideEffectInstruction`, the buffer might not be completely overwritten. */ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { - BufferMayWriteSideEffectInstruction() { getOpcode() instanceof Opcode::BufferMayWriteSideEffect } + BufferMayWriteSideEffectInstruction() { + this.getOpcode() instanceof Opcode::BufferMayWriteSideEffect + } } /** @@ -1832,18 +1849,18 @@ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1852,80 +1869,80 @@ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstructio */ class InitializeDynamicAllocationInstruction extends SideEffectInstruction { InitializeDynamicAllocationInstruction() { - getOpcode() instanceof Opcode::InitializeDynamicAllocation + this.getOpcode() instanceof Opcode::InitializeDynamicAllocation } /** * Gets the operand that represents the address of the allocation this instruction is initializing. */ - final AddressOperand getAllocationAddressOperand() { result = getAnOperand() } + final AddressOperand getAllocationAddressOperand() { result = this.getAnOperand() } /** * Gets the address for the allocation this instruction is initializing. */ - final Instruction getAllocationAddress() { result = getAllocationAddressOperand().getDef() } + final Instruction getAllocationAddress() { result = this.getAllocationAddressOperand().getDef() } } /** * An instruction representing a GNU or MSVC inline assembly statement. */ class InlineAsmInstruction extends Instruction { - InlineAsmInstruction() { getOpcode() instanceof Opcode::InlineAsm } + InlineAsmInstruction() { this.getOpcode() instanceof Opcode::InlineAsm } } /** * An instruction that throws an exception. */ class ThrowInstruction extends Instruction { - ThrowInstruction() { getOpcode() instanceof ThrowOpcode } + ThrowInstruction() { this.getOpcode() instanceof ThrowOpcode } } /** * An instruction that throws a new exception. */ class ThrowValueInstruction extends ThrowInstruction { - ThrowValueInstruction() { getOpcode() instanceof Opcode::ThrowValue } + ThrowValueInstruction() { this.getOpcode() instanceof Opcode::ThrowValue } /** * Gets the address operand of the exception thrown by this instruction. */ - final AddressOperand getExceptionAddressOperand() { result = getAnOperand() } + final AddressOperand getExceptionAddressOperand() { result = this.getAnOperand() } /** * Gets the address of the exception thrown by this instruction. */ - final Instruction getExceptionAddress() { result = getExceptionAddressOperand().getDef() } + final Instruction getExceptionAddress() { result = this.getExceptionAddressOperand().getDef() } /** * Gets the operand for the exception thrown by this instruction. */ - final LoadOperand getExceptionOperand() { result = getAnOperand() } + final LoadOperand getExceptionOperand() { result = this.getAnOperand() } /** * Gets the exception thrown by this instruction. */ - final Instruction getException() { result = getExceptionOperand().getDef() } + final Instruction getException() { result = this.getExceptionOperand().getDef() } } /** * An instruction that re-throws the current exception. */ class ReThrowInstruction extends ThrowInstruction { - ReThrowInstruction() { getOpcode() instanceof Opcode::ReThrow } + ReThrowInstruction() { this.getOpcode() instanceof Opcode::ReThrow } } /** * An instruction that exits the current function by propagating an exception. */ class UnwindInstruction extends Instruction { - UnwindInstruction() { getOpcode() instanceof Opcode::Unwind } + UnwindInstruction() { this.getOpcode() instanceof Opcode::Unwind } } /** * An instruction that starts a `catch` handler. */ class CatchInstruction extends Instruction { - CatchInstruction() { getOpcode() instanceof CatchOpcode } + CatchInstruction() { this.getOpcode() instanceof CatchOpcode } } /** @@ -1935,7 +1952,7 @@ class CatchByTypeInstruction extends CatchInstruction { Language::LanguageType exceptionType; CatchByTypeInstruction() { - getOpcode() instanceof Opcode::CatchByType and + this.getOpcode() instanceof Opcode::CatchByType and exceptionType = Raw::getInstructionExceptionType(this) } @@ -1951,21 +1968,21 @@ class CatchByTypeInstruction extends CatchInstruction { * An instruction that catches any exception. */ class CatchAnyInstruction extends CatchInstruction { - CatchAnyInstruction() { getOpcode() instanceof Opcode::CatchAny } + CatchAnyInstruction() { this.getOpcode() instanceof Opcode::CatchAny } } /** * An instruction that initializes all escaped memory. */ class AliasedDefinitionInstruction extends Instruction { - AliasedDefinitionInstruction() { getOpcode() instanceof Opcode::AliasedDefinition } + AliasedDefinitionInstruction() { this.getOpcode() instanceof Opcode::AliasedDefinition } } /** * An instruction that consumes all escaped memory on exit from the function. */ class AliasedUseInstruction extends Instruction { - AliasedUseInstruction() { getOpcode() instanceof Opcode::AliasedUse } + AliasedUseInstruction() { this.getOpcode() instanceof Opcode::AliasedUse } } /** @@ -1979,7 +1996,7 @@ class AliasedUseInstruction extends Instruction { * runtime. */ class PhiInstruction extends Instruction { - PhiInstruction() { getOpcode() instanceof Opcode::Phi } + PhiInstruction() { this.getOpcode() instanceof Opcode::Phi } /** * Gets all of the instruction's `PhiInputOperand`s, representing the values that flow from each predecessor block. @@ -2047,29 +2064,29 @@ class PhiInstruction extends Instruction { * https://link.springer.com/content/pdf/10.1007%2F3-540-61053-7_66.pdf. */ class ChiInstruction extends Instruction { - ChiInstruction() { getOpcode() instanceof Opcode::Chi } + ChiInstruction() { this.getOpcode() instanceof Opcode::Chi } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final ChiTotalOperand getTotalOperand() { result = getAnOperand() } + final ChiTotalOperand getTotalOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final Instruction getTotal() { result = getTotalOperand().getDef() } + final Instruction getTotal() { result = this.getTotalOperand().getDef() } /** * Gets the operand that represents the new value written by the memory write. */ - final ChiPartialOperand getPartialOperand() { result = getAnOperand() } + final ChiPartialOperand getPartialOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the new value written by the memory write. */ - final Instruction getPartial() { result = getPartialOperand().getDef() } + final Instruction getPartial() { result = this.getPartialOperand().getDef() } /** * Gets the bit range `[startBit, endBit)` updated by the partial operand of this `ChiInstruction`, relative to the start address of the total operand. @@ -2093,7 +2110,7 @@ class ChiInstruction extends Instruction { * or `Switch` instruction where that particular edge is infeasible. */ class UnreachedInstruction extends Instruction { - UnreachedInstruction() { getOpcode() instanceof Opcode::Unreached } + UnreachedInstruction() { this.getOpcode() instanceof Opcode::Unreached } } /** @@ -2106,7 +2123,7 @@ class BuiltInOperationInstruction extends Instruction { Language::BuiltInOperation operation; BuiltInOperationInstruction() { - getOpcode() instanceof BuiltInOperationOpcode and + this.getOpcode() instanceof BuiltInOperationOpcode and operation = Raw::getInstructionBuiltInOperation(this) } @@ -2122,9 +2139,9 @@ class BuiltInOperationInstruction extends Instruction { * actual operation is specified by the `getBuiltInOperation()` predicate. */ class BuiltInInstruction extends BuiltInOperationInstruction { - BuiltInInstruction() { getOpcode() instanceof Opcode::BuiltIn } + BuiltInInstruction() { this.getOpcode() instanceof Opcode::BuiltIn } - final override string getImmediateString() { result = getBuiltInOperation().toString() } + final override string getImmediateString() { result = this.getBuiltInOperation().toString() } } /** @@ -2135,7 +2152,7 @@ class BuiltInInstruction extends BuiltInOperationInstruction { * to the `...` parameter. */ class VarArgsStartInstruction extends UnaryInstruction { - VarArgsStartInstruction() { getOpcode() instanceof Opcode::VarArgsStart } + VarArgsStartInstruction() { this.getOpcode() instanceof Opcode::VarArgsStart } } /** @@ -2145,7 +2162,7 @@ class VarArgsStartInstruction extends UnaryInstruction { * a result. */ class VarArgsEndInstruction extends UnaryInstruction { - VarArgsEndInstruction() { getOpcode() instanceof Opcode::VarArgsEnd } + VarArgsEndInstruction() { this.getOpcode() instanceof Opcode::VarArgsEnd } } /** @@ -2155,7 +2172,7 @@ class VarArgsEndInstruction extends UnaryInstruction { * argument. */ class VarArgInstruction extends UnaryInstruction { - VarArgInstruction() { getOpcode() instanceof Opcode::VarArg } + VarArgInstruction() { this.getOpcode() instanceof Opcode::VarArg } } /** @@ -2166,7 +2183,7 @@ class VarArgInstruction extends UnaryInstruction { * argument of the `...` parameter. */ class NextVarArgInstruction extends UnaryInstruction { - NextVarArgInstruction() { getOpcode() instanceof Opcode::NextVarArg } + NextVarArgInstruction() { this.getOpcode() instanceof Opcode::NextVarArg } } /** @@ -2180,5 +2197,5 @@ class NextVarArgInstruction extends UnaryInstruction { * The result is the address of the newly allocated object. */ class NewObjInstruction extends Instruction { - NewObjInstruction() { getOpcode() instanceof Opcode::NewObj } + NewObjInstruction() { this.getOpcode() instanceof Opcode::NewObj } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll index d7cf89ca9aa..85d217bd361 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll @@ -46,12 +46,12 @@ class Operand extends TStageOperand { /** * Gets the location of the source code for this operand. */ - final Language::Location getLocation() { result = getUse().getLocation() } + final Language::Location getLocation() { result = this.getUse().getLocation() } /** * Gets the function that contains this operand. */ - final IRFunction getEnclosingIRFunction() { result = getUse().getEnclosingIRFunction() } + final IRFunction getEnclosingIRFunction() { result = this.getUse().getEnclosingIRFunction() } /** * Gets the `Instruction` that consumes this operand. @@ -74,7 +74,7 @@ class Operand extends TStageOperand { */ final Instruction getDef() { result = this.getAnyDef() and - getDefinitionOverlap() instanceof MustExactlyOverlap + this.getDefinitionOverlap() instanceof MustExactlyOverlap } /** @@ -82,7 +82,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` that consumes this operand. */ - deprecated final Instruction getUseInstruction() { result = getUse() } + deprecated final Instruction getUseInstruction() { result = this.getUse() } /** * DEPRECATED: use `getAnyDef` or `getDef`. The exact replacement for this @@ -91,7 +91,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` whose result is the value of the operand. */ - deprecated final Instruction getDefinitionInstruction() { result = getAnyDef() } + deprecated final Instruction getDefinitionInstruction() { result = this.getAnyDef() } /** * Gets the overlap relationship between the operand's definition and its use. @@ -101,7 +101,9 @@ class Operand extends TStageOperand { /** * Holds if the result of the definition instruction does not exactly overlap this use. */ - final predicate isDefinitionInexact() { not getDefinitionOverlap() instanceof MustExactlyOverlap } + final predicate isDefinitionInexact() { + not this.getDefinitionOverlap() instanceof MustExactlyOverlap + } /** * Gets a prefix to use when dumping the operand in an operand list. @@ -121,7 +123,7 @@ class Operand extends TStageOperand { * For example: `this:r3_5` */ final string getDumpString() { - result = getDumpLabel() + getInexactSpecifier() + getDefinitionId() + result = this.getDumpLabel() + this.getInexactSpecifier() + this.getDefinitionId() } /** @@ -129,9 +131,9 @@ class Operand extends TStageOperand { * definition is not modeled in SSA. */ private string getDefinitionId() { - result = getAnyDef().getResultId() + result = this.getAnyDef().getResultId() or - not exists(getAnyDef()) and result = "m?" + not exists(this.getAnyDef()) and result = "m?" } /** @@ -140,7 +142,7 @@ class Operand extends TStageOperand { * the empty string. */ private string getInexactSpecifier() { - if isDefinitionInexact() then result = "~" else result = "" + if this.isDefinitionInexact() then result = "~" else result = "" } /** @@ -155,7 +157,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - Language::LanguageType getLanguageType() { result = getAnyDef().getResultLanguageType() } + Language::LanguageType getLanguageType() { result = this.getAnyDef().getResultLanguageType() } /** * Gets the language-neutral type of the value consumed by this operand. This is usually the same @@ -164,7 +166,7 @@ class Operand extends TStageOperand { * from the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the value consumed by this operand. This is usually the same as the @@ -173,7 +175,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final Language::Type getType() { getLanguageType().hasType(result, _) } + final Language::Type getType() { this.getLanguageType().hasType(result, _) } /** * Holds if the value consumed by this operand is a glvalue. If this @@ -182,13 +184,13 @@ class Operand extends TStageOperand { * not hold, the value of the operand represents a value whose type is * given by `getType()`. */ - final predicate isGLValue() { getLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getLanguageType().hasType(_, true) } /** * Gets the size of the value consumed by this operand, in bytes. If the operand does not have * a known constant size, this predicate does not hold. */ - final int getSize() { result = getLanguageType().getByteSize() } + final int getSize() { result = this.getLanguageType().getByteSize() } } /** @@ -205,7 +207,7 @@ class MemoryOperand extends Operand { /** * Gets the kind of memory access performed by the operand. */ - MemoryAccessKind getMemoryAccess() { result = getUse().getOpcode().getReadMemoryAccess() } + MemoryAccessKind getMemoryAccess() { result = this.getUse().getOpcode().getReadMemoryAccess() } /** * Holds if the memory access performed by this operand will not always read from every bit in the @@ -215,7 +217,7 @@ class MemoryOperand extends Operand { * conservative estimate of the memory that might actually be accessed at runtime (for example, * the global side effects of a function call). */ - predicate hasMayReadMemoryAccess() { getUse().getOpcode().hasMayReadMemoryAccess() } + predicate hasMayReadMemoryAccess() { this.getUse().getOpcode().hasMayReadMemoryAccess() } /** * Returns the operand that holds the memory address from which the current operand loads its @@ -223,8 +225,8 @@ class MemoryOperand extends Operand { * is `r1`. */ final AddressOperand getAddressOperand() { - getMemoryAccess().usesAddressOperand() and - result.getUse() = getUse() + this.getMemoryAccess().usesAddressOperand() and + result.getUse() = this.getUse() } } @@ -294,7 +296,7 @@ class NonPhiMemoryOperand extends NonPhiOperand, MemoryOperand, TNonPhiMemoryOpe result = unique(Instruction defInstr | hasDefinition(defInstr, _)) } - final override Overlap getDefinitionOverlap() { hasDefinition(_, result) } + final override Overlap getDefinitionOverlap() { this.hasDefinition(_, result) } pragma[noinline] private predicate hasDefinition(Instruction defInstr, Overlap overlap) { @@ -449,13 +451,17 @@ class PhiInputOperand extends MemoryOperand, TPhiOperand { final override Overlap getDefinitionOverlap() { result = overlap } - final override int getDumpSortOrder() { result = 11 + getPredecessorBlock().getDisplayIndex() } - - final override string getDumpLabel() { - result = "from " + getPredecessorBlock().getDisplayIndex().toString() + ":" + final override int getDumpSortOrder() { + result = 11 + this.getPredecessorBlock().getDisplayIndex() } - final override string getDumpId() { result = getPredecessorBlock().getDisplayIndex().toString() } + final override string getDumpLabel() { + result = "from " + this.getPredecessorBlock().getDisplayIndex().toString() + ":" + } + + final override string getDumpId() { + result = this.getPredecessorBlock().getDisplayIndex().toString() + } /** * Gets the predecessor block from which this value comes. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll index 4b86f9a7cec..bb8630a5e0c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll @@ -24,7 +24,7 @@ class IRBlockBase extends TIRBlock { final string toString() { result = getFirstInstruction(this).toString() } /** Gets the source location of the first non-`Phi` instruction in this block. */ - final Language::Location getLocation() { result = getFirstInstruction().getLocation() } + final Language::Location getLocation() { result = this.getFirstInstruction().getLocation() } /** * INTERNAL: Do not use. @@ -39,7 +39,7 @@ class IRBlockBase extends TIRBlock { ) and this = rank[result + 1](IRBlock funcBlock, int sortOverride, int sortKey1, int sortKey2 | - funcBlock.getEnclosingFunction() = getEnclosingFunction() and + funcBlock.getEnclosingFunction() = this.getEnclosingFunction() and funcBlock.getFirstInstruction().hasSortKeys(sortKey1, sortKey2) and // Ensure that the block containing `EnterFunction` always comes first. if funcBlock.getFirstInstruction() instanceof EnterFunctionInstruction @@ -59,15 +59,15 @@ class IRBlockBase extends TIRBlock { * Get the `Phi` instructions that appear at the start of this block. */ final PhiInstruction getAPhiInstruction() { - Construction::getPhiInstructionBlockStart(result) = getFirstInstruction() + Construction::getPhiInstructionBlockStart(result) = this.getFirstInstruction() } /** * Gets an instruction in this block. This includes `Phi` instructions. */ final Instruction getAnInstruction() { - result = getInstruction(_) or - result = getAPhiInstruction() + result = this.getInstruction(_) or + result = this.getAPhiInstruction() } /** @@ -78,7 +78,9 @@ class IRBlockBase extends TIRBlock { /** * Gets the last instruction in this block. */ - final Instruction getLastInstruction() { result = getInstruction(getInstructionCount() - 1) } + final Instruction getLastInstruction() { + result = this.getInstruction(this.getInstructionCount() - 1) + } /** * Gets the number of non-`Phi` instructions in this block. @@ -149,7 +151,7 @@ class IRBlock extends IRBlockBase { * Block `A` dominates block `B` if any control flow path from the entry block of the function to * block `B` must pass through block `A`. A block always dominates itself. */ - final predicate dominates(IRBlock block) { strictlyDominates(block) or this = block } + final predicate dominates(IRBlock block) { this.strictlyDominates(block) or this = block } /** * Gets a block on the dominance frontier of this block. @@ -159,8 +161,8 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock dominanceFrontier() { - dominates(result.getAPredecessor()) and - not strictlyDominates(result) + this.dominates(result.getAPredecessor()) and + not this.strictlyDominates(result) } /** @@ -189,7 +191,7 @@ class IRBlock extends IRBlockBase { * Block `A` post-dominates block `B` if any control flow path from `B` to the exit block of the * function must pass through block `A`. A block always post-dominates itself. */ - final predicate postDominates(IRBlock block) { strictlyPostDominates(block) or this = block } + final predicate postDominates(IRBlock block) { this.strictlyPostDominates(block) or this = block } /** * Gets a block on the post-dominance frontier of this block. @@ -199,16 +201,16 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock postPominanceFrontier() { - postDominates(result.getASuccessor()) and - not strictlyPostDominates(result) + this.postDominates(result.getASuccessor()) and + not this.strictlyPostDominates(result) } /** * Holds if this block is reachable from the entry block of its function. */ final predicate isReachableFromFunctionEntry() { - this = getEnclosingIRFunction().getEntryBlock() or - getAPredecessor().isReachableFromFunctionEntry() + this = this.getEnclosingIRFunction().getEntryBlock() or + this.getAPredecessor().isReachableFromFunctionEntry() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll index 6f471d8a7e8..88a973fc5a8 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll @@ -41,7 +41,7 @@ class Instruction extends Construction::TStageInstruction { } /** Gets a textual representation of this element. */ - final string toString() { result = getOpcode().toString() + ": " + getAST().toString() } + final string toString() { result = this.getOpcode().toString() + ": " + this.getAST().toString() } /** * Gets a string showing the result, opcode, and operands of the instruction, equivalent to what @@ -50,7 +50,8 @@ class Instruction extends Construction::TStageInstruction { * `mu0_28(int) = Store r0_26, r0_27` */ final string getDumpString() { - result = getResultString() + " = " + getOperationString() + " " + getOperandsString() + result = + this.getResultString() + " = " + this.getOperationString() + " " + this.getOperandsString() } private predicate shouldGenerateDumpStrings() { @@ -66,10 +67,13 @@ class Instruction extends Construction::TStageInstruction { * VariableAddress[x] */ final string getOperationString() { - shouldGenerateDumpStrings() and - if exists(getImmediateString()) - then result = getOperationPrefix() + getOpcode().toString() + "[" + getImmediateString() + "]" - else result = getOperationPrefix() + getOpcode().toString() + this.shouldGenerateDumpStrings() and + if exists(this.getImmediateString()) + then + result = + this.getOperationPrefix() + this.getOpcode().toString() + "[" + this.getImmediateString() + + "]" + else result = this.getOperationPrefix() + this.getOpcode().toString() } /** @@ -78,17 +82,17 @@ class Instruction extends Construction::TStageInstruction { string getImmediateString() { none() } private string getOperationPrefix() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and if this instanceof SideEffectInstruction then result = "^" else result = "" } private string getResultPrefix() { - shouldGenerateDumpStrings() and - if getResultIRType() instanceof IRVoidType + this.shouldGenerateDumpStrings() and + if this.getResultIRType() instanceof IRVoidType then result = "v" else - if hasMemoryResult() - then if isResultModeled() then result = "m" else result = "mu" + if this.hasMemoryResult() + then if this.isResultModeled() then result = "m" else result = "mu" else result = "r" } @@ -97,7 +101,7 @@ class Instruction extends Construction::TStageInstruction { * used by debugging and printing code only. */ int getDisplayIndexInBlock() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and exists(IRBlock block | this = block.getInstruction(result) or @@ -111,12 +115,12 @@ class Instruction extends Construction::TStageInstruction { } private int getLineRank() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and this = rank[result](Instruction instr | instr = - getAnInstructionAtLine(getEnclosingIRFunction(), getLocation().getFile(), - getLocation().getStartLine()) + getAnInstructionAtLine(this.getEnclosingIRFunction(), this.getLocation().getFile(), + this.getLocation().getStartLine()) | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) @@ -130,8 +134,9 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1` */ string getResultId() { - shouldGenerateDumpStrings() and - result = getResultPrefix() + getAST().getLocation().getStartLine() + "_" + getLineRank() + this.shouldGenerateDumpStrings() and + result = + this.getResultPrefix() + this.getAST().getLocation().getStartLine() + "_" + this.getLineRank() } /** @@ -142,8 +147,8 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1(int*)` */ final string getResultString() { - shouldGenerateDumpStrings() and - result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")" + this.shouldGenerateDumpStrings() and + result = this.getResultId() + "(" + this.getResultLanguageType().getDumpString() + ")" } /** @@ -153,10 +158,10 @@ class Instruction extends Construction::TStageInstruction { * Example: `func:r3_4, this:r3_5` */ string getOperandsString() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and result = concat(Operand operand | - operand = getAnOperand() + operand = this.getAnOperand() | operand.getDumpString(), ", " order by operand.getDumpSortOrder() ) @@ -190,7 +195,7 @@ class Instruction extends Construction::TStageInstruction { * Gets the function that contains this instruction. */ final Language::Function getEnclosingFunction() { - result = getEnclosingIRFunction().getFunction() + result = this.getEnclosingIRFunction().getFunction() } /** @@ -208,7 +213,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets the location of the source code for this instruction. */ - final Language::Location getLocation() { result = getAST().getLocation() } + final Language::Location getLocation() { result = this.getAST().getLocation() } /** * Gets the `Expr` whose result is computed by this instruction, if any. The `Expr` may be a @@ -243,7 +248,7 @@ class Instruction extends Construction::TStageInstruction { * a result, its result type will be `IRVoidType`. */ cached - final IRType getResultIRType() { result = getResultLanguageType().getIRType() } + final IRType getResultIRType() { result = this.getResultLanguageType().getIRType() } /** * Gets the type of the result produced by this instruction. If the @@ -254,7 +259,7 @@ class Instruction extends Construction::TStageInstruction { */ final Language::Type getResultType() { exists(Language::LanguageType resultType | - resultType = getResultLanguageType() and + resultType = this.getResultLanguageType() and ( resultType.hasUnspecifiedType(result, _) or @@ -283,7 +288,7 @@ class Instruction extends Construction::TStageInstruction { * result of the `Load` instruction is a prvalue of type `int`, representing * the integer value loaded from variable `x`. */ - final predicate isGLValue() { getResultLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getResultLanguageType().hasType(_, true) } /** * Gets the size of the result produced by this instruction, in bytes. If the @@ -292,7 +297,7 @@ class Instruction extends Construction::TStageInstruction { * If `this.isGLValue()` holds for this instruction, the value of * `getResultSize()` will always be the size of a pointer. */ - final int getResultSize() { result = getResultLanguageType().getByteSize() } + final int getResultSize() { result = this.getResultLanguageType().getByteSize() } /** * Gets the opcode that specifies the operation performed by this instruction. @@ -314,14 +319,16 @@ class Instruction extends Construction::TStageInstruction { /** * Holds if this instruction produces a memory result. */ - final predicate hasMemoryResult() { exists(getResultMemoryAccess()) } + final predicate hasMemoryResult() { exists(this.getResultMemoryAccess()) } /** * Gets the kind of memory access performed by this instruction's result. * Holds only for instructions with a memory result. */ pragma[inline] - final MemoryAccessKind getResultMemoryAccess() { result = getOpcode().getWriteMemoryAccess() } + final MemoryAccessKind getResultMemoryAccess() { + result = this.getOpcode().getWriteMemoryAccess() + } /** * Holds if the memory access performed by this instruction's result will not always write to @@ -332,7 +339,7 @@ class Instruction extends Construction::TStageInstruction { * (for example, the global side effects of a function call). */ pragma[inline] - final predicate hasResultMayMemoryAccess() { getOpcode().hasMayWriteMemoryAccess() } + final predicate hasResultMayMemoryAccess() { this.getOpcode().hasMayWriteMemoryAccess() } /** * Gets the operand that holds the memory address to which this instruction stores its @@ -340,7 +347,7 @@ class Instruction extends Construction::TStageInstruction { * is `r1`. */ final AddressOperand getResultAddressOperand() { - getResultMemoryAccess().usesAddressOperand() and + this.getResultMemoryAccess().usesAddressOperand() and result.getUse() = this } @@ -349,7 +356,7 @@ class Instruction extends Construction::TStageInstruction { * result, if any. For example, in `m3 = Store r1, r2`, the result of `getResultAddressOperand()` * is the instruction that defines `r1`. */ - final Instruction getResultAddress() { result = getResultAddressOperand().getDef() } + final Instruction getResultAddress() { result = this.getResultAddressOperand().getDef() } /** * Holds if the result of this instruction is precisely modeled in SSA. Always @@ -368,7 +375,7 @@ class Instruction extends Construction::TStageInstruction { */ final predicate isResultModeled() { // Register results are always in SSA form. - not hasMemoryResult() or + not this.hasMemoryResult() or Construction::hasModeledMemoryResult(this) } @@ -412,7 +419,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct successors of this instruction. */ - final Instruction getASuccessor() { result = getSuccessor(_) } + final Instruction getASuccessor() { result = this.getSuccessor(_) } /** * Gets a predecessor of this instruction such that the predecessor reaches @@ -423,7 +430,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct predecessors of this instruction. */ - final Instruction getAPredecessor() { result = getPredecessor(_) } + final Instruction getAPredecessor() { result = this.getPredecessor(_) } } /** @@ -543,7 +550,7 @@ class IndexedInstruction extends Instruction { * at this instruction. This instruction has no predecessors. */ class EnterFunctionInstruction extends Instruction { - EnterFunctionInstruction() { getOpcode() instanceof Opcode::EnterFunction } + EnterFunctionInstruction() { this.getOpcode() instanceof Opcode::EnterFunction } } /** @@ -554,7 +561,7 @@ class EnterFunctionInstruction extends Instruction { * struct, or union, see `FieldAddressInstruction`. */ class VariableAddressInstruction extends VariableInstruction { - VariableAddressInstruction() { getOpcode() instanceof Opcode::VariableAddress } + VariableAddressInstruction() { this.getOpcode() instanceof Opcode::VariableAddress } } /** @@ -566,7 +573,7 @@ class VariableAddressInstruction extends VariableInstruction { * The result has an `IRFunctionAddress` type. */ class FunctionAddressInstruction extends FunctionInstruction { - FunctionAddressInstruction() { getOpcode() instanceof Opcode::FunctionAddress } + FunctionAddressInstruction() { this.getOpcode() instanceof Opcode::FunctionAddress } } /** @@ -577,7 +584,7 @@ class FunctionAddressInstruction extends FunctionInstruction { * initializes that parameter. */ class InitializeParameterInstruction extends VariableInstruction { - InitializeParameterInstruction() { getOpcode() instanceof Opcode::InitializeParameter } + InitializeParameterInstruction() { this.getOpcode() instanceof Opcode::InitializeParameter } /** * Gets the parameter initialized by this instruction. @@ -603,7 +610,7 @@ class InitializeParameterInstruction extends VariableInstruction { * initialized elsewhere, would not otherwise have a definition in this function. */ class InitializeNonLocalInstruction extends Instruction { - InitializeNonLocalInstruction() { getOpcode() instanceof Opcode::InitializeNonLocal } + InitializeNonLocalInstruction() { this.getOpcode() instanceof Opcode::InitializeNonLocal } } /** @@ -611,7 +618,7 @@ class InitializeNonLocalInstruction extends Instruction { * with the value of that memory on entry to the function. */ class InitializeIndirectionInstruction extends VariableInstruction { - InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection } + InitializeIndirectionInstruction() { this.getOpcode() instanceof Opcode::InitializeIndirection } /** * Gets the parameter initialized by this instruction. @@ -635,24 +642,24 @@ class InitializeIndirectionInstruction extends VariableInstruction { * An instruction that initializes the `this` pointer parameter of the enclosing function. */ class InitializeThisInstruction extends Instruction { - InitializeThisInstruction() { getOpcode() instanceof Opcode::InitializeThis } + InitializeThisInstruction() { this.getOpcode() instanceof Opcode::InitializeThis } } /** * An instruction that computes the address of a non-static field of an object. */ class FieldAddressInstruction extends FieldInstruction { - FieldAddressInstruction() { getOpcode() instanceof Opcode::FieldAddress } + FieldAddressInstruction() { this.getOpcode() instanceof Opcode::FieldAddress } /** * Gets the operand that provides the address of the object containing the field. */ - final UnaryOperand getObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the object containing the field. */ - final Instruction getObjectAddress() { result = getObjectAddressOperand().getDef() } + final Instruction getObjectAddress() { result = this.getObjectAddressOperand().getDef() } } /** @@ -661,17 +668,19 @@ class FieldAddressInstruction extends FieldInstruction { * This instruction is used for element access to C# arrays. */ class ElementsAddressInstruction extends UnaryInstruction { - ElementsAddressInstruction() { getOpcode() instanceof Opcode::ElementsAddress } + ElementsAddressInstruction() { this.getOpcode() instanceof Opcode::ElementsAddress } /** * Gets the operand that provides the address of the array object. */ - final UnaryOperand getArrayObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getArrayObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the array object. */ - final Instruction getArrayObjectAddress() { result = getArrayObjectAddressOperand().getDef() } + final Instruction getArrayObjectAddress() { + result = this.getArrayObjectAddressOperand().getDef() + } } /** @@ -685,7 +694,7 @@ class ElementsAddressInstruction extends UnaryInstruction { * taken may want to ignore any function that contains an `ErrorInstruction`. */ class ErrorInstruction extends Instruction { - ErrorInstruction() { getOpcode() instanceof Opcode::Error } + ErrorInstruction() { this.getOpcode() instanceof Opcode::Error } } /** @@ -695,7 +704,7 @@ class ErrorInstruction extends Instruction { * an initializer, or whose initializer only partially initializes the variable. */ class UninitializedInstruction extends VariableInstruction { - UninitializedInstruction() { getOpcode() instanceof Opcode::Uninitialized } + UninitializedInstruction() { this.getOpcode() instanceof Opcode::Uninitialized } /** * Gets the variable that is uninitialized. @@ -710,7 +719,7 @@ class UninitializedInstruction extends VariableInstruction { * least one instruction, even when the AST has no semantic effect. */ class NoOpInstruction extends Instruction { - NoOpInstruction() { getOpcode() instanceof Opcode::NoOp } + NoOpInstruction() { this.getOpcode() instanceof Opcode::NoOp } } /** @@ -732,32 +741,32 @@ class NoOpInstruction extends Instruction { * `void`-returning function. */ class ReturnInstruction extends Instruction { - ReturnInstruction() { getOpcode() instanceof ReturnOpcode } + ReturnInstruction() { this.getOpcode() instanceof ReturnOpcode } } /** * An instruction that returns control to the caller of the function, without returning a value. */ class ReturnVoidInstruction extends ReturnInstruction { - ReturnVoidInstruction() { getOpcode() instanceof Opcode::ReturnVoid } + ReturnVoidInstruction() { this.getOpcode() instanceof Opcode::ReturnVoid } } /** * An instruction that returns control to the caller of the function, including a return value. */ class ReturnValueInstruction extends ReturnInstruction { - ReturnValueInstruction() { getOpcode() instanceof Opcode::ReturnValue } + ReturnValueInstruction() { this.getOpcode() instanceof Opcode::ReturnValue } /** * Gets the operand that provides the value being returned by the function. */ - final LoadOperand getReturnValueOperand() { result = getAnOperand() } + final LoadOperand getReturnValueOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value being returned by the function, if an * exact definition is available. */ - final Instruction getReturnValue() { result = getReturnValueOperand().getDef() } + final Instruction getReturnValue() { result = this.getReturnValueOperand().getDef() } } /** @@ -770,28 +779,28 @@ class ReturnValueInstruction extends ReturnInstruction { * that the caller initialized the memory pointed to by the parameter before the call. */ class ReturnIndirectionInstruction extends VariableInstruction { - ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection } + ReturnIndirectionInstruction() { this.getOpcode() instanceof Opcode::ReturnIndirection } /** * Gets the operand that provides the value of the pointed-to memory. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the pointed-to memory, if an exact * definition is available. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** * Gets the operand that provides the address of the pointed-to memory. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the pointed-to memory. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } /** * Gets the parameter for which this instruction reads the final pointed-to value within the @@ -826,7 +835,7 @@ class ReturnIndirectionInstruction extends VariableInstruction { * - `StoreInstruction` - Copies a register operand to a memory result. */ class CopyInstruction extends Instruction { - CopyInstruction() { getOpcode() instanceof CopyOpcode } + CopyInstruction() { this.getOpcode() instanceof CopyOpcode } /** * Gets the operand that provides the input value of the copy. @@ -837,16 +846,16 @@ class CopyInstruction extends Instruction { * Gets the instruction whose result provides the input value of the copy, if an exact definition * is available. */ - final Instruction getSourceValue() { result = getSourceValueOperand().getDef() } + final Instruction getSourceValue() { result = this.getSourceValueOperand().getDef() } } /** * An instruction that returns a register result containing a copy of its register operand. */ class CopyValueInstruction extends CopyInstruction, UnaryInstruction { - CopyValueInstruction() { getOpcode() instanceof Opcode::CopyValue } + CopyValueInstruction() { this.getOpcode() instanceof Opcode::CopyValue } - final override UnaryOperand getSourceValueOperand() { result = getAnOperand() } + final override UnaryOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -863,47 +872,49 @@ private string getAddressOperandDescription(AddressOperand operand) { * An instruction that returns a register result containing a copy of its memory operand. */ class LoadInstruction extends CopyInstruction { - LoadInstruction() { getOpcode() instanceof Opcode::Load } + LoadInstruction() { this.getOpcode() instanceof Opcode::Load } final override string getImmediateString() { - result = getAddressOperandDescription(getSourceAddressOperand()) + result = getAddressOperandDescription(this.getSourceAddressOperand()) } /** * Gets the operand that provides the address of the value being loaded. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the value being loaded. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } - final override LoadOperand getSourceValueOperand() { result = getAnOperand() } + final override LoadOperand getSourceValueOperand() { result = this.getAnOperand() } } /** * An instruction that returns a memory result containing a copy of its register operand. */ class StoreInstruction extends CopyInstruction { - StoreInstruction() { getOpcode() instanceof Opcode::Store } + StoreInstruction() { this.getOpcode() instanceof Opcode::Store } final override string getImmediateString() { - result = getAddressOperandDescription(getDestinationAddressOperand()) + result = getAddressOperandDescription(this.getDestinationAddressOperand()) } /** * Gets the operand that provides the address of the location to which the value will be stored. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the location to which the value will * be stored, if an exact definition is available. */ - final Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + final Instruction getDestinationAddress() { + result = this.getDestinationAddressOperand().getDef() + } - final override StoreValueOperand getSourceValueOperand() { result = getAnOperand() } + final override StoreValueOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -911,27 +922,27 @@ class StoreInstruction extends CopyInstruction { * operand. */ class ConditionalBranchInstruction extends Instruction { - ConditionalBranchInstruction() { getOpcode() instanceof Opcode::ConditionalBranch } + ConditionalBranchInstruction() { this.getOpcode() instanceof Opcode::ConditionalBranch } /** * Gets the operand that provides the Boolean condition controlling the branch. */ - final ConditionOperand getConditionOperand() { result = getAnOperand() } + final ConditionOperand getConditionOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the Boolean condition controlling the branch. */ - final Instruction getCondition() { result = getConditionOperand().getDef() } + final Instruction getCondition() { result = this.getConditionOperand().getDef() } /** * Gets the instruction to which control will flow if the condition is true. */ - final Instruction getTrueSuccessor() { result = getSuccessor(EdgeKind::trueEdge()) } + final Instruction getTrueSuccessor() { result = this.getSuccessor(EdgeKind::trueEdge()) } /** * Gets the instruction to which control will flow if the condition is false. */ - final Instruction getFalseSuccessor() { result = getSuccessor(EdgeKind::falseEdge()) } + final Instruction getFalseSuccessor() { result = this.getSuccessor(EdgeKind::falseEdge()) } } /** @@ -943,14 +954,14 @@ class ConditionalBranchInstruction extends Instruction { * successors. */ class ExitFunctionInstruction extends Instruction { - ExitFunctionInstruction() { getOpcode() instanceof Opcode::ExitFunction } + ExitFunctionInstruction() { this.getOpcode() instanceof Opcode::ExitFunction } } /** * An instruction whose result is a constant value. */ class ConstantInstruction extends ConstantValueInstruction { - ConstantInstruction() { getOpcode() instanceof Opcode::Constant } + ConstantInstruction() { this.getOpcode() instanceof Opcode::Constant } } /** @@ -959,7 +970,7 @@ class ConstantInstruction extends ConstantValueInstruction { class IntegerConstantInstruction extends ConstantInstruction { IntegerConstantInstruction() { exists(IRType resultType | - resultType = getResultIRType() and + resultType = this.getResultIRType() and (resultType instanceof IRIntegerType or resultType instanceof IRBooleanType) ) } @@ -969,7 +980,7 @@ class IntegerConstantInstruction extends ConstantInstruction { * An instruction whose result is a constant value of floating-point type. */ class FloatConstantInstruction extends ConstantInstruction { - FloatConstantInstruction() { getResultIRType() instanceof IRFloatingPointType } + FloatConstantInstruction() { this.getResultIRType() instanceof IRFloatingPointType } } /** @@ -978,7 +989,9 @@ class FloatConstantInstruction extends ConstantInstruction { class StringConstantInstruction extends VariableInstruction { override IRStringLiteral var; - final override string getImmediateString() { result = Language::getStringLiteralText(getValue()) } + final override string getImmediateString() { + result = Language::getStringLiteralText(this.getValue()) + } /** * Gets the string literal whose address is returned by this instruction. @@ -990,37 +1003,37 @@ class StringConstantInstruction extends VariableInstruction { * An instruction whose result is computed from two operands. */ class BinaryInstruction extends Instruction { - BinaryInstruction() { getOpcode() instanceof BinaryOpcode } + BinaryInstruction() { this.getOpcode() instanceof BinaryOpcode } /** * Gets the left operand of this binary instruction. */ - final LeftOperand getLeftOperand() { result = getAnOperand() } + final LeftOperand getLeftOperand() { result = this.getAnOperand() } /** * Gets the right operand of this binary instruction. */ - final RightOperand getRightOperand() { result = getAnOperand() } + final RightOperand getRightOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the left operand of this binary * instruction. */ - final Instruction getLeft() { result = getLeftOperand().getDef() } + final Instruction getLeft() { result = this.getLeftOperand().getDef() } /** * Gets the instruction whose result provides the value of the right operand of this binary * instruction. */ - final Instruction getRight() { result = getRightOperand().getDef() } + final Instruction getRight() { result = this.getRightOperand().getDef() } /** * Holds if this instruction's operands are `op1` and `op2`, in either order. */ final predicate hasOperands(Operand op1, Operand op2) { - op1 = getLeftOperand() and op2 = getRightOperand() + op1 = this.getLeftOperand() and op2 = this.getRightOperand() or - op1 = getRightOperand() and op2 = getLeftOperand() + op1 = this.getRightOperand() and op2 = this.getLeftOperand() } } @@ -1028,7 +1041,7 @@ class BinaryInstruction extends Instruction { * An instruction that computes the result of an arithmetic operation. */ class ArithmeticInstruction extends Instruction { - ArithmeticInstruction() { getOpcode() instanceof ArithmeticOpcode } + ArithmeticInstruction() { this.getOpcode() instanceof ArithmeticOpcode } } /** @@ -1050,7 +1063,7 @@ class UnaryArithmeticInstruction extends ArithmeticInstruction, UnaryInstruction * performed according to IEEE-754. */ class AddInstruction extends BinaryArithmeticInstruction { - AddInstruction() { getOpcode() instanceof Opcode::Add } + AddInstruction() { this.getOpcode() instanceof Opcode::Add } } /** @@ -1061,7 +1074,7 @@ class AddInstruction extends BinaryArithmeticInstruction { * according to IEEE-754. */ class SubInstruction extends BinaryArithmeticInstruction { - SubInstruction() { getOpcode() instanceof Opcode::Sub } + SubInstruction() { this.getOpcode() instanceof Opcode::Sub } } /** @@ -1072,7 +1085,7 @@ class SubInstruction extends BinaryArithmeticInstruction { * performed according to IEEE-754. */ class MulInstruction extends BinaryArithmeticInstruction { - MulInstruction() { getOpcode() instanceof Opcode::Mul } + MulInstruction() { this.getOpcode() instanceof Opcode::Mul } } /** @@ -1083,7 +1096,7 @@ class MulInstruction extends BinaryArithmeticInstruction { * to IEEE-754. */ class DivInstruction extends BinaryArithmeticInstruction { - DivInstruction() { getOpcode() instanceof Opcode::Div } + DivInstruction() { this.getOpcode() instanceof Opcode::Div } } /** @@ -1093,7 +1106,7 @@ class DivInstruction extends BinaryArithmeticInstruction { * division by zero or integer overflow is undefined. */ class RemInstruction extends BinaryArithmeticInstruction { - RemInstruction() { getOpcode() instanceof Opcode::Rem } + RemInstruction() { this.getOpcode() instanceof Opcode::Rem } } /** @@ -1104,14 +1117,14 @@ class RemInstruction extends BinaryArithmeticInstruction { * is performed according to IEEE-754. */ class NegateInstruction extends UnaryArithmeticInstruction { - NegateInstruction() { getOpcode() instanceof Opcode::Negate } + NegateInstruction() { this.getOpcode() instanceof Opcode::Negate } } /** * An instruction that computes the result of a bitwise operation. */ class BitwiseInstruction extends Instruction { - BitwiseInstruction() { getOpcode() instanceof BitwiseOpcode } + BitwiseInstruction() { this.getOpcode() instanceof BitwiseOpcode } } /** @@ -1130,7 +1143,7 @@ class UnaryBitwiseInstruction extends BitwiseInstruction, UnaryInstruction { } * Both operands must have the same integer type, which will also be the result type. */ class BitAndInstruction extends BinaryBitwiseInstruction { - BitAndInstruction() { getOpcode() instanceof Opcode::BitAnd } + BitAndInstruction() { this.getOpcode() instanceof Opcode::BitAnd } } /** @@ -1139,7 +1152,7 @@ class BitAndInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitOrInstruction extends BinaryBitwiseInstruction { - BitOrInstruction() { getOpcode() instanceof Opcode::BitOr } + BitOrInstruction() { this.getOpcode() instanceof Opcode::BitOr } } /** @@ -1148,7 +1161,7 @@ class BitOrInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitXorInstruction extends BinaryBitwiseInstruction { - BitXorInstruction() { getOpcode() instanceof Opcode::BitXor } + BitXorInstruction() { this.getOpcode() instanceof Opcode::BitXor } } /** @@ -1159,7 +1172,7 @@ class BitXorInstruction extends BinaryBitwiseInstruction { * rightmost bits are zero-filled. */ class ShiftLeftInstruction extends BinaryBitwiseInstruction { - ShiftLeftInstruction() { getOpcode() instanceof Opcode::ShiftLeft } + ShiftLeftInstruction() { this.getOpcode() instanceof Opcode::ShiftLeft } } /** @@ -1172,7 +1185,7 @@ class ShiftLeftInstruction extends BinaryBitwiseInstruction { * of the left operand. */ class ShiftRightInstruction extends BinaryBitwiseInstruction { - ShiftRightInstruction() { getOpcode() instanceof Opcode::ShiftRight } + ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } /** @@ -1183,7 +1196,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { int elementSize; PointerArithmeticInstruction() { - getOpcode() instanceof PointerArithmeticOpcode and + this.getOpcode() instanceof PointerArithmeticOpcode and elementSize = Raw::getInstructionElementSize(this) } @@ -1206,7 +1219,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { * An instruction that adds or subtracts an integer offset from a pointer. */ class PointerOffsetInstruction extends PointerArithmeticInstruction { - PointerOffsetInstruction() { getOpcode() instanceof PointerOffsetOpcode } + PointerOffsetInstruction() { this.getOpcode() instanceof PointerOffsetOpcode } } /** @@ -1217,7 +1230,7 @@ class PointerOffsetInstruction extends PointerArithmeticInstruction { * overflow is undefined. */ class PointerAddInstruction extends PointerOffsetInstruction { - PointerAddInstruction() { getOpcode() instanceof Opcode::PointerAdd } + PointerAddInstruction() { this.getOpcode() instanceof Opcode::PointerAdd } } /** @@ -1228,7 +1241,7 @@ class PointerAddInstruction extends PointerOffsetInstruction { * pointer underflow is undefined. */ class PointerSubInstruction extends PointerOffsetInstruction { - PointerSubInstruction() { getOpcode() instanceof Opcode::PointerSub } + PointerSubInstruction() { this.getOpcode() instanceof Opcode::PointerSub } } /** @@ -1241,31 +1254,31 @@ class PointerSubInstruction extends PointerOffsetInstruction { * undefined. */ class PointerDiffInstruction extends PointerArithmeticInstruction { - PointerDiffInstruction() { getOpcode() instanceof Opcode::PointerDiff } + PointerDiffInstruction() { this.getOpcode() instanceof Opcode::PointerDiff } } /** * An instruction whose result is computed from a single operand. */ class UnaryInstruction extends Instruction { - UnaryInstruction() { getOpcode() instanceof UnaryOpcode } + UnaryInstruction() { this.getOpcode() instanceof UnaryOpcode } /** * Gets the sole operand of this instruction. */ - final UnaryOperand getUnaryOperand() { result = getAnOperand() } + final UnaryOperand getUnaryOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the sole operand of this instruction. */ - final Instruction getUnary() { result = getUnaryOperand().getDef() } + final Instruction getUnary() { result = this.getUnaryOperand().getDef() } } /** * An instruction that converts the value of its operand to a value of a different type. */ class ConvertInstruction extends UnaryInstruction { - ConvertInstruction() { getOpcode() instanceof Opcode::Convert } + ConvertInstruction() { this.getOpcode() instanceof Opcode::Convert } } /** @@ -1279,7 +1292,7 @@ class ConvertInstruction extends UnaryInstruction { * `as` expression. */ class CheckedConvertOrNullInstruction extends UnaryInstruction { - CheckedConvertOrNullInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrNull } + CheckedConvertOrNullInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrNull } } /** @@ -1293,7 +1306,7 @@ class CheckedConvertOrNullInstruction extends UnaryInstruction { * expression. */ class CheckedConvertOrThrowInstruction extends UnaryInstruction { - CheckedConvertOrThrowInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrThrow } + CheckedConvertOrThrowInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrThrow } } /** @@ -1306,7 +1319,7 @@ class CheckedConvertOrThrowInstruction extends UnaryInstruction { * the most-derived object. */ class CompleteObjectAddressInstruction extends UnaryInstruction { - CompleteObjectAddressInstruction() { getOpcode() instanceof Opcode::CompleteObjectAddress } + CompleteObjectAddressInstruction() { this.getOpcode() instanceof Opcode::CompleteObjectAddress } } /** @@ -1351,7 +1364,7 @@ class InheritanceConversionInstruction extends UnaryInstruction { * An instruction that converts from the address of a derived class to the address of a base class. */ class ConvertToBaseInstruction extends InheritanceConversionInstruction { - ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode } + ConvertToBaseInstruction() { this.getOpcode() instanceof ConvertToBaseOpcode } } /** @@ -1361,7 +1374,9 @@ class ConvertToBaseInstruction extends InheritanceConversionInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase } + ConvertToNonVirtualBaseInstruction() { + this.getOpcode() instanceof Opcode::ConvertToNonVirtualBase + } } /** @@ -1371,7 +1386,7 @@ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase } + ConvertToVirtualBaseInstruction() { this.getOpcode() instanceof Opcode::ConvertToVirtualBase } } /** @@ -1381,7 +1396,7 @@ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { - ConvertToDerivedInstruction() { getOpcode() instanceof Opcode::ConvertToDerived } + ConvertToDerivedInstruction() { this.getOpcode() instanceof Opcode::ConvertToDerived } } /** @@ -1390,7 +1405,7 @@ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { * The operand must have an integer type, which will also be the result type. */ class BitComplementInstruction extends UnaryBitwiseInstruction { - BitComplementInstruction() { getOpcode() instanceof Opcode::BitComplement } + BitComplementInstruction() { this.getOpcode() instanceof Opcode::BitComplement } } /** @@ -1399,14 +1414,14 @@ class BitComplementInstruction extends UnaryBitwiseInstruction { * The operand must have a Boolean type, which will also be the result type. */ class LogicalNotInstruction extends UnaryInstruction { - LogicalNotInstruction() { getOpcode() instanceof Opcode::LogicalNot } + LogicalNotInstruction() { this.getOpcode() instanceof Opcode::LogicalNot } } /** * An instruction that compares two numeric operands. */ class CompareInstruction extends BinaryInstruction { - CompareInstruction() { getOpcode() instanceof CompareOpcode } + CompareInstruction() { this.getOpcode() instanceof CompareOpcode } } /** @@ -1417,7 +1432,7 @@ class CompareInstruction extends BinaryInstruction { * unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareEQInstruction extends CompareInstruction { - CompareEQInstruction() { getOpcode() instanceof Opcode::CompareEQ } + CompareEQInstruction() { this.getOpcode() instanceof Opcode::CompareEQ } } /** @@ -1428,14 +1443,14 @@ class CompareEQInstruction extends CompareInstruction { * `left == right`. Floating-point comparison is performed according to IEEE-754. */ class CompareNEInstruction extends CompareInstruction { - CompareNEInstruction() { getOpcode() instanceof Opcode::CompareNE } + CompareNEInstruction() { this.getOpcode() instanceof Opcode::CompareNE } } /** * An instruction that does a relative comparison of two values, such as `<` or `>=`. */ class RelationalInstruction extends CompareInstruction { - RelationalInstruction() { getOpcode() instanceof RelationalOpcode } + RelationalInstruction() { this.getOpcode() instanceof RelationalOpcode } /** * Gets the operand on the "greater" (or "greater-or-equal") side @@ -1467,11 +1482,11 @@ class RelationalInstruction extends CompareInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLTInstruction extends RelationalInstruction { - CompareLTInstruction() { getOpcode() instanceof Opcode::CompareLT } + CompareLTInstruction() { this.getOpcode() instanceof Opcode::CompareLT } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { any() } } @@ -1484,11 +1499,11 @@ class CompareLTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGTInstruction extends RelationalInstruction { - CompareGTInstruction() { getOpcode() instanceof Opcode::CompareGT } + CompareGTInstruction() { this.getOpcode() instanceof Opcode::CompareGT } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { any() } } @@ -1502,11 +1517,11 @@ class CompareGTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLEInstruction extends RelationalInstruction { - CompareLEInstruction() { getOpcode() instanceof Opcode::CompareLE } + CompareLEInstruction() { this.getOpcode() instanceof Opcode::CompareLE } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { none() } } @@ -1520,11 +1535,11 @@ class CompareLEInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGEInstruction extends RelationalInstruction { - CompareGEInstruction() { getOpcode() instanceof Opcode::CompareGE } + CompareGEInstruction() { this.getOpcode() instanceof Opcode::CompareGE } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { none() } } @@ -1543,78 +1558,78 @@ class CompareGEInstruction extends RelationalInstruction { * of any case edge. */ class SwitchInstruction extends Instruction { - SwitchInstruction() { getOpcode() instanceof Opcode::Switch } + SwitchInstruction() { this.getOpcode() instanceof Opcode::Switch } /** Gets the operand that provides the integer value controlling the switch. */ - final ConditionOperand getExpressionOperand() { result = getAnOperand() } + final ConditionOperand getExpressionOperand() { result = this.getAnOperand() } /** Gets the instruction whose result provides the integer value controlling the switch. */ - final Instruction getExpression() { result = getExpressionOperand().getDef() } + final Instruction getExpression() { result = this.getExpressionOperand().getDef() } /** Gets the successor instructions along the case edges of the switch. */ - final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = getSuccessor(edge)) } + final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = this.getSuccessor(edge)) } /** Gets the successor instruction along the default edge of the switch, if any. */ - final Instruction getDefaultSuccessor() { result = getSuccessor(EdgeKind::defaultEdge()) } + final Instruction getDefaultSuccessor() { result = this.getSuccessor(EdgeKind::defaultEdge()) } } /** * An instruction that calls a function. */ class CallInstruction extends Instruction { - CallInstruction() { getOpcode() instanceof Opcode::Call } + CallInstruction() { this.getOpcode() instanceof Opcode::Call } final override string getImmediateString() { - result = getStaticCallTarget().toString() + result = this.getStaticCallTarget().toString() or - not exists(getStaticCallTarget()) and result = "?" + not exists(this.getStaticCallTarget()) and result = "?" } /** * Gets the operand the specifies the target function of the call. */ - final CallTargetOperand getCallTargetOperand() { result = getAnOperand() } + final CallTargetOperand getCallTargetOperand() { result = this.getAnOperand() } /** * Gets the `Instruction` that computes the target function of the call. This is usually a * `FunctionAddress` instruction, but can also be an arbitrary instruction that produces a * function pointer. */ - final Instruction getCallTarget() { result = getCallTargetOperand().getDef() } + final Instruction getCallTarget() { result = this.getCallTargetOperand().getDef() } /** * Gets all of the argument operands of the call, including the `this` pointer, if any. */ - final ArgumentOperand getAnArgumentOperand() { result = getAnOperand() } + final ArgumentOperand getAnArgumentOperand() { result = this.getAnOperand() } /** * Gets the `Function` that the call targets, if this is statically known. */ final Language::Function getStaticCallTarget() { - result = getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() + result = this.getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() } /** * Gets all of the arguments of the call, including the `this` pointer, if any. */ - final Instruction getAnArgument() { result = getAnArgumentOperand().getDef() } + final Instruction getAnArgument() { result = this.getAnArgumentOperand().getDef() } /** * Gets the `this` pointer argument operand of the call, if any. */ - final ThisArgumentOperand getThisArgumentOperand() { result = getAnOperand() } + final ThisArgumentOperand getThisArgumentOperand() { result = this.getAnOperand() } /** * Gets the `this` pointer argument of the call, if any. */ - final Instruction getThisArgument() { result = getThisArgumentOperand().getDef() } + final Instruction getThisArgument() { result = this.getThisArgumentOperand().getDef() } /** * Gets the argument operand at the specified index. */ pragma[noinline] final PositionalArgumentOperand getPositionalArgumentOperand(int index) { - result = getAnOperand() and + result = this.getAnOperand() and result.getIndex() = index } @@ -1623,7 +1638,7 @@ class CallInstruction extends Instruction { */ pragma[noinline] final Instruction getPositionalArgument(int index) { - result = getPositionalArgumentOperand(index).getDef() + result = this.getPositionalArgumentOperand(index).getDef() } /** @@ -1631,16 +1646,16 @@ class CallInstruction extends Instruction { */ pragma[noinline] final ArgumentOperand getArgumentOperand(int index) { - index >= 0 and result = getPositionalArgumentOperand(index) + index >= 0 and result = this.getPositionalArgumentOperand(index) or - index = -1 and result = getThisArgumentOperand() + index = -1 and result = this.getThisArgumentOperand() } /** * Gets the argument at the specified index, or `this` if `index` is `-1`. */ pragma[noinline] - final Instruction getArgument(int index) { result = getArgumentOperand(index).getDef() } + final Instruction getArgument(int index) { result = this.getArgumentOperand(index).getDef() } /** * Gets the number of arguments of the call, including the `this` pointer, if any. @@ -1665,7 +1680,7 @@ class CallInstruction extends Instruction { * An instruction representing a side effect of a function call. */ class SideEffectInstruction extends Instruction { - SideEffectInstruction() { getOpcode() instanceof SideEffectOpcode } + SideEffectInstruction() { this.getOpcode() instanceof SideEffectOpcode } /** * Gets the instruction whose execution causes this side effect. @@ -1680,7 +1695,7 @@ class SideEffectInstruction extends Instruction { * accessed by that call. */ class CallSideEffectInstruction extends SideEffectInstruction { - CallSideEffectInstruction() { getOpcode() instanceof Opcode::CallSideEffect } + CallSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallSideEffect } } /** @@ -1691,7 +1706,7 @@ class CallSideEffectInstruction extends SideEffectInstruction { * call target cannot write to escaped memory. */ class CallReadSideEffectInstruction extends SideEffectInstruction { - CallReadSideEffectInstruction() { getOpcode() instanceof Opcode::CallReadSideEffect } + CallReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallReadSideEffect } } /** @@ -1699,33 +1714,33 @@ class CallReadSideEffectInstruction extends SideEffectInstruction { * specific parameter. */ class ReadSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - ReadSideEffectInstruction() { getOpcode() instanceof ReadSideEffectOpcode } + ReadSideEffectInstruction() { this.getOpcode() instanceof ReadSideEffectOpcode } /** Gets the operand for the value that will be read from this instruction, if known. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** Gets the value that will be read from this instruction, if known. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** Gets the operand for the address from which this instruction may read. */ - final AddressOperand getArgumentOperand() { result = getAnOperand() } + final AddressOperand getArgumentOperand() { result = this.getAnOperand() } /** Gets the address from which this instruction may read. */ - final Instruction getArgumentDef() { result = getArgumentOperand().getDef() } + final Instruction getArgumentDef() { result = this.getArgumentOperand().getDef() } } /** * An instruction representing the read of an indirect parameter within a function call. */ class IndirectReadSideEffectInstruction extends ReadSideEffectInstruction { - IndirectReadSideEffectInstruction() { getOpcode() instanceof Opcode::IndirectReadSideEffect } + IndirectReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::IndirectReadSideEffect } } /** * An instruction representing the read of an indirect buffer parameter within a function call. */ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { - BufferReadSideEffectInstruction() { getOpcode() instanceof Opcode::BufferReadSideEffect } + BufferReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::BufferReadSideEffect } } /** @@ -1733,18 +1748,18 @@ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { */ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { SizedBufferReadSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferReadSideEffect + this.getOpcode() instanceof Opcode::SizedBufferReadSideEffect } /** * Gets the operand that holds the number of bytes read from the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes read from the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1752,17 +1767,17 @@ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { * specific parameter. */ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - WriteSideEffectInstruction() { getOpcode() instanceof WriteSideEffectOpcode } + WriteSideEffectInstruction() { this.getOpcode() instanceof WriteSideEffectOpcode } /** * Get the operand that holds the address of the memory to be written. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the memory to be written. */ - Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + Instruction getDestinationAddress() { result = this.getDestinationAddressOperand().getDef() } } /** @@ -1770,7 +1785,7 @@ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstructi */ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMustWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMustWriteSideEffect } } @@ -1780,7 +1795,7 @@ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction */ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { BufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::BufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::BufferMustWriteSideEffect } } @@ -1790,18 +1805,18 @@ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1812,7 +1827,7 @@ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstructi */ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMayWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMayWriteSideEffect } } @@ -1822,7 +1837,9 @@ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { * Unlike `BufferWriteSideEffectInstruction`, the buffer might not be completely overwritten. */ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { - BufferMayWriteSideEffectInstruction() { getOpcode() instanceof Opcode::BufferMayWriteSideEffect } + BufferMayWriteSideEffectInstruction() { + this.getOpcode() instanceof Opcode::BufferMayWriteSideEffect + } } /** @@ -1832,18 +1849,18 @@ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1852,80 +1869,80 @@ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstructio */ class InitializeDynamicAllocationInstruction extends SideEffectInstruction { InitializeDynamicAllocationInstruction() { - getOpcode() instanceof Opcode::InitializeDynamicAllocation + this.getOpcode() instanceof Opcode::InitializeDynamicAllocation } /** * Gets the operand that represents the address of the allocation this instruction is initializing. */ - final AddressOperand getAllocationAddressOperand() { result = getAnOperand() } + final AddressOperand getAllocationAddressOperand() { result = this.getAnOperand() } /** * Gets the address for the allocation this instruction is initializing. */ - final Instruction getAllocationAddress() { result = getAllocationAddressOperand().getDef() } + final Instruction getAllocationAddress() { result = this.getAllocationAddressOperand().getDef() } } /** * An instruction representing a GNU or MSVC inline assembly statement. */ class InlineAsmInstruction extends Instruction { - InlineAsmInstruction() { getOpcode() instanceof Opcode::InlineAsm } + InlineAsmInstruction() { this.getOpcode() instanceof Opcode::InlineAsm } } /** * An instruction that throws an exception. */ class ThrowInstruction extends Instruction { - ThrowInstruction() { getOpcode() instanceof ThrowOpcode } + ThrowInstruction() { this.getOpcode() instanceof ThrowOpcode } } /** * An instruction that throws a new exception. */ class ThrowValueInstruction extends ThrowInstruction { - ThrowValueInstruction() { getOpcode() instanceof Opcode::ThrowValue } + ThrowValueInstruction() { this.getOpcode() instanceof Opcode::ThrowValue } /** * Gets the address operand of the exception thrown by this instruction. */ - final AddressOperand getExceptionAddressOperand() { result = getAnOperand() } + final AddressOperand getExceptionAddressOperand() { result = this.getAnOperand() } /** * Gets the address of the exception thrown by this instruction. */ - final Instruction getExceptionAddress() { result = getExceptionAddressOperand().getDef() } + final Instruction getExceptionAddress() { result = this.getExceptionAddressOperand().getDef() } /** * Gets the operand for the exception thrown by this instruction. */ - final LoadOperand getExceptionOperand() { result = getAnOperand() } + final LoadOperand getExceptionOperand() { result = this.getAnOperand() } /** * Gets the exception thrown by this instruction. */ - final Instruction getException() { result = getExceptionOperand().getDef() } + final Instruction getException() { result = this.getExceptionOperand().getDef() } } /** * An instruction that re-throws the current exception. */ class ReThrowInstruction extends ThrowInstruction { - ReThrowInstruction() { getOpcode() instanceof Opcode::ReThrow } + ReThrowInstruction() { this.getOpcode() instanceof Opcode::ReThrow } } /** * An instruction that exits the current function by propagating an exception. */ class UnwindInstruction extends Instruction { - UnwindInstruction() { getOpcode() instanceof Opcode::Unwind } + UnwindInstruction() { this.getOpcode() instanceof Opcode::Unwind } } /** * An instruction that starts a `catch` handler. */ class CatchInstruction extends Instruction { - CatchInstruction() { getOpcode() instanceof CatchOpcode } + CatchInstruction() { this.getOpcode() instanceof CatchOpcode } } /** @@ -1935,7 +1952,7 @@ class CatchByTypeInstruction extends CatchInstruction { Language::LanguageType exceptionType; CatchByTypeInstruction() { - getOpcode() instanceof Opcode::CatchByType and + this.getOpcode() instanceof Opcode::CatchByType and exceptionType = Raw::getInstructionExceptionType(this) } @@ -1951,21 +1968,21 @@ class CatchByTypeInstruction extends CatchInstruction { * An instruction that catches any exception. */ class CatchAnyInstruction extends CatchInstruction { - CatchAnyInstruction() { getOpcode() instanceof Opcode::CatchAny } + CatchAnyInstruction() { this.getOpcode() instanceof Opcode::CatchAny } } /** * An instruction that initializes all escaped memory. */ class AliasedDefinitionInstruction extends Instruction { - AliasedDefinitionInstruction() { getOpcode() instanceof Opcode::AliasedDefinition } + AliasedDefinitionInstruction() { this.getOpcode() instanceof Opcode::AliasedDefinition } } /** * An instruction that consumes all escaped memory on exit from the function. */ class AliasedUseInstruction extends Instruction { - AliasedUseInstruction() { getOpcode() instanceof Opcode::AliasedUse } + AliasedUseInstruction() { this.getOpcode() instanceof Opcode::AliasedUse } } /** @@ -1979,7 +1996,7 @@ class AliasedUseInstruction extends Instruction { * runtime. */ class PhiInstruction extends Instruction { - PhiInstruction() { getOpcode() instanceof Opcode::Phi } + PhiInstruction() { this.getOpcode() instanceof Opcode::Phi } /** * Gets all of the instruction's `PhiInputOperand`s, representing the values that flow from each predecessor block. @@ -2047,29 +2064,29 @@ class PhiInstruction extends Instruction { * https://link.springer.com/content/pdf/10.1007%2F3-540-61053-7_66.pdf. */ class ChiInstruction extends Instruction { - ChiInstruction() { getOpcode() instanceof Opcode::Chi } + ChiInstruction() { this.getOpcode() instanceof Opcode::Chi } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final ChiTotalOperand getTotalOperand() { result = getAnOperand() } + final ChiTotalOperand getTotalOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final Instruction getTotal() { result = getTotalOperand().getDef() } + final Instruction getTotal() { result = this.getTotalOperand().getDef() } /** * Gets the operand that represents the new value written by the memory write. */ - final ChiPartialOperand getPartialOperand() { result = getAnOperand() } + final ChiPartialOperand getPartialOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the new value written by the memory write. */ - final Instruction getPartial() { result = getPartialOperand().getDef() } + final Instruction getPartial() { result = this.getPartialOperand().getDef() } /** * Gets the bit range `[startBit, endBit)` updated by the partial operand of this `ChiInstruction`, relative to the start address of the total operand. @@ -2093,7 +2110,7 @@ class ChiInstruction extends Instruction { * or `Switch` instruction where that particular edge is infeasible. */ class UnreachedInstruction extends Instruction { - UnreachedInstruction() { getOpcode() instanceof Opcode::Unreached } + UnreachedInstruction() { this.getOpcode() instanceof Opcode::Unreached } } /** @@ -2106,7 +2123,7 @@ class BuiltInOperationInstruction extends Instruction { Language::BuiltInOperation operation; BuiltInOperationInstruction() { - getOpcode() instanceof BuiltInOperationOpcode and + this.getOpcode() instanceof BuiltInOperationOpcode and operation = Raw::getInstructionBuiltInOperation(this) } @@ -2122,9 +2139,9 @@ class BuiltInOperationInstruction extends Instruction { * actual operation is specified by the `getBuiltInOperation()` predicate. */ class BuiltInInstruction extends BuiltInOperationInstruction { - BuiltInInstruction() { getOpcode() instanceof Opcode::BuiltIn } + BuiltInInstruction() { this.getOpcode() instanceof Opcode::BuiltIn } - final override string getImmediateString() { result = getBuiltInOperation().toString() } + final override string getImmediateString() { result = this.getBuiltInOperation().toString() } } /** @@ -2135,7 +2152,7 @@ class BuiltInInstruction extends BuiltInOperationInstruction { * to the `...` parameter. */ class VarArgsStartInstruction extends UnaryInstruction { - VarArgsStartInstruction() { getOpcode() instanceof Opcode::VarArgsStart } + VarArgsStartInstruction() { this.getOpcode() instanceof Opcode::VarArgsStart } } /** @@ -2145,7 +2162,7 @@ class VarArgsStartInstruction extends UnaryInstruction { * a result. */ class VarArgsEndInstruction extends UnaryInstruction { - VarArgsEndInstruction() { getOpcode() instanceof Opcode::VarArgsEnd } + VarArgsEndInstruction() { this.getOpcode() instanceof Opcode::VarArgsEnd } } /** @@ -2155,7 +2172,7 @@ class VarArgsEndInstruction extends UnaryInstruction { * argument. */ class VarArgInstruction extends UnaryInstruction { - VarArgInstruction() { getOpcode() instanceof Opcode::VarArg } + VarArgInstruction() { this.getOpcode() instanceof Opcode::VarArg } } /** @@ -2166,7 +2183,7 @@ class VarArgInstruction extends UnaryInstruction { * argument of the `...` parameter. */ class NextVarArgInstruction extends UnaryInstruction { - NextVarArgInstruction() { getOpcode() instanceof Opcode::NextVarArg } + NextVarArgInstruction() { this.getOpcode() instanceof Opcode::NextVarArg } } /** @@ -2180,5 +2197,5 @@ class NextVarArgInstruction extends UnaryInstruction { * The result is the address of the newly allocated object. */ class NewObjInstruction extends Instruction { - NewObjInstruction() { getOpcode() instanceof Opcode::NewObj } + NewObjInstruction() { this.getOpcode() instanceof Opcode::NewObj } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll index d7cf89ca9aa..85d217bd361 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll @@ -46,12 +46,12 @@ class Operand extends TStageOperand { /** * Gets the location of the source code for this operand. */ - final Language::Location getLocation() { result = getUse().getLocation() } + final Language::Location getLocation() { result = this.getUse().getLocation() } /** * Gets the function that contains this operand. */ - final IRFunction getEnclosingIRFunction() { result = getUse().getEnclosingIRFunction() } + final IRFunction getEnclosingIRFunction() { result = this.getUse().getEnclosingIRFunction() } /** * Gets the `Instruction` that consumes this operand. @@ -74,7 +74,7 @@ class Operand extends TStageOperand { */ final Instruction getDef() { result = this.getAnyDef() and - getDefinitionOverlap() instanceof MustExactlyOverlap + this.getDefinitionOverlap() instanceof MustExactlyOverlap } /** @@ -82,7 +82,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` that consumes this operand. */ - deprecated final Instruction getUseInstruction() { result = getUse() } + deprecated final Instruction getUseInstruction() { result = this.getUse() } /** * DEPRECATED: use `getAnyDef` or `getDef`. The exact replacement for this @@ -91,7 +91,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` whose result is the value of the operand. */ - deprecated final Instruction getDefinitionInstruction() { result = getAnyDef() } + deprecated final Instruction getDefinitionInstruction() { result = this.getAnyDef() } /** * Gets the overlap relationship between the operand's definition and its use. @@ -101,7 +101,9 @@ class Operand extends TStageOperand { /** * Holds if the result of the definition instruction does not exactly overlap this use. */ - final predicate isDefinitionInexact() { not getDefinitionOverlap() instanceof MustExactlyOverlap } + final predicate isDefinitionInexact() { + not this.getDefinitionOverlap() instanceof MustExactlyOverlap + } /** * Gets a prefix to use when dumping the operand in an operand list. @@ -121,7 +123,7 @@ class Operand extends TStageOperand { * For example: `this:r3_5` */ final string getDumpString() { - result = getDumpLabel() + getInexactSpecifier() + getDefinitionId() + result = this.getDumpLabel() + this.getInexactSpecifier() + this.getDefinitionId() } /** @@ -129,9 +131,9 @@ class Operand extends TStageOperand { * definition is not modeled in SSA. */ private string getDefinitionId() { - result = getAnyDef().getResultId() + result = this.getAnyDef().getResultId() or - not exists(getAnyDef()) and result = "m?" + not exists(this.getAnyDef()) and result = "m?" } /** @@ -140,7 +142,7 @@ class Operand extends TStageOperand { * the empty string. */ private string getInexactSpecifier() { - if isDefinitionInexact() then result = "~" else result = "" + if this.isDefinitionInexact() then result = "~" else result = "" } /** @@ -155,7 +157,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - Language::LanguageType getLanguageType() { result = getAnyDef().getResultLanguageType() } + Language::LanguageType getLanguageType() { result = this.getAnyDef().getResultLanguageType() } /** * Gets the language-neutral type of the value consumed by this operand. This is usually the same @@ -164,7 +166,7 @@ class Operand extends TStageOperand { * from the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the value consumed by this operand. This is usually the same as the @@ -173,7 +175,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final Language::Type getType() { getLanguageType().hasType(result, _) } + final Language::Type getType() { this.getLanguageType().hasType(result, _) } /** * Holds if the value consumed by this operand is a glvalue. If this @@ -182,13 +184,13 @@ class Operand extends TStageOperand { * not hold, the value of the operand represents a value whose type is * given by `getType()`. */ - final predicate isGLValue() { getLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getLanguageType().hasType(_, true) } /** * Gets the size of the value consumed by this operand, in bytes. If the operand does not have * a known constant size, this predicate does not hold. */ - final int getSize() { result = getLanguageType().getByteSize() } + final int getSize() { result = this.getLanguageType().getByteSize() } } /** @@ -205,7 +207,7 @@ class MemoryOperand extends Operand { /** * Gets the kind of memory access performed by the operand. */ - MemoryAccessKind getMemoryAccess() { result = getUse().getOpcode().getReadMemoryAccess() } + MemoryAccessKind getMemoryAccess() { result = this.getUse().getOpcode().getReadMemoryAccess() } /** * Holds if the memory access performed by this operand will not always read from every bit in the @@ -215,7 +217,7 @@ class MemoryOperand extends Operand { * conservative estimate of the memory that might actually be accessed at runtime (for example, * the global side effects of a function call). */ - predicate hasMayReadMemoryAccess() { getUse().getOpcode().hasMayReadMemoryAccess() } + predicate hasMayReadMemoryAccess() { this.getUse().getOpcode().hasMayReadMemoryAccess() } /** * Returns the operand that holds the memory address from which the current operand loads its @@ -223,8 +225,8 @@ class MemoryOperand extends Operand { * is `r1`. */ final AddressOperand getAddressOperand() { - getMemoryAccess().usesAddressOperand() and - result.getUse() = getUse() + this.getMemoryAccess().usesAddressOperand() and + result.getUse() = this.getUse() } } @@ -294,7 +296,7 @@ class NonPhiMemoryOperand extends NonPhiOperand, MemoryOperand, TNonPhiMemoryOpe result = unique(Instruction defInstr | hasDefinition(defInstr, _)) } - final override Overlap getDefinitionOverlap() { hasDefinition(_, result) } + final override Overlap getDefinitionOverlap() { this.hasDefinition(_, result) } pragma[noinline] private predicate hasDefinition(Instruction defInstr, Overlap overlap) { @@ -449,13 +451,17 @@ class PhiInputOperand extends MemoryOperand, TPhiOperand { final override Overlap getDefinitionOverlap() { result = overlap } - final override int getDumpSortOrder() { result = 11 + getPredecessorBlock().getDisplayIndex() } - - final override string getDumpLabel() { - result = "from " + getPredecessorBlock().getDisplayIndex().toString() + ":" + final override int getDumpSortOrder() { + result = 11 + this.getPredecessorBlock().getDisplayIndex() } - final override string getDumpId() { result = getPredecessorBlock().getDisplayIndex().toString() } + final override string getDumpLabel() { + result = "from " + this.getPredecessorBlock().getDisplayIndex().toString() + ":" + } + + final override string getDumpId() { + result = this.getPredecessorBlock().getDisplayIndex().toString() + } /** * Gets the predecessor block from which this value comes. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerInterval.qll b/cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerInterval.qll index cd12b9b627a..4f8f4b4e672 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerInterval.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerInterval.qll @@ -18,10 +18,11 @@ Overlap getOverlap(IntValue defStart, IntValue defEnd, IntValue useStart, IntVal else if isLE(defStart, useStart) and isGE(defEnd, useEnd) then result instanceof MustTotallyOverlap - else - if isLE(defEnd, useStart) or isGE(defStart, useEnd) - then none() - else result instanceof MayPartiallyOverlap + else ( + not isLE(defEnd, useStart) and + not isGE(defStart, useEnd) and + result instanceof MayPartiallyOverlap + ) } /** diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll index 25dae1c2fd1..b91eff2b3d9 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll @@ -56,7 +56,7 @@ private class MallocAllocationFunction extends AllocationFunction { ]) and sizeArg = 1 or - hasGlobalName(["HeapAlloc"]) and // HeapAlloc(heap, flags, size) + hasGlobalName("HeapAlloc") and // HeapAlloc(heap, flags, size) sizeArg = 2 or hasGlobalName([ diff --git a/cpp/ql/lib/semmle/code/cpp/security/BufferWrite.qll b/cpp/ql/lib/semmle/code/cpp/security/BufferWrite.qll index 2726b2eca00..e5d892eb4cd 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/BufferWrite.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/BufferWrite.qll @@ -365,7 +365,7 @@ class GetsBW extends BufferWriteCall { /** * Gets the index of the parameter that is the maximum number of characters to be read. */ - int getParamSize() { if exists(getArgument(1)) then result = 1 else none() } + int getParamSize() { exists(getArgument(1)) and result = 1 } override Type getBufferType() { result = this.getTarget().getParameter(0).getUnspecifiedType() } diff --git a/cpp/ql/lib/tutorial.qll b/cpp/ql/lib/tutorial.qll new file mode 100644 index 00000000000..8cb1797a532 --- /dev/null +++ b/cpp/ql/lib/tutorial.qll @@ -0,0 +1,1207 @@ +/** + * This library is used in the QL detective tutorials. + * + * Note: Data is usually stored in a separate database and the QL libraries only contain predicates, + * but for this tutorial both the data and the predicates are stored in the library. + */ +class Person extends string { + Person() { + this = "Ronil" or + this = "Dina" or + this = "Ravi" or + this = "Bruce" or + this = "Jo" or + this = "Aida" or + this = "Esme" or + this = "Charlie" or + this = "Fred" or + this = "Meera" or + this = "Maya" or + this = "Chad" or + this = "Tiana" or + this = "Laura" or + this = "George" or + this = "Will" or + this = "Mary" or + this = "Almira" or + this = "Susannah" or + this = "Rhoda" or + this = "Cynthia" or + this = "Eunice" or + this = "Olive" or + this = "Virginia" or + this = "Angeline" or + this = "Helen" or + this = "Cornelia" or + this = "Harriet" or + this = "Mahala" or + this = "Abby" or + this = "Margaret" or + this = "Deb" or + this = "Minerva" or + this = "Severus" or + this = "Lavina" or + this = "Adeline" or + this = "Cath" or + this = "Elisa" or + this = "Lucretia" or + this = "Anne" or + this = "Eleanor" or + this = "Joanna" or + this = "Adam" or + this = "Agnes" or + this = "Rosanna" or + this = "Clara" or + this = "Melissa" or + this = "Amy" or + this = "Isabel" or + this = "Jemima" or + this = "Cordelia" or + this = "Melinda" or + this = "Delila" or + this = "Jeremiah" or + this = "Elijah" or + this = "Hester" or + this = "Walter" or + this = "Oliver" or + this = "Hugh" or + this = "Aaron" or + this = "Reuben" or + this = "Eli" or + this = "Amos" or + this = "Augustus" or + this = "Theodore" or + this = "Ira" or + this = "Timothy" or + this = "Cyrus" or + this = "Horace" or + this = "Simon" or + this = "Asa" or + this = "Frank" or + this = "Nelson" or + this = "Leonard" or + this = "Harrison" or + this = "Anthony" or + this = "Louis" or + this = "Milton" or + this = "Noah" or + this = "Cornelius" or + this = "Abdul" or + this = "Warren" or + this = "Harvey" or + this = "Dennis" or + this = "Wesley" or + this = "Sylvester" or + this = "Gilbert" or + this = "Sullivan" or + this = "Edmund" or + this = "Wilson" or + this = "Perry" or + this = "Matthew" or + this = "Simba" or + this = "Nala" or + this = "Rafiki" or + this = "Shenzi" or + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Edwin" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" or + this = "Stephen" + } + + /** Gets the hair color of the person. If the person is bald, there is no result. */ + string getHairColor() { + this = "Ronil" and result = "black" + or + this = "Dina" and result = "black" + or + this = "Ravi" and result = "black" + or + this = "Bruce" and result = "brown" + or + this = "Jo" and result = "red" + or + this = "Aida" and result = "blond" + or + this = "Esme" and result = "blond" + or + this = "Fred" and result = "gray" + or + this = "Meera" and result = "brown" + or + this = "Maya" and result = "brown" + or + this = "Chad" and result = "brown" + or + this = "Tiana" and result = "black" + or + this = "Laura" and result = "blond" + or + this = "George" and result = "blond" + or + this = "Will" and result = "blond" + or + this = "Mary" and result = "blond" + or + this = "Almira" and result = "black" + or + this = "Susannah" and result = "blond" + or + this = "Rhoda" and result = "blond" + or + this = "Cynthia" and result = "gray" + or + this = "Eunice" and result = "white" + or + this = "Olive" and result = "brown" + or + this = "Virginia" and result = "brown" + or + this = "Angeline" and result = "red" + or + this = "Helen" and result = "white" + or + this = "Cornelia" and result = "gray" + or + this = "Harriet" and result = "white" + or + this = "Mahala" and result = "black" + or + this = "Abby" and result = "red" + or + this = "Margaret" and result = "brown" + or + this = "Deb" and result = "brown" + or + this = "Minerva" and result = "brown" + or + this = "Severus" and result = "black" + or + this = "Lavina" and result = "brown" + or + this = "Adeline" and result = "brown" + or + this = "Cath" and result = "brown" + or + this = "Elisa" and result = "brown" + or + this = "Lucretia" and result = "gray" + or + this = "Anne" and result = "black" + or + this = "Eleanor" and result = "brown" + or + this = "Joanna" and result = "brown" + or + this = "Adam" and result = "black" + or + this = "Agnes" and result = "black" + or + this = "Rosanna" and result = "gray" + or + this = "Clara" and result = "blond" + or + this = "Melissa" and result = "brown" + or + this = "Amy" and result = "brown" + or + this = "Isabel" and result = "black" + or + this = "Jemima" and result = "red" + or + this = "Cordelia" and result = "red" + or + this = "Melinda" and result = "gray" + or + this = "Delila" and result = "white" + or + this = "Jeremiah" and result = "gray" + or + this = "Hester" and result = "black" + or + this = "Walter" and result = "black" + or + this = "Aaron" and result = "gray" + or + this = "Reuben" and result = "gray" + or + this = "Eli" and result = "gray" + or + this = "Amos" and result = "white" + or + this = "Augustus" and result = "white" + or + this = "Theodore" and result = "white" + or + this = "Timothy" and result = "brown" + or + this = "Cyrus" and result = "brown" + or + this = "Horace" and result = "brown" + or + this = "Simon" and result = "brown" + or + this = "Asa" and result = "brown" + or + this = "Frank" and result = "brown" + or + this = "Nelson" and result = "black" + or + this = "Leonard" and result = "black" + or + this = "Harrison" and result = "black" + or + this = "Anthony" and result = "black" + or + this = "Louis" and result = "black" + or + this = "Milton" and result = "blond" + or + this = "Noah" and result = "blond" + or + this = "Cornelius" and result = "red" + or + this = "Abdul" and result = "brown" + or + this = "Warren" and result = "red" + or + this = "Harvey" and result = "blond" + or + this = "Dennis" and result = "blond" + or + this = "Wesley" and result = "brown" + or + this = "Sylvester" and result = "brown" + or + this = "Gilbert" and result = "brown" + or + this = "Sullivan" and result = "brown" + or + this = "Edmund" and result = "brown" + or + this = "Wilson" and result = "blond" + or + this = "Perry" and result = "black" + or + this = "Simba" and result = "brown" + or + this = "Nala" and result = "brown" + or + this = "Rafiki" and result = "red" + or + this = "Shenzi" and result = "gray" + or + this = "Ernest" and result = "blond" + or + this = "Gertrude" and result = "brown" + or + this = "Oscar" and result = "blond" + or + this = "Lilian" and result = "brown" + or + this = "Raymond" and result = "brown" + or + this = "Elgar" and result = "brown" + or + this = "Elmer" and result = "brown" + or + this = "Herbert" and result = "brown" + or + this = "Maude" and result = "brown" + or + this = "Mae" and result = "brown" + or + this = "Otto" and result = "black" + or + this = "Edwin" and result = "black" + or + this = "Ophelia" and result = "brown" + or + this = "Parsley" and result = "brown" + or + this = "Sage" and result = "brown" + or + this = "Rosemary" and result = "brown" + or + this = "Thyme" and result = "brown" + or + this = "Garfunkel" and result = "brown" + or + this = "King Basil" and result = "brown" + or + this = "Stephen" and result = "black" + or + this = "Stephen" and result = "gray" + } + + /** Gets the age of the person (in years). If the person is deceased, there is no result. */ + int getAge() { + this = "Ronil" and result = 21 + or + this = "Dina" and result = 53 + or + this = "Ravi" and result = 16 + or + this = "Bruce" and result = 35 + or + this = "Jo" and result = 47 + or + this = "Aida" and result = 26 + or + this = "Esme" and result = 25 + or + this = "Charlie" and result = 31 + or + this = "Fred" and result = 68 + or + this = "Meera" and result = 62 + or + this = "Maya" and result = 29 + or + this = "Chad" and result = 49 + or + this = "Tiana" and result = 18 + or + this = "Laura" and result = 2 + or + this = "George" and result = 3 + or + this = "Will" and result = 41 + or + this = "Mary" and result = 51 + or + this = "Almira" and result = 1 + or + this = "Susannah" and result = 97 + or + this = "Rhoda" and result = 39 + or + this = "Cynthia" and result = 89 + or + this = "Eunice" and result = 83 + or + this = "Olive" and result = 25 + or + this = "Virginia" and result = 52 + or + this = "Angeline" and result = 22 + or + this = "Helen" and result = 79 + or + this = "Cornelia" and result = 59 + or + this = "Harriet" and result = 57 + or + this = "Mahala" and result = 61 + or + this = "Abby" and result = 24 + or + this = "Margaret" and result = 59 + or + this = "Deb" and result = 31 + or + this = "Minerva" and result = 72 + or + this = "Severus" and result = 61 + or + this = "Lavina" and result = 33 + or + this = "Adeline" and result = 17 + or + this = "Cath" and result = 22 + or + this = "Elisa" and result = 9 + or + this = "Lucretia" and result = 56 + or + this = "Anne" and result = 11 + or + this = "Eleanor" and result = 80 + or + this = "Joanna" and result = 43 + or + this = "Adam" and result = 37 + or + this = "Agnes" and result = 47 + or + this = "Rosanna" and result = 61 + or + this = "Clara" and result = 31 + or + this = "Melissa" and result = 37 + or + this = "Amy" and result = 12 + or + this = "Isabel" and result = 6 + or + this = "Jemima" and result = 16 + or + this = "Cordelia" and result = 21 + or + this = "Melinda" and result = 55 + or + this = "Delila" and result = 66 + or + this = "Jeremiah" and result = 54 + or + this = "Elijah" and result = 42 + or + this = "Hester" and result = 68 + or + this = "Walter" and result = 66 + or + this = "Oliver" and result = 33 + or + this = "Hugh" and result = 51 + or + this = "Aaron" and result = 49 + or + this = "Reuben" and result = 58 + or + this = "Eli" and result = 70 + or + this = "Amos" and result = 65 + or + this = "Augustus" and result = 56 + or + this = "Theodore" and result = 69 + or + this = "Ira" and result = 1 + or + this = "Timothy" and result = 54 + or + this = "Cyrus" and result = 78 + or + this = "Horace" and result = 34 + or + this = "Simon" and result = 23 + or + this = "Asa" and result = 28 + or + this = "Frank" and result = 59 + or + this = "Nelson" and result = 38 + or + this = "Leonard" and result = 58 + or + this = "Harrison" and result = 7 + or + this = "Anthony" and result = 2 + or + this = "Louis" and result = 34 + or + this = "Milton" and result = 36 + or + this = "Noah" and result = 48 + or + this = "Cornelius" and result = 41 + or + this = "Abdul" and result = 67 + or + this = "Warren" and result = 47 + or + this = "Harvey" and result = 31 + or + this = "Dennis" and result = 39 + or + this = "Wesley" and result = 13 + or + this = "Sylvester" and result = 19 + or + this = "Gilbert" and result = 16 + or + this = "Sullivan" and result = 17 + or + this = "Edmund" and result = 29 + or + this = "Wilson" and result = 27 + or + this = "Perry" and result = 31 + or + this = "Matthew" and result = 55 + or + this = "Simba" and result = 8 + or + this = "Nala" and result = 7 + or + this = "Rafiki" and result = 76 + or + this = "Shenzi" and result = 67 + } + + /** Gets the height of the person (in cm). If the person is deceased, there is no result. */ + float getHeight() { + this = "Ronil" and result = 183.0 + or + this = "Dina" and result = 155.1 + or + this = "Ravi" and result = 175.2 + or + this = "Bruce" and result = 191.3 + or + this = "Jo" and result = 163.4 + or + this = "Aida" and result = 182.6 + or + this = "Esme" and result = 176.9 + or + this = "Charlie" and result = 189.7 + or + this = "Fred" and result = 179.4 + or + this = "Meera" and result = 160.1 + or + this = "Maya" and result = 153.0 + or + this = "Chad" and result = 168.5 + or + this = "Tiana" and result = 149.7 + or + this = "Laura" and result = 87.5 + or + this = "George" and result = 96.4 + or + this = "Will" and result = 167.1 + or + this = "Mary" and result = 159.8 + or + this = "Almira" and result = 62.1 + or + this = "Susannah" and result = 145.8 + or + this = "Rhoda" and result = 180.1 + or + this = "Cynthia" and result = 161.8 + or + this = "Eunice" and result = 153.2 + or + this = "Olive" and result = 179.9 + or + this = "Virginia" and result = 165.1 + or + this = "Angeline" and result = 172.3 + or + this = "Helen" and result = 163.1 + or + this = "Cornelia" and result = 160.8 + or + this = "Harriet" and result = 163.2 + or + this = "Mahala" and result = 157.7 + or + this = "Abby" and result = 174.5 + or + this = "Margaret" and result = 165.6 + or + this = "Deb" and result = 171.6 + or + this = "Minerva" and result = 168.7 + or + this = "Severus" and result = 188.8 + or + this = "Lavina" and result = 155.1 + or + this = "Adeline" and result = 165.5 + or + this = "Cath" and result = 147.8 + or + this = "Elisa" and result = 129.4 + or + this = "Lucretia" and result = 153.6 + or + this = "Anne" and result = 140.4 + or + this = "Eleanor" and result = 151.1 + or + this = "Joanna" and result = 167.2 + or + this = "Adam" and result = 155.5 + or + this = "Agnes" and result = 156.8 + or + this = "Rosanna" and result = 162.4 + or + this = "Clara" and result = 158.6 + or + this = "Melissa" and result = 182.3 + or + this = "Amy" and result = 147.1 + or + this = "Isabel" and result = 121.4 + or + this = "Jemima" and result = 149.8 + or + this = "Cordelia" and result = 151.7 + or + this = "Melinda" and result = 154.4 + or + this = "Delila" and result = 163.4 + or + this = "Jeremiah" and result = 167.5 + or + this = "Elijah" and result = 184.5 + or + this = "Hester" and result = 152.7 + or + this = "Walter" and result = 159.6 + or + this = "Oliver" and result = 192.4 + or + this = "Hugh" and result = 173.1 + or + this = "Aaron" and result = 176.6 + or + this = "Reuben" and result = 169.9 + or + this = "Eli" and result = 180.4 + or + this = "Amos" and result = 167.4 + or + this = "Augustus" and result = 156.5 + or + this = "Theodore" and result = 176.6 + or + this = "Ira" and result = 54.1 + or + this = "Timothy" and result = 172.2 + or + this = "Cyrus" and result = 157.9 + or + this = "Horace" and result = 169.3 + or + this = "Simon" and result = 157.1 + or + this = "Asa" and result = 149.4 + or + this = "Frank" and result = 167.2 + or + this = "Nelson" and result = 173.0 + or + this = "Leonard" and result = 172.0 + or + this = "Harrison" and result = 126.0 + or + this = "Anthony" and result = 98.4 + or + this = "Louis" and result = 186.8 + or + this = "Milton" and result = 157.8 + or + this = "Noah" and result = 190.5 + or + this = "Cornelius" and result = 183.1 + or + this = "Abdul" and result = 182.0 + or + this = "Warren" and result = 175.0 + or + this = "Harvey" and result = 169.3 + or + this = "Dennis" and result = 160.4 + or + this = "Wesley" and result = 139.8 + or + this = "Sylvester" and result = 188.2 + or + this = "Gilbert" and result = 177.6 + or + this = "Sullivan" and result = 168.3 + or + this = "Edmund" and result = 159.2 + or + this = "Wilson" and result = 167.6 + or + this = "Perry" and result = 189.1 + or + this = "Matthew" and result = 167.2 + or + this = "Simba" and result = 140.1 + or + this = "Nala" and result = 138.0 + or + this = "Rafiki" and result = 139.3 + or + this = "Shenzi" and result = 171.1 + } + + /** Gets the location of the person's home ("north", "south", "east", or "west"). If the person is deceased, there is no result. */ + string getLocation() { + this = "Ronil" and result = "north" + or + this = "Dina" and result = "north" + or + this = "Ravi" and result = "north" + or + this = "Bruce" and result = "south" + or + this = "Jo" and result = "west" + or + this = "Aida" and result = "east" + or + this = "Esme" and result = "east" + or + this = "Charlie" and result = "south" + or + this = "Fred" and result = "west" + or + this = "Meera" and result = "south" + or + this = "Maya" and result = "south" + or + this = "Chad" and result = "south" + or + this = "Tiana" and result = "west" + or + this = "Laura" and result = "south" + or + this = "George" and result = "south" + or + this = "Will" and result = "south" + or + this = "Mary" and result = "south" + or + this = "Almira" and result = "south" + or + this = "Susannah" and result = "north" + or + this = "Rhoda" and result = "north" + or + this = "Cynthia" and result = "north" + or + this = "Eunice" and result = "north" + or + this = "Olive" and result = "west" + or + this = "Virginia" and result = "west" + or + this = "Angeline" and result = "west" + or + this = "Helen" and result = "west" + or + this = "Cornelia" and result = "east" + or + this = "Harriet" and result = "east" + or + this = "Mahala" and result = "east" + or + this = "Abby" and result = "east" + or + this = "Margaret" and result = "east" + or + this = "Deb" and result = "east" + or + this = "Minerva" and result = "south" + or + this = "Severus" and result = "north" + or + this = "Lavina" and result = "east" + or + this = "Adeline" and result = "west" + or + this = "Cath" and result = "east" + or + this = "Elisa" and result = "east" + or + this = "Lucretia" and result = "north" + or + this = "Anne" and result = "north" + or + this = "Eleanor" and result = "south" + or + this = "Joanna" and result = "south" + or + this = "Adam" and result = "east" + or + this = "Agnes" and result = "east" + or + this = "Rosanna" and result = "east" + or + this = "Clara" and result = "east" + or + this = "Melissa" and result = "west" + or + this = "Amy" and result = "west" + or + this = "Isabel" and result = "west" + or + this = "Jemima" and result = "west" + or + this = "Cordelia" and result = "west" + or + this = "Melinda" and result = "west" + or + this = "Delila" and result = "south" + or + this = "Jeremiah" and result = "north" + or + this = "Elijah" and result = "north" + or + this = "Hester" and result = "east" + or + this = "Walter" and result = "east" + or + this = "Oliver" and result = "east" + or + this = "Hugh" and result = "south" + or + this = "Aaron" and result = "south" + or + this = "Reuben" and result = "west" + or + this = "Eli" and result = "west" + or + this = "Amos" and result = "east" + or + this = "Augustus" and result = "south" + or + this = "Theodore" and result = "west" + or + this = "Ira" and result = "south" + or + this = "Timothy" and result = "north" + or + this = "Cyrus" and result = "north" + or + this = "Horace" and result = "east" + or + this = "Simon" and result = "east" + or + this = "Asa" and result = "east" + or + this = "Frank" and result = "west" + or + this = "Nelson" and result = "west" + or + this = "Leonard" and result = "west" + or + this = "Harrison" and result = "north" + or + this = "Anthony" and result = "north" + or + this = "Louis" and result = "north" + or + this = "Milton" and result = "south" + or + this = "Noah" and result = "south" + or + this = "Cornelius" and result = "east" + or + this = "Abdul" and result = "east" + or + this = "Warren" and result = "west" + or + this = "Harvey" and result = "west" + or + this = "Dennis" and result = "west" + or + this = "Wesley" and result = "west" + or + this = "Sylvester" and result = "south" + or + this = "Gilbert" and result = "east" + or + this = "Sullivan" and result = "east" + or + this = "Edmund" and result = "north" + or + this = "Wilson" and result = "north" + or + this = "Perry" and result = "west" + or + this = "Matthew" and result = "east" + or + this = "Simba" and result = "south" + or + this = "Nala" and result = "south" + or + this = "Rafiki" and result = "north" + or + this = "Shenzi" and result = "west" + } + + /** Holds if the person is deceased. */ + predicate isDeceased() { + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Edwin" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" + } + + /** Gets a parent of the person (alive or deceased). */ + Person getAParent() { + this = "Stephen" and result = "Edmund" + or + this = "Edmund" and result = "Augustus" + or + this = "Augustus" and result = "Stephen" + or + this = "Abby" and result = "Cornelia" + or + this = "Abby" and result = "Amos" + or + this = "Abdul" and result = "Susannah" + or + this = "Adam" and result = "Amos" + or + this = "Adeline" and result = "Melinda" + or + this = "Adeline" and result = "Frank" + or + this = "Agnes" and result = "Abdul" + or + this = "Aida" and result = "Agnes" + or + this = "Almira" and result = "Sylvester" + or + this = "Amos" and result = "Eunice" + or + this = "Amy" and result = "Noah" + or + this = "Amy" and result = "Chad" + or + this = "Angeline" and result = "Reuben" + or + this = "Angeline" and result = "Lucretia" + or + this = "Anne" and result = "Rhoda" + or + this = "Anne" and result = "Louis" + or + this = "Anthony" and result = "Lavina" + or + this = "Anthony" and result = "Asa" + or + this = "Asa" and result = "Cornelia" + or + this = "Cath" and result = "Harriet" + or + this = "Charlie" and result = "Matthew" + or + this = "Clara" and result = "Ernest" + or + this = "Cornelia" and result = "Cynthia" + or + this = "Cornelius" and result = "Eli" + or + this = "Deb" and result = "Margaret" + or + this = "Dennis" and result = "Fred" + or + this = "Eli" and result = "Susannah" + or + this = "Elijah" and result = "Delila" + or + this = "Elisa" and result = "Deb" + or + this = "Elisa" and result = "Horace" + or + this = "Esme" and result = "Margaret" + or + this = "Frank" and result = "Eleanor" + or + this = "Frank" and result = "Cyrus" + or + this = "George" and result = "Maya" + or + this = "George" and result = "Wilson" + or + this = "Gilbert" and result = "Cornelius" + or + this = "Harriet" and result = "Cynthia" + or + this = "Harrison" and result = "Louis" + or + this = "Harvey" and result = "Fred" + or + this = "Helen" and result = "Susannah" + or + this = "Hester" and result = "Edwin" + or + this = "Hugh" and result = "Cyrus" + or + this = "Hugh" and result = "Helen" + or + this = "Ira" and result = "Maya" + or + this = "Ira" and result = "Wilson" + or + this = "Isabel" and result = "Perry" + or + this = "Isabel" and result = "Harvey" + or + this = "Jemima" and result = "Melinda" + or + this = "Jemima" and result = "Frank" + or + this = "Ernest" and result = "Lilian" + or + this = "Ernest" and result = "Oscar" + or + this = "Gertrude" and result = "Ophelia" + or + this = "Gertrude" and result = "Raymond" + or + this = "Lilian" and result = "Elgar" + or + this = "Lilian" and result = "Mae" + or + this = "Raymond" and result = "Elgar" + or + this = "Raymond" and result = "Mae" + or + this = "Elmer" and result = "Ophelia" + or + this = "Elmer" and result = "Raymond" + or + this = "Herbert" and result = "Ophelia" + or + this = "Herbert" and result = "Raymond" + or + this = "Maude" and result = "Ophelia" + or + this = "Maude" and result = "Raymond" + or + this = "Otto" and result = "Elgar" + or + this = "Otto" and result = "Mae" + or + this = "Edwin" and result = "Otto" + or + this = "Parsley" and result = "Simon" + or + this = "Parsley" and result = "Garfunkel" + or + this = "Sage" and result = "Simon" + or + this = "Sage" and result = "Garfunkel" + or + this = "Rosemary" and result = "Simon" + or + this = "Rosemary" and result = "Garfunkel" + or + this = "Thyme" and result = "Simon" + or + this = "Thyme" and result = "Garfunkel" + or + this = "King Basil" and result = "Ophelia" + or + this = "King Basil" and result = "Raymond" + or + this = "Jo" and result = "Theodore" + or + this = "Joanna" and result = "Shenzi" + or + this = "Laura" and result = "Maya" + or + this = "Laura" and result = "Wilson" + or + this = "Lavina" and result = "Mahala" + or + this = "Lavina" and result = "Walter" + or + this = "Leonard" and result = "Cyrus" + or + this = "Leonard" and result = "Helen" + or + this = "Lucretia" and result = "Eleanor" + or + this = "Lucretia" and result = "Cyrus" + or + this = "Mahala" and result = "Eunice" + or + this = "Margaret" and result = "Cynthia" + or + this = "Matthew" and result = "Cyrus" + or + this = "Matthew" and result = "Helen" + or + this = "Maya" and result = "Meera" + or + this = "Melinda" and result = "Rafiki" + or + this = "Melissa" and result = "Mahala" + or + this = "Melissa" and result = "Walter" + or + this = "Nala" and result = "Bruce" + or + this = "Nelson" and result = "Mahala" + or + this = "Nelson" and result = "Walter" + or + this = "Noah" and result = "Eli" + or + this = "Olive" and result = "Reuben" + or + this = "Olive" and result = "Lucretia" + or + this = "Oliver" and result = "Matthew" + or + this = "Perry" and result = "Leonard" + or + this = "Ravi" and result = "Dina" + or + this = "Simba" and result = "Will" + or + this = "Simon" and result = "Margaret" + or + this = "Sullivan" and result = "Cornelius" + or + this = "Sylvester" and result = "Timothy" + or + this = "Theodore" and result = "Susannah" + or + this = "Tiana" and result = "Jo" + or + this = "Virginia" and result = "Helen" + or + this = "Warren" and result = "Shenzi" + or + this = "Wesley" and result = "Warren" + or + this = "Wesley" and result = "Jo" + or + this = "Will" and result = "Eli" + } + + /** Holds if the person is allowed in the region. Initially, all villagers are allowed in every region. */ + predicate isAllowedIn(string region) { + region = "north" or + region = "south" or + region = "east" or + region = "west" + } +} + +/** Returns a parent of the person. */ +Person parentOf(Person p) { result = p.getAParent() } diff --git a/cpp/ql/src/Likely Bugs/Arithmetic/PointlessComparison.ql b/cpp/ql/src/Likely Bugs/Arithmetic/PointlessComparison.ql index 94a6c403937..e2fe02be867 100644 --- a/cpp/ql/src/Likely Bugs/Arithmetic/PointlessComparison.ql +++ b/cpp/ql/src/Likely Bugs/Arithmetic/PointlessComparison.ql @@ -50,10 +50,7 @@ where // If either of the operands is constant, then don't include it. ( if cmp.getLeftOperand().isConstant() - then - if cmp.getRightOperand().isConstant() - then none() // Both operands are constant so don't create a message. - else reason = rightReason + then not cmp.getRightOperand().isConstant() and reason = rightReason else if cmp.getRightOperand().isConstant() then reason = leftReason diff --git a/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingCommon.qll b/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingCommon.qll index 4854c1dc38e..9978d9ece0b 100644 --- a/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingCommon.qll +++ b/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingCommon.qll @@ -121,16 +121,14 @@ predicate exprSourceType(Expr use, Type sourceType, Location sourceLoc) { else if use instanceof CrementOperation then exprSourceType(use.(CrementOperation).getOperand(), sourceType, sourceLoc) - else + else ( // Conversions are not in the AST, so ignore them. - if use instanceof Conversion - then none() - else ( - // Source expressions - sourceType = use.getUnspecifiedType() and - isPointerType(sourceType) and - sourceLoc = use.getLocation() - ) + not use instanceof Conversion and + // Source expressions + sourceType = use.getUnspecifiedType() and + isPointerType(sourceType) and + sourceLoc = use.getLocation() + ) } /** diff --git a/csharp/ql/lib/semmle/code/asp/WebConfig.qll b/csharp/ql/lib/semmle/code/asp/WebConfig.qll index ed0f9aef451..16d5393afc2 100644 --- a/csharp/ql/lib/semmle/code/asp/WebConfig.qll +++ b/csharp/ql/lib/semmle/code/asp/WebConfig.qll @@ -8,7 +8,7 @@ import csharp * A `Web.config` file. */ class WebConfigXML extends XMLFile { - WebConfigXML() { getName().matches("%Web.config") } + WebConfigXML() { this.getName().matches("%Web.config") } } /** A `` tag in an ASP.NET configuration file. */ @@ -73,12 +73,14 @@ class FormsElement extends XMLElement { /** * Gets attribute's `requireSSL` value. */ - string getRequireSSL() { result = getAttribute("requireSSL").getValue().trim().toLowerCase() } + string getRequireSSL() { + result = this.getAttribute("requireSSL").getValue().trim().toLowerCase() + } /** * Holds if `requireSSL` value is true. */ - predicate isRequireSSL() { getRequireSSL() = "true" } + predicate isRequireSSL() { this.getRequireSSL() = "true" } } /** A `` tag in an ASP.NET configuration file. */ @@ -89,26 +91,28 @@ class HttpCookiesElement extends XMLElement { * Gets attribute's `httpOnlyCookies` value. */ string getHttpOnlyCookies() { - result = getAttribute("httpOnlyCookies").getValue().trim().toLowerCase() + result = this.getAttribute("httpOnlyCookies").getValue().trim().toLowerCase() } /** * Holds if there is any chance that `httpOnlyCookies` is set to `true`. */ - predicate isHttpOnlyCookies() { getHttpOnlyCookies() = "true" } + predicate isHttpOnlyCookies() { this.getHttpOnlyCookies() = "true" } /** * Gets attribute's `requireSSL` value. */ - string getRequireSSL() { result = getAttribute("requireSSL").getValue().trim().toLowerCase() } + string getRequireSSL() { + result = this.getAttribute("requireSSL").getValue().trim().toLowerCase() + } /** * Holds if there is any chance that `requireSSL` is set to `true` either globally or for Forms. */ predicate isRequireSSL() { - getRequireSSL() = "true" + this.getRequireSSL() = "true" or - not getRequireSSL() = "false" and // not set all, i.e. default - exists(FormsElement forms | forms.getFile() = getFile() | forms.isRequireSSL()) + not this.getRequireSSL() = "false" and // not set all, i.e. default + exists(FormsElement forms | forms.getFile() = this.getFile() | forms.isRequireSSL()) } } diff --git a/csharp/ql/lib/semmle/code/cil/Access.qll b/csharp/ql/lib/semmle/code/cil/Access.qll index 6d72a48ff1b..5fecd8acb10 100644 --- a/csharp/ql/lib/semmle/code/cil/Access.qll +++ b/csharp/ql/lib/semmle/code/cil/Access.qll @@ -20,7 +20,7 @@ class VariableAccess extends Access, @cil_access { } /** An instruction that reads a variable. */ class ReadAccess extends VariableAccess, Expr, @cil_read_access { - override Type getType() { result = getTarget().getType() } + override Type getType() { result = this.getTarget().getType() } } /** An instruction yielding an address. */ @@ -49,7 +49,7 @@ class ParameterReadAccess extends ParameterAccess, ReadAccess { class ParameterWriteAccess extends ParameterAccess, WriteAccess { override int getPopCount() { result = 1 } - override Expr getExpr() { result = getOperand(0) } + override Expr getExpr() { result = this.getOperand(0) } } /** An access to the `this` parameter. */ @@ -71,9 +71,9 @@ class LocalVariableAccess extends StackVariableAccess, @cil_local_access { class LocalVariableWriteAccess extends LocalVariableAccess, WriteAccess { override int getPopCount() { result = 1 } - override Expr getExpr() { result = getOperand(0) } + override Expr getExpr() { result = this.getOperand(0) } - override string getExtra() { result = "L" + getTarget().getIndex() } + override string getExtra() { result = "L" + this.getTarget().getIndex() } } /** An instruction that reads a local variable. */ @@ -85,7 +85,7 @@ class LocalVariableReadAccess extends LocalVariableAccess, ReadAccess { class FieldAccess extends VariableAccess, @cil_field_access { override Field getTarget() { result = VariableAccess.super.getTarget() } - override string getExtra() { result = getTarget().getName() } + override string getExtra() { result = this.getTarget().getName() } /** Gets the qualifier of the access, if any. */ abstract Expr getQualifier(); diff --git a/csharp/ql/lib/semmle/code/cil/BasicBlock.qll b/csharp/ql/lib/semmle/code/cil/BasicBlock.qll index 0c9c0b8ad07..2680cb0a769 100644 --- a/csharp/ql/lib/semmle/code/cil/BasicBlock.qll +++ b/csharp/ql/lib/semmle/code/cil/BasicBlock.qll @@ -10,7 +10,7 @@ private import CIL */ class BasicBlock extends Cached::TBasicBlockStart { /** Gets an immediate successor of this basic block, if any. */ - BasicBlock getASuccessor() { result.getFirstNode() = getLastNode().getASuccessor() } + BasicBlock getASuccessor() { result.getFirstNode() = this.getLastNode().getASuccessor() } /** Gets an immediate predecessor of this basic block, if any. */ BasicBlock getAPredecessor() { result.getASuccessor() = this } @@ -31,7 +31,7 @@ class BasicBlock extends Cached::TBasicBlockStart { * The basic block on line 2 is an immediate `true` successor of the * basic block on line 1. */ - BasicBlock getATrueSuccessor() { result.getFirstNode() = getLastNode().getTrueSuccessor() } + BasicBlock getATrueSuccessor() { result.getFirstNode() = this.getLastNode().getTrueSuccessor() } /** * Gets an immediate `false` successor, if any. @@ -49,22 +49,22 @@ class BasicBlock extends Cached::TBasicBlockStart { * The basic block on line 2 is an immediate `false` successor of the * basic block on line 1. */ - BasicBlock getAFalseSuccessor() { result.getFirstNode() = getLastNode().getFalseSuccessor() } + BasicBlock getAFalseSuccessor() { result.getFirstNode() = this.getLastNode().getFalseSuccessor() } /** Gets the control flow node at a specific (zero-indexed) position in this basic block. */ - ControlFlowNode getNode(int pos) { Cached::bbIndex(getFirstNode(), result, pos) } + ControlFlowNode getNode(int pos) { Cached::bbIndex(this.getFirstNode(), result, pos) } /** Gets a control flow node in this basic block. */ - ControlFlowNode getANode() { result = getNode(_) } + ControlFlowNode getANode() { result = this.getNode(_) } /** Gets the first control flow node in this basic block. */ ControlFlowNode getFirstNode() { this = Cached::TBasicBlockStart(result) } /** Gets the last control flow node in this basic block. */ - ControlFlowNode getLastNode() { result = getNode(length() - 1) } + ControlFlowNode getLastNode() { result = this.getNode(this.length() - 1) } /** Gets the length of this basic block. */ - int length() { result = strictcount(getANode()) } + int length() { result = strictcount(this.getANode()) } /** * Holds if this basic block strictly dominates basic block `bb`. @@ -114,7 +114,7 @@ class BasicBlock extends Cached::TBasicBlockStart { */ predicate dominates(BasicBlock bb) { bb = this or - strictlyDominates(bb) + this.strictlyDominates(bb) } /** @@ -140,14 +140,14 @@ class BasicBlock extends Cached::TBasicBlockStart { * does not dominate the basic block on line 6. */ predicate inDominanceFrontier(BasicBlock df) { - dominatesPredecessor(df) and - not strictlyDominates(df) + this.dominatesPredecessor(df) and + not this.strictlyDominates(df) } /** * Holds if this basic block dominates a predecessor of `df`. */ - private predicate dominatesPredecessor(BasicBlock df) { dominates(df.getAPredecessor()) } + private predicate dominatesPredecessor(BasicBlock df) { this.dominates(df.getAPredecessor()) } /** * Gets the basic block that immediately dominates this basic block, if any. @@ -226,7 +226,7 @@ class BasicBlock extends Cached::TBasicBlockStart { * post-dominates itself. */ predicate postDominates(BasicBlock bb) { - strictlyPostDominates(bb) or + this.strictlyPostDominates(bb) or this = bb } @@ -239,7 +239,7 @@ class BasicBlock extends Cached::TBasicBlockStart { predicate inLoop() { this.getASuccessor+() = this } /** Gets a textual representation of this basic block. */ - string toString() { result = getFirstNode().toString() } + string toString() { result = this.getFirstNode().toString() } /** Gets the location of this basic block. */ Location getLocation() { result = this.getFirstNode().getLocation() } @@ -325,16 +325,16 @@ private predicate exitBB(BasicBlock bb) { not exists(bb.getLastNode().getASucces * A basic block with more than one predecessor. */ class JoinBlock extends BasicBlock { - JoinBlock() { getFirstNode().isJoin() } + JoinBlock() { this.getFirstNode().isJoin() } } /** A basic block that terminates in a condition, splitting the subsequent control flow. */ class ConditionBlock extends BasicBlock { ConditionBlock() { exists(BasicBlock succ | - succ = getATrueSuccessor() + succ = this.getATrueSuccessor() or - succ = getAFalseSuccessor() + succ = this.getAFalseSuccessor() ) } @@ -380,16 +380,16 @@ class ConditionBlock extends BasicBlock { */ exists(BasicBlock succ | - isCandidateSuccessor(succ, testIsTrue) and + this.isCandidateSuccessor(succ, testIsTrue) and succ.dominates(controlled) ) } private predicate isCandidateSuccessor(BasicBlock succ, boolean testIsTrue) { ( - testIsTrue = true and succ = getATrueSuccessor() + testIsTrue = true and succ = this.getATrueSuccessor() or - testIsTrue = false and succ = getAFalseSuccessor() + testIsTrue = false and succ = this.getAFalseSuccessor() ) and forall(BasicBlock pred | pred = succ.getAPredecessor() and pred != this | succ.dominates(pred)) } diff --git a/csharp/ql/lib/semmle/code/cil/ConsistencyChecks.qll b/csharp/ql/lib/semmle/code/cil/ConsistencyChecks.qll index 02cfd149886..262bb58ab9c 100644 --- a/csharp/ql/lib/semmle/code/cil/ConsistencyChecks.qll +++ b/csharp/ql/lib/semmle/code/cil/ConsistencyChecks.qll @@ -62,7 +62,7 @@ abstract class InstructionViolation extends CfgViolation, CfgCheck { override string toString() { result = instruction.getImplementation().getMethod().toStringWithTypes() + ": " + - instruction.toString() + ", " + getInstructionsUpTo() + instruction.toString() + ", " + this.getInstructionsUpTo() } } @@ -126,7 +126,7 @@ class MissingOperand extends InstructionViolation { } override string getMessage() { - result = "This instruction is missing operand " + getMissingOperand() + result = "This instruction is missing operand " + this.getMissingOperand() } } @@ -364,7 +364,7 @@ class TypeViolation extends ConsistencyViolation, TypeCheck { /** Gets the type containing the violation. */ Type getType() { this = TypeCheck(result) } - override string toString() { result = getType().toString() } + override string toString() { result = this.getType().toString() } abstract override string getMessage(); } @@ -374,7 +374,7 @@ class TypeViolation extends ConsistencyViolation, TypeCheck { */ class TypeIsBothConstructedAndUnbound extends TypeViolation { TypeIsBothConstructedAndUnbound() { - getType() instanceof ConstructedGeneric and getType() instanceof UnboundGeneric + this.getType() instanceof ConstructedGeneric and this.getType() instanceof UnboundGeneric } override string getMessage() { result = "Type is both constructed and unbound" } @@ -397,16 +397,16 @@ class InconsistentTypeLocation extends TypeViolation { */ class TypeParameterMismatch extends TypeViolation { TypeParameterMismatch() { - getType().(ConstructedGeneric).getNumberOfTypeArguments() != - getType().getUnboundType().(UnboundGeneric).getNumberOfTypeParameters() + this.getType().(ConstructedGeneric).getNumberOfTypeArguments() != + this.getType().getUnboundType().(UnboundGeneric).getNumberOfTypeParameters() } override string getMessage() { result = - "Constructed type (" + getType().toStringWithTypes() + ") has " + - getType().(ConstructedGeneric).getNumberOfTypeArguments() + - " type arguments and unbound type (" + getType().getUnboundType().toStringWithTypes() + - ") has " + getType().getUnboundType().(UnboundGeneric).getNumberOfTypeParameters() + + "Constructed type (" + this.getType().toStringWithTypes() + ") has " + + this.getType().(ConstructedGeneric).getNumberOfTypeArguments() + + " type arguments and unbound type (" + this.getType().getUnboundType().toStringWithTypes() + + ") has " + this.getType().getUnboundType().(UnboundGeneric).getNumberOfTypeParameters() + " type parameters" } } @@ -418,7 +418,7 @@ class MethodViolation extends ConsistencyViolation, DeclarationCheck { /** Gets the method containing the violation. */ Method getMethod() { this = DeclarationCheck(result) } - override string toString() { result = getMethod().toString() } + override string toString() { result = this.getMethod().toString() } override string getMessage() { none() } } @@ -440,14 +440,15 @@ class InconsistentMethodLocation extends MethodViolation { */ class ConstructedMethodTypeParams extends MethodViolation { ConstructedMethodTypeParams() { - getMethod().(ConstructedGeneric).getNumberOfTypeArguments() != - getMethod().getUnboundDeclaration().(UnboundGeneric).getNumberOfTypeParameters() + this.getMethod().(ConstructedGeneric).getNumberOfTypeArguments() != + this.getMethod().getUnboundDeclaration().(UnboundGeneric).getNumberOfTypeParameters() } override string getMessage() { result = - "The constructed method " + getMethod().toStringWithTypes() + - " does not match unbound method " + getMethod().getUnboundDeclaration().toStringWithTypes() + "The constructed method " + this.getMethod().toStringWithTypes() + + " does not match unbound method " + + this.getMethod().getUnboundDeclaration().toStringWithTypes() } } @@ -477,8 +478,8 @@ class InvalidOverride extends MethodViolation { private Method base; InvalidOverride() { - base = getMethod().getOverriddenMethod() and - not getMethod().getDeclaringType().getABaseType+() = base.getDeclaringType() and + base = this.getMethod().getOverriddenMethod() and + not this.getMethod().getDeclaringType().getABaseType+() = base.getDeclaringType() and base.getDeclaringType().isUnboundDeclaration() // Bases classes of constructed types aren't extracted properly. } @@ -493,7 +494,9 @@ class InvalidOverride extends MethodViolation { * A pointer type that does not have a pointee type. */ class InvalidPointerType extends TypeViolation { - InvalidPointerType() { exists(PointerType p | p = getType() | count(p.getReferentType()) != 1) } + InvalidPointerType() { + exists(PointerType p | p = this.getType() | count(p.getReferentType()) != 1) + } override string getMessage() { result = "Invalid Pointertype.getPointeeType()" } } @@ -502,7 +505,9 @@ class InvalidPointerType extends TypeViolation { * An array with an invalid `getElementType`. */ class ArrayTypeMissingElement extends TypeViolation { - ArrayTypeMissingElement() { exists(ArrayType t | t = getType() | count(t.getElementType()) != 1) } + ArrayTypeMissingElement() { + exists(ArrayType t | t = this.getType() | count(t.getElementType()) != 1) + } override string getMessage() { result = "Invalid ArrayType.getElementType()" } } @@ -511,7 +516,7 @@ class ArrayTypeMissingElement extends TypeViolation { * An array with an invalid `getRank`. */ class ArrayTypeInvalidRank extends TypeViolation { - ArrayTypeInvalidRank() { exists(ArrayType t | t = getType() | not t.getRank() > 0) } + ArrayTypeInvalidRank() { exists(ArrayType t | t = this.getType() | not t.getRank() > 0) } override string getMessage() { result = "Invalid ArrayType.getRank()" } } @@ -564,7 +569,7 @@ abstract class DeclarationViolation extends ConsistencyViolation, DeclarationChe /** Gets the member containing the potential violation. */ Declaration getDeclaration() { this = DeclarationCheck(result) } - override string toString() { result = getDeclaration().toString() } + override string toString() { result = this.getDeclaration().toString() } } /** @@ -572,7 +577,7 @@ abstract class DeclarationViolation extends ConsistencyViolation, DeclarationChe */ class PropertyWithNoAccessors extends DeclarationViolation { PropertyWithNoAccessors() { - exists(Property p | p = getDeclaration() | not exists(p.getAnAccessor())) + exists(Property p | p = this.getDeclaration() | not exists(p.getAnAccessor())) } override string getMessage() { result = "Property has no accessors" } @@ -646,7 +651,7 @@ class TypeMultiplyDefined extends TypeViolation, DisabledCheck { override string getMessage() { result = - "This type (" + getType().toStringWithTypes() + ") has " + + "This type (" + this.getType().toStringWithTypes() + ") has " + count(Type t | not t instanceof ConstructedGeneric and t.toStringWithTypes() = this.getType().toStringWithTypes() @@ -669,11 +674,11 @@ class MissingCilDeclaration extends ConsistencyViolation, MissingCSharpCheck { override string getMessage() { result = - "Cannot locate CIL for " + getDeclaration().toStringWithTypes() + " of class " + - getDeclaration().getPrimaryQlClasses() + "Cannot locate CIL for " + this.getDeclaration().toStringWithTypes() + " of class " + + this.getDeclaration().getPrimaryQlClasses() } - override string toString() { result = getDeclaration().toStringWithTypes() } + override string toString() { result = this.getDeclaration().toStringWithTypes() } } /** @@ -717,21 +722,23 @@ private predicate expectedCilDeclaration(CS::Declaration decl) { /** A member with an invalid name. */ class MemberWithInvalidName extends DeclarationViolation { MemberWithInvalidName() { - exists(string name | name = getDeclaration().(Member).getName() | + exists(string name | name = this.getDeclaration().(Member).getName() | exists(name.indexOf(".")) and not name = ".ctor" and not name = ".cctor" ) } - override string getMessage() { result = "Invalid name " + getDeclaration().(Member).getName() } + override string getMessage() { + result = "Invalid name " + this.getDeclaration().(Member).getName() + } } class ConstructedSourceDeclarationMethod extends MethodViolation { Method method; ConstructedSourceDeclarationMethod() { - method = getMethod() and + method = this.getMethod() and method = method.getUnboundDeclaration() and ( method instanceof ConstructedGeneric or @@ -751,7 +758,7 @@ class DeclarationWithMultipleLabels extends DeclarationViolation { } override string getMessage() { - result = "Multiple labels " + concat(getDeclaration().getLabel(), ", ") + result = "Multiple labels " + concat(this.getDeclaration().getLabel(), ", ") } } diff --git a/csharp/ql/lib/semmle/code/cil/ControlFlow.qll b/csharp/ql/lib/semmle/code/cil/ControlFlow.qll index 52a2ddc3376..8b6d6c70a05 100644 --- a/csharp/ql/lib/semmle/code/cil/ControlFlow.qll +++ b/csharp/ql/lib/semmle/code/cil/ControlFlow.qll @@ -23,13 +23,13 @@ class ControlFlowNode extends @cil_controlflow_node { int getPopCount() { result = 0 } /** Gets a successor of this node, if any. */ - final Instruction getASuccessor() { result = getASuccessorType(_) } + final Instruction getASuccessor() { result = this.getASuccessorType(_) } /** Gets a true successor of this node, if any. */ - final Instruction getTrueSuccessor() { result = getASuccessorType(any(TrueFlow f)) } + final Instruction getTrueSuccessor() { result = this.getASuccessorType(any(TrueFlow f)) } /** Gets a false successor of this node, if any. */ - final Instruction getFalseSuccessor() { result = getASuccessorType(any(FalseFlow f)) } + final Instruction getFalseSuccessor() { result = this.getASuccessorType(any(FalseFlow f)) } /** Gets a successor to this node, of type `type`, if any. */ cached @@ -57,7 +57,7 @@ class ControlFlowNode extends @cil_controlflow_node { } /** Gets an operand of this instruction, if any. */ - ControlFlowNode getAnOperand() { result = getOperand(_) } + ControlFlowNode getAnOperand() { result = this.getOperand(_) } /** Gets an expression that consumes the output of this instruction on the stack. */ Instruction getParentExpr() { this = result.getAnOperand() } @@ -86,17 +86,17 @@ class ControlFlowNode extends @cil_controlflow_node { ) } - private int getStackDelta() { result = getPushCount() - getPopCount() } + private int getStackDelta() { result = this.getPushCount() - this.getPopCount() } /** Gets the stack size before this instruction. */ - int getStackSizeBefore() { result = getAPredecessor().getStackSizeAfter() } + int getStackSizeBefore() { result = this.getAPredecessor().getStackSizeAfter() } /** Gets the stack size after this instruction. */ final int getStackSizeAfter() { // This is a guard to prevent ill formed programs // and other logic errors going into an infinite loop. - result in [0 .. getImplementation().getStackSize()] and - result = getStackSizeBefore() + getStackDelta() + result in [0 .. this.getImplementation().getStackSize()] and + result = this.getStackSizeBefore() + this.getStackDelta() } /** Gets the method containing this control flow node. */ diff --git a/csharp/ql/lib/semmle/code/cil/Declaration.qll b/csharp/ql/lib/semmle/code/cil/Declaration.qll index a747d4a6d80..178b5c9966e 100644 --- a/csharp/ql/lib/semmle/code/cil/Declaration.qll +++ b/csharp/ql/lib/semmle/code/cil/Declaration.qll @@ -68,7 +68,7 @@ class Member extends DotNet::Member, Declaration, @cil_member { /** Holds if this member has a security attribute. */ predicate hasSecurity() { cil_security(this) } - override Location getLocation() { result = getDeclaringType().getLocation() } + override Location getLocation() { result = this.getDeclaringType().getLocation() } } /** A property. */ @@ -87,24 +87,25 @@ class Property extends DotNet::Property, Member, CustomModifierReceiver, @cil_pr override Setter getSetter() { this = result.getProperty() } /** Gets an accessor of this property. */ - Accessor getAnAccessor() { result = getGetter() or result = getSetter() } + Accessor getAnAccessor() { result = this.getGetter() or result = this.getSetter() } - override string toString() { result = "property " + getName() } + override string toString() { result = "property " + this.getName() } override string toStringWithTypes() { result = - getType().toStringWithTypes() + " " + getDeclaringType().toStringWithTypes() + "." + getName() + this.getType().toStringWithTypes() + " " + this.getDeclaringType().toStringWithTypes() + "." + + this.getName() } } /** A property that is trivial (wraps a field). */ class TrivialProperty extends Property { TrivialProperty() { - getGetter().(TrivialGetter).getField() = getSetter().(TrivialSetter).getField() + this.getGetter().(TrivialGetter).getField() = this.getSetter().(TrivialSetter).getField() } /** Gets the underlying field of this property. */ - Field getField() { result = getGetter().(TrivialGetter).getField() } + Field getField() { result = this.getGetter().(TrivialGetter).getField() } } /** An event. */ @@ -125,9 +126,9 @@ class Event extends DotNet::Event, Member, @cil_event { /** Gets the raiser. */ Method getRaiser() { cil_raiser(this, result) } - override string toString() { result = "event " + getName() } + override string toString() { result = "event " + this.getName() } override string toStringWithTypes() { - result = getDeclaringType().toStringWithTypes() + "." + getName() + result = this.getDeclaringType().toStringWithTypes() + "." + this.getName() } } diff --git a/csharp/ql/lib/semmle/code/cil/Generics.qll b/csharp/ql/lib/semmle/code/cil/Generics.qll index a742a142cc4..2e702e68ffe 100644 --- a/csharp/ql/lib/semmle/code/cil/Generics.qll +++ b/csharp/ql/lib/semmle/code/cil/Generics.qll @@ -45,5 +45,5 @@ class ConstructedType extends ConstructedGeneric, Type { /** A constructed generic method. */ class ConstructedMethod extends ConstructedGeneric, Method { - final override UnboundGenericMethod getUnboundGeneric() { result = getUnboundMethod() } + final override UnboundGenericMethod getUnboundGeneric() { result = this.getUnboundMethod() } } diff --git a/csharp/ql/lib/semmle/code/cil/Instruction.qll b/csharp/ql/lib/semmle/code/cil/Instruction.qll index 3e620031264..fa9753e1f0c 100644 --- a/csharp/ql/lib/semmle/code/cil/Instruction.qll +++ b/csharp/ql/lib/semmle/code/cil/Instruction.qll @@ -4,15 +4,17 @@ private import CIL /** An instruction. */ class Instruction extends Element, ControlFlowNode, DataFlowNode, @cil_instruction { - override string toString() { result = getOpcodeName() } + override string toString() { result = this.getOpcodeName() } /** Gets a more verbose textual representation of this instruction. */ - string toStringExtra() { result = getIndex() + ": " + getOpcodeName() + getExtraStr() } + string toStringExtra() { + result = this.getIndex() + ": " + this.getOpcodeName() + this.getExtraStr() + } /** Gets the method containing this instruction. */ override MethodImplementation getImplementation() { cil_instruction(this, _, _, result) } - override Method getMethod() { result = getImplementation().getMethod() } + override Method getMethod() { result = this.getImplementation().getMethod() } /** * Gets the index of this instruction. @@ -30,7 +32,7 @@ class Instruction extends Element, ControlFlowNode, DataFlowNode, @cil_instructi string getExtra() { none() } private string getExtraStr() { - if exists(getExtra()) then result = " " + getExtra() else result = "" + if exists(this.getExtra()) then result = " " + this.getExtra() else result = "" } /** Gets the declaration accessed by this instruction, if any. */ @@ -39,8 +41,8 @@ class Instruction extends Element, ControlFlowNode, DataFlowNode, @cil_instructi /** Gets a successor instruction to this instruction. */ override Instruction getASuccessorType(FlowType t) { t instanceof NormalFlow and - canFlowNext() and - result = this.getImplementation().getInstruction(getIndex() + 1) + this.canFlowNext() and + result = this.getImplementation().getInstruction(this.getIndex() + 1) } /** Holds if this instruction passes control flow into the next instruction. */ @@ -61,7 +63,7 @@ class Instruction extends Element, ControlFlowNode, DataFlowNode, @cil_instructi override Location getALocation() { cil_instruction_location(this, result) // The source code, if available or - result = getImplementation().getLocation() // The containing assembly + result = this.getImplementation().getLocation() // The containing assembly } override Location getLocation() { result = Element.super.getLocation() } diff --git a/csharp/ql/lib/semmle/code/cil/InstructionGroups.qll b/csharp/ql/lib/semmle/code/cil/InstructionGroups.qll index e4aeb05a839..5dac4bf7291 100644 --- a/csharp/ql/lib/semmle/code/cil/InstructionGroups.qll +++ b/csharp/ql/lib/semmle/code/cil/InstructionGroups.qll @@ -14,7 +14,7 @@ class Expr extends DotNet::Expr, Instruction, @cil_expr { override Type getType() { result = Instruction.super.getType() } - override Method getEnclosingCallable() { result = getImplementation().getMethod() } + override Method getEnclosingCallable() { result = this.getImplementation().getMethod() } /** * The "parent" of a CIL expression is taken to be the instruction @@ -28,13 +28,13 @@ class Branch extends Instruction, @cil_jump { /** Gets the instruction that is jumped to. */ Instruction getTarget() { cil_jump(this, result) } - override string getExtra() { result = getTarget().getIndex() + ":" } + override string getExtra() { result = this.getTarget().getIndex() + ":" } } /** An instruction that unconditionally jumps to another instruction. */ class UnconditionalBranch extends Branch, @cil_unconditional_jump { override Instruction getASuccessorType(FlowType t) { - t instanceof NormalFlow and result = getTarget() + t instanceof NormalFlow and result = this.getTarget() } override predicate canFlowNext() { none() } @@ -43,9 +43,9 @@ class UnconditionalBranch extends Branch, @cil_unconditional_jump { /** An instruction that jumps to a target based on a condition. */ class ConditionalBranch extends Branch, @cil_conditional_jump { override Instruction getASuccessorType(FlowType t) { - t instanceof TrueFlow and result = getTarget() + t instanceof TrueFlow and result = this.getTarget() or - t instanceof FalseFlow and result = getImplementation().getInstruction(getIndex() + 1) + t instanceof FalseFlow and result = this.getImplementation().getInstruction(this.getIndex() + 1) } override int getPushCount() { result = 0 } @@ -61,7 +61,7 @@ class UnaryExpr extends Expr, @cil_unary_expr { override int getPopCount() { result = 1 } /** Gets the operand of this unary expression. */ - Expr getOperand() { result = getOperand(0) } + Expr getOperand() { result = this.getOperand(0) } } /** A binary expression that compares two values. */ @@ -73,8 +73,8 @@ class ComparisonOperation extends BinaryExpr, @cil_comparison_operation { class BinaryArithmeticExpr extends BinaryExpr, @cil_binary_arithmetic_operation { override Type getType() { exists(Type t0, Type t1 | - t0 = getOperand(0).getType().getUnderlyingType() and - t1 = getOperand(1).getType().getUnderlyingType() + t0 = this.getOperand(0).getType().getUnderlyingType() and + t1 = this.getOperand(1).getType().getUnderlyingType() | t0 = t1 and result = t0 or @@ -100,7 +100,7 @@ class UnaryBitwiseOperation extends UnaryExpr, @cil_unary_bitwise_operation { /** A unary expression that converts a value from one primitive type to another. */ class Conversion extends UnaryExpr, @cil_conversion_operation { /** Gets the expression being converted. */ - Expr getExpr() { result = getOperand(0) } + Expr getExpr() { result = this.getOperand(0) } } /** A branch that leaves the scope of a `Handler`. */ @@ -111,7 +111,7 @@ class Literal extends DotNet::Literal, Expr, @cil_literal { /** Gets the pushed value. */ override string getValue() { cil_value(this, result) } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } } /** An integer literal. */ @@ -149,44 +149,44 @@ class Call extends Expr, DotNet::Call, @cil_call_any { /** Gets the method that is called. */ override Method getTarget() { cil_access(this, result) } - override Method getARuntimeTarget() { result = getTarget().getAnOverrider*() } + override Method getARuntimeTarget() { result = this.getTarget().getAnOverrider*() } - override string getExtra() { result = getTarget().getQualifiedName() } + override string getExtra() { result = this.getTarget().getQualifiedName() } /** * Gets the return type of the call. Methods that do not return a value * return the `void` type, `System.Void`, although the value of `getPushCount` is * 0 in this case. */ - override Type getType() { result = getTarget().getReturnType() } + override Type getType() { result = this.getTarget().getReturnType() } // The number of items popped/pushed from the stack // depends on the target of the call. - override int getPopCount() { result = getTarget().getCallPopCount() } + override int getPopCount() { result = this.getTarget().getCallPopCount() } - override int getPushCount() { result = getTarget().getCallPushCount() } + override int getPushCount() { result = this.getTarget().getCallPushCount() } /** * Holds if this is a "tail call", meaning that control does not return to the * calling method. */ predicate isTailCall() { - getImplementation().getInstruction(getIndex() - 1) instanceof Opcodes::Tail + this.getImplementation().getInstruction(this.getIndex() - 1) instanceof Opcodes::Tail } /** Holds if this call is virtual and could go to an overriding method. */ predicate isVirtual() { none() } - override Expr getRawArgument(int i) { result = getOperand(getPopCount() - i - 1) } + override Expr getRawArgument(int i) { result = this.getOperand(this.getPopCount() - i - 1) } /** Gets the qualifier of this call, if any. */ - Expr getQualifier() { result = getRawArgument(0) and not getTarget().isStatic() } + Expr getQualifier() { result = this.getRawArgument(0) and not this.getTarget().isStatic() } override Expr getArgument(int i) { - if getTarget().isStatic() - then result = getRawArgument(i) + if this.getTarget().isStatic() + then result = this.getRawArgument(i) else ( - result = getRawArgument(i + 1) and i >= 0 + result = this.getRawArgument(i + 1) and i >= 0 ) } @@ -217,10 +217,10 @@ class VirtualCall extends Call { /** A read of an array element. */ class ReadArrayElement extends BinaryExpr, @cil_read_array { /** Gets the array being read. */ - Expr getArray() { result = getOperand(1) } + Expr getArray() { result = this.getOperand(1) } /** Gets the index into the array. */ - Expr getArrayIndex() { result = getOperand(0) } + Expr getArrayIndex() { result = this.getOperand(0) } } /** A write of an array element. */ @@ -233,14 +233,14 @@ class WriteArrayElement extends Instruction, @cil_write_array { /** A `return` statement. */ class Return extends Instruction, @cil_ret { /** Gets the expression being returned, if any. */ - Expr getExpr() { result = getOperand(0) } + Expr getExpr() { result = this.getOperand(0) } override predicate canFlowNext() { none() } } /** A `throw` statement. */ class Throw extends Instruction, DotNet::Throw, @cil_throw_any { - override Expr getExpr() { result = getOperand(0) } + override Expr getExpr() { result = this.getOperand(0) } override predicate canFlowNext() { none() } } @@ -250,10 +250,10 @@ class StoreIndirect extends Instruction, @cil_stind { override int getPopCount() { result = 2 } /** Gets the location to store the value at. */ - Expr getAddress() { result = getOperand(1) } + Expr getAddress() { result = this.getOperand(1) } /** Gets the value to store. */ - Expr getExpr() { result = getOperand(0) } + Expr getExpr() { result = this.getOperand(0) } } /** Loads a value from an address/location. */ diff --git a/csharp/ql/lib/semmle/code/cil/Instructions.qll b/csharp/ql/lib/semmle/code/cil/Instructions.qll index e385ceced31..5752ae45b20 100644 --- a/csharp/ql/lib/semmle/code/cil/Instructions.qll +++ b/csharp/ql/lib/semmle/code/cil/Instructions.qll @@ -83,21 +83,21 @@ module Opcodes { class Ldc_i4 extends IntLiteral, @cil_ldc_i4 { override string getOpcodeName() { result = "ldc.i4" } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } } /** An `ldc.i8` instruction. */ class Ldc_i8 extends IntLiteral, @cil_ldc_i8 { override string getOpcodeName() { result = "ldc.i8" } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } } /** An `ldc.i4.s` instruction. */ class Ldc_i4_s extends IntLiteral, @cil_ldc_i4_s { override string getOpcodeName() { result = "ldc.i4.s" } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } } /** An `ldnull` instruction. */ @@ -115,7 +115,7 @@ module Opcodes { class Ldc_r4 extends FloatLiteral, @cil_ldc_r4 { override string getOpcodeName() { result = "ldc.r4" } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } override Type getType() { result instanceof FloatType } } @@ -124,7 +124,7 @@ module Opcodes { class Ldc_r8 extends FloatLiteral, @cil_ldc_r8 { override string getOpcodeName() { result = "ldc.r8" } - override string getExtra() { result = getValue() } + override string getExtra() { result = this.getValue() } override Type getType() { result instanceof DoubleType } } @@ -199,9 +199,9 @@ module Opcodes { override string getOpcodeName() { result = "neg" } override NumericType getType() { - result = getOperand().getType() + result = this.getOperand().getType() or - getOperand().getType() instanceof Enum and result instanceof IntType + this.getOperand().getType() instanceof Enum and result instanceof IntType } } @@ -260,7 +260,7 @@ module Opcodes { override int getPushCount() { result = 2 } // This is the only instruction that pushes 2 items - override Type getType() { result = getOperand(0).getType() } + override Type getType() { result = this.getOperand(0).getType() } } /** A `ret` instruction. */ @@ -270,7 +270,7 @@ module Opcodes { override predicate canFlowNext() { none() } override int getPopCount() { - if getImplementation().getMethod().returnsVoid() then result = 0 else result = 1 + if this.getImplementation().getMethod().returnsVoid() then result = 0 else result = 1 } } @@ -283,7 +283,7 @@ module Opcodes { class Ldstr extends StringLiteral, @cil_ldstr { override string getOpcodeName() { result = "ldstr" } - override string getExtra() { result = "\"" + getValue() + "\"" } + override string getExtra() { result = "\"" + this.getValue() + "\"" } override Type getType() { result instanceof StringType } } @@ -427,11 +427,14 @@ module Opcodes { override Instruction getASuccessorType(FlowType t) { t instanceof NormalFlow and - (result = getTarget(_) or result = getImplementation().getInstruction(getIndex() + 1)) + ( + result = this.getTarget(_) or + result = this.getImplementation().getInstruction(this.getIndex() + 1) + ) } override string getExtra() { - result = concat(int n | exists(getTarget(n)) | getTarget(n).getIndex() + ":", " ") + result = concat(int n | exists(this.getTarget(n)) | this.getTarget(n).getIndex() + ":", " ") } } @@ -493,9 +496,9 @@ module Opcodes { // The number of items popped/pushed from the stack depends on the target of // the call. Also, we need to pop the function pointer itself too. - override int getPopCount() { result = getTargetType().getCallPopCount() + 1 } + override int getPopCount() { result = this.getTargetType().getCallPopCount() + 1 } - override int getPushCount() { result = getTargetType().getCallPushCount() } + override int getPushCount() { result = this.getTargetType().getCallPushCount() } } /** A `callvirt` instruction. */ @@ -524,49 +527,49 @@ module Opcodes { override BoolType getType() { exists(result) } /** Gets the type that is being tested against. */ - Type getTestedType() { result = getAccess() } + Type getTestedType() { result = this.getAccess() } - override string getExtra() { result = getTestedType().getQualifiedName() } + override string getExtra() { result = this.getTestedType().getQualifiedName() } } /** A `castclass` instruction. */ class Castclass extends UnaryExpr, @cil_castclass { override string getOpcodeName() { result = "castclass" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } /** Gets the type that is being cast to. */ - Type getTestedType() { result = getAccess() } + Type getTestedType() { result = this.getAccess() } - override string getExtra() { result = getTestedType().getQualifiedName() } + override string getExtra() { result = this.getTestedType().getQualifiedName() } } /** An `stloc.0` instruction. */ class Stloc_0 extends LocalVariableWriteAccess, @cil_stloc_0 { override string getOpcodeName() { result = "stloc.0" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(0) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(0) } } /** An `stloc.1` instruction. */ class Stloc_1 extends LocalVariableWriteAccess, @cil_stloc_1 { override string getOpcodeName() { result = "stloc.1" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(1) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(1) } } /** An `stloc.2` instruction. */ class Stloc_2 extends LocalVariableWriteAccess, @cil_stloc_2 { override string getOpcodeName() { result = "stloc.2" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(2) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(2) } } /** An `stloc.3` instruction. */ class Stloc_3 extends LocalVariableWriteAccess, @cil_stloc_3 { override string getOpcodeName() { result = "stloc.3" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(3) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(3) } } /** An `stloc.s` instruction. */ @@ -587,28 +590,28 @@ module Opcodes { class Ldloc_0 extends LocalVariableReadAccess, @cil_ldloc_0 { override string getOpcodeName() { result = "ldloc.0" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(0) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(0) } } /** An `ldloc.1` instruction. */ class Ldloc_1 extends LocalVariableReadAccess, @cil_ldloc_1 { override string getOpcodeName() { result = "ldloc.1" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(1) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(1) } } /** An `ldloc.2` instruction. */ class Ldloc_2 extends LocalVariableReadAccess, @cil_ldloc_2 { override string getOpcodeName() { result = "ldloc.2" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(2) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(2) } } /** An `ldloc.3` instruction. */ class Ldloc_3 extends LocalVariableReadAccess, @cil_ldloc_3 { override string getOpcodeName() { result = "ldloc.3" } - override LocalVariable getTarget() { result = getImplementation().getLocalVariable(3) } + override LocalVariable getTarget() { result = this.getImplementation().getLocalVariable(3) } } /** An `ldloc.s` instruction. */ @@ -617,7 +620,7 @@ module Opcodes { override LocalVariable getTarget() { cil_access(this, result) } - override string getExtra() { result = "L" + getTarget().getIndex() } + override string getExtra() { result = "L" + this.getTarget().getIndex() } } /** An `ldloca.s` instruction. */ @@ -626,7 +629,7 @@ module Opcodes { override LocalVariable getTarget() { cil_access(this, result) } - override string getExtra() { result = "L" + getTarget().getIndex() } + override string getExtra() { result = "L" + this.getTarget().getIndex() } } /** An `ldloc` instruction. */ @@ -635,7 +638,7 @@ module Opcodes { override LocalVariable getTarget() { cil_access(this, result) } - override string getExtra() { result = "L" + getTarget().getIndex() } + override string getExtra() { result = "L" + this.getTarget().getIndex() } } /** An `ldarg.0` instruction. */ @@ -643,7 +646,7 @@ module Opcodes { override string getOpcodeName() { result = "ldarg.0" } override MethodParameter getTarget() { - result = getImplementation().getMethod().getRawParameter(0) + result = this.getImplementation().getMethod().getRawParameter(0) } } @@ -652,7 +655,7 @@ module Opcodes { override string getOpcodeName() { result = "ldarg.1" } override MethodParameter getTarget() { - result = getImplementation().getMethod().getRawParameter(1) + result = this.getImplementation().getMethod().getRawParameter(1) } } @@ -661,7 +664,7 @@ module Opcodes { override string getOpcodeName() { result = "ldarg.2" } override MethodParameter getTarget() { - result = getImplementation().getMethod().getRawParameter(2) + result = this.getImplementation().getMethod().getRawParameter(2) } } @@ -670,7 +673,7 @@ module Opcodes { override string getOpcodeName() { result = "ldarg.3" } override MethodParameter getTarget() { - result = getImplementation().getMethod().getRawParameter(3) + result = this.getImplementation().getMethod().getRawParameter(3) } } @@ -710,7 +713,7 @@ module Opcodes { override int getPopCount() { result = 1 } - override Expr getQualifier() { result = getOperand(0) } + override Expr getQualifier() { result = this.getOperand(0) } } /** An `ldflda` instruction. */ @@ -719,7 +722,7 @@ module Opcodes { override int getPopCount() { result = 1 } - override Expr getQualifier() { result = getOperand(0) } + override Expr getQualifier() { result = this.getOperand(0) } } /** An `ldsfld` instruction. */ @@ -746,9 +749,9 @@ module Opcodes { override int getPopCount() { result = 2 } - override Expr getQualifier() { result = getOperand(1) } + override Expr getQualifier() { result = this.getOperand(1) } - override Expr getExpr() { result = getOperand(0) } + override Expr getExpr() { result = this.getOperand(0) } } /** An `stsfld` instruction. */ @@ -759,7 +762,7 @@ module Opcodes { override Expr getQualifier() { none() } - override Expr getExpr() { result = getOperand(0) } + override Expr getExpr() { result = this.getOperand(0) } } /** A `newobj` instruction. */ @@ -772,7 +775,7 @@ module Opcodes { override Type getType() { result = this.getTarget().getDeclaringType() } - override Expr getArgument(int i) { result = getRawArgument(i) } + override Expr getArgument(int i) { result = this.getRawArgument(i) } pragma[noinline] private Parameter getARawTargetParameter() { result = this.getTarget().getARawParameter() } @@ -796,21 +799,21 @@ module Opcodes { class Box extends UnaryExpr, @cil_box { override string getOpcodeName() { result = "box" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `unbox.any` instruction. */ class Unbox_any extends UnaryExpr, @cil_unbox_any { override string getOpcodeName() { result = "unbox.any" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `unbox` instruction. */ class Unbox extends UnaryExpr, @cil_unbox { override string getOpcodeName() { result = "unbox" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `ldobj` instruction. */ @@ -820,7 +823,7 @@ module Opcodes { /** Gets the type of the object. */ Type getTarget() { cil_access(this, result) } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `ldtoken` instruction. */ @@ -867,31 +870,31 @@ module Opcodes { // Note that this is technically wrong - it should be // result.(ArrayType).getElementType() = getAccess() // However the (ArrayType) may not be in the database. - result = getAccess() + result = this.getAccess() } - override string getExtra() { result = getType().getQualifiedName() } + override string getExtra() { result = this.getType().getQualifiedName() } } /** An `ldelem` instruction. */ class Ldelem extends ReadArrayElement, @cil_ldelem { override string getOpcodeName() { result = "ldelem" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `ldelem.ref` instruction. */ class Ldelem_ref extends ReadArrayElement, @cil_ldelem_ref { override string getOpcodeName() { result = "ldelem.ref" } - override Type getType() { result = getArray().getType() } + override Type getType() { result = this.getArray().getType() } } /** An `ldelema` instruction. */ class Ldelema extends ReadArrayElement, ReadRef, @cil_ldelema { override string getOpcodeName() { result = "ldelema" } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** An `stelem.ref` instruction. */ @@ -1410,7 +1413,7 @@ module Opcodes { override int getPopCount() { result = 1 } - override Type getType() { result = getAccess() } + override Type getType() { result = this.getAccess() } } /** A `refanytype` instruction. */ diff --git a/csharp/ql/lib/semmle/code/cil/Method.qll b/csharp/ql/lib/semmle/code/cil/Method.qll index 82bde17a477..461a020972b 100644 --- a/csharp/ql/lib/semmle/code/cil/Method.qll +++ b/csharp/ql/lib/semmle/code/cil/Method.qll @@ -28,13 +28,13 @@ class MethodImplementation extends EntryPoint, @cil_method_implementation { LocalVariable getLocalVariable(int n) { cil_local_variable(result, this, n, _) } /** Gets a local variable of this implementation, if any. */ - LocalVariable getALocalVariable() { result = getLocalVariable(_) } + LocalVariable getALocalVariable() { result = this.getLocalVariable(_) } /** Gets an instruction in this implementation, if any. */ - Instruction getAnInstruction() { result = getInstruction(_) } + Instruction getAnInstruction() { result = this.getInstruction(_) } /** Gets the total number of instructions in this implementation. */ - int getNumberOfInstructions() { result = count(getAnInstruction()) } + int getNumberOfInstructions() { result = count(this.getAnInstruction()) } /** Gets the `i`th handler in this implementation. */ Handler getHandler(int i) { result.getImplementation() = this and result.getIndex() = i } @@ -49,7 +49,7 @@ class MethodImplementation extends EntryPoint, @cil_method_implementation { /** Gets the maximum stack size of this implementation. */ int getStackSize() { cil_method_stack_size(this, result) } - override string toString() { result = getMethod().toString() } + override string toString() { result = this.getMethod().toString() } /** Gets a string representing the disassembly of this implementation. */ string getDisassembly() { @@ -75,13 +75,13 @@ class Method extends DotNet::Callable, Element, Member, TypeContainer, DataFlowN MethodImplementation getAnImplementation() { result.getMethod() = this } /** Gets the "best" implementation of this method, if any. */ - BestImplementation getImplementation() { result = getAnImplementation() } + BestImplementation getImplementation() { result = this.getAnImplementation() } override Method getMethod() { result = this } override string getName() { cil_method(this, result, _, _) } - override string getUndecoratedName() { result = getName() } + override string getUndecoratedName() { result = this.getName() } override string toString() { result = this.getName() } @@ -92,25 +92,29 @@ class Method extends DotNet::Callable, Element, Member, TypeContainer, DataFlowN override Location getALocation() { cil_method_location(this.getUnboundDeclaration(), result) } override MethodParameter getParameter(int n) { - if isStatic() then result = getRawParameter(n) else (result = getRawParameter(n + 1) and n >= 0) + if this.isStatic() + then result = this.getRawParameter(n) + else ( + result = this.getRawParameter(n + 1) and n >= 0 + ) } - override Type getType() { result = getReturnType() } + override Type getType() { result = this.getReturnType() } /** Gets the return type of this method. */ override Type getReturnType() { cil_method(this, _, _, result) } /** Holds if the return type is `void`. */ - predicate returnsVoid() { getReturnType() instanceof VoidType } + predicate returnsVoid() { this.getReturnType() instanceof VoidType } /** Gets the number of stack items pushed in a call to this method. */ - int getCallPushCount() { if returnsVoid() then result = 0 else result = 1 } + int getCallPushCount() { if this.returnsVoid() then result = 0 else result = 1 } /** Gets the number of stack items popped in a call to this method. */ - int getCallPopCount() { result = count(getRawParameter(_)) } + int getCallPopCount() { result = count(this.getRawParameter(_)) } /** Gets a method called by this method. */ - Method getACallee() { result = getImplementation().getAnInstruction().(Call).getTarget() } + Method getACallee() { result = this.getImplementation().getAnInstruction().(Call).getTarget() } /** Holds if this method is `virtual`. */ predicate isVirtual() { cil_virtual(this) } @@ -129,43 +133,45 @@ class Method extends DotNet::Callable, Element, Member, TypeContainer, DataFlowN /** Gets the unbound declaration of this method, or the method itself. */ Method getUnboundMethod() { cil_method_source_declaration(this, result) } - override Method getUnboundDeclaration() { result = getUnboundMethod() } + override Method getUnboundDeclaration() { result = this.getUnboundMethod() } /** Holds if this method is an instance constructor. */ - predicate isInstanceConstructor() { isSpecial() and getName() = ".ctor" } + predicate isInstanceConstructor() { this.isSpecial() and this.getName() = ".ctor" } /** Holds if this method is a static class constructor. */ - predicate isStaticConstructor() { isSpecial() and getName() = ".cctor" } + predicate isStaticConstructor() { this.isSpecial() and this.getName() = ".cctor" } /** Holds if this method is a constructor (static or instance). */ - predicate isConstructor() { isStaticConstructor() or isInstanceConstructor() } + predicate isConstructor() { this.isStaticConstructor() or this.isInstanceConstructor() } /** Holds if this method is a destructor/finalizer. */ - predicate isFinalizer() { getOverriddenMethod*().getQualifiedName() = "System.Object.Finalize" } + predicate isFinalizer() { + this.getOverriddenMethod*().getQualifiedName() = "System.Object.Finalize" + } /** Holds if this method is an operator. */ - predicate isOperator() { isSpecial() and getName().matches("op\\_%") } + predicate isOperator() { this.isSpecial() and this.getName().matches("op\\_%") } /** Holds if this method is a getter. */ - predicate isGetter() { isSpecial() and getName().matches("get\\_%") } + predicate isGetter() { this.isSpecial() and this.getName().matches("get\\_%") } /** Holds if this method is a setter. */ - predicate isSetter() { isSpecial() and getName().matches("set\\_%") } + predicate isSetter() { this.isSpecial() and this.getName().matches("set\\_%") } /** Holds if this method is an adder/add event accessor. */ - predicate isAdder() { isSpecial() and getName().matches("add\\_%") } + predicate isAdder() { this.isSpecial() and this.getName().matches("add\\_%") } /** Holds if this method is a remover/remove event accessor. */ - predicate isRemove() { isSpecial() and getName().matches("remove\\_%") } + predicate isRemove() { this.isSpecial() and this.getName().matches("remove\\_%") } /** Holds if this method is an implicit conversion operator. */ - predicate isImplicitConversion() { isSpecial() and getName() = "op_Implicit" } + predicate isImplicitConversion() { this.isSpecial() and this.getName() = "op_Implicit" } /** Holds if this method is an explicit conversion operator. */ - predicate isExplicitConversion() { isSpecial() and getName() = "op_Explicit" } + predicate isExplicitConversion() { this.isSpecial() and this.getName() = "op_Explicit" } /** Holds if this method is a conversion operator. */ - predicate isConversion() { isImplicitConversion() or isExplicitConversion() } + predicate isConversion() { this.isImplicitConversion() or this.isExplicitConversion() } /** * Gets a method that is overridden, either in a base class @@ -176,7 +182,7 @@ class Method extends DotNet::Callable, Element, Member, TypeContainer, DataFlowN /** Gets a method that overrides this method, if any. */ final Method getAnOverrider() { result.getOverriddenMethod() = this } - override predicate hasBody() { exists(getImplementation()) } + override predicate hasBody() { exists(this.getImplementation()) } override predicate canReturn(DotNet::Expr expr) { exists(Return ret | ret.getImplementation() = this.getImplementation() and expr = ret.getExpr()) @@ -206,7 +212,7 @@ class InstanceConstructor extends Constructor { /** A method that always returns the `this` parameter. */ class ChainingMethod extends Method { ChainingMethod() { - forex(Return ret | ret = getImplementation().getAnInstruction() | + forex(Return ret | ret = this.getImplementation().getAnInstruction() | ret.getExpr() instanceof ThisAccess ) } @@ -231,7 +237,7 @@ class Getter extends Accessor { */ class TrivialGetter extends Method { TrivialGetter() { - exists(MethodImplementation impl | impl = getAnImplementation() | + exists(MethodImplementation impl | impl = this.getAnImplementation() | impl.getInstruction(0) instanceof ThisAccess and impl.getInstruction(1) instanceof FieldReadAccess and impl.getInstruction(2) instanceof Return @@ -239,7 +245,9 @@ class TrivialGetter extends Method { } /** Gets the underlying field of this getter. */ - Field getField() { getImplementation().getAnInstruction().(FieldReadAccess).getTarget() = result } + Field getField() { + this.getImplementation().getAnInstruction().(FieldReadAccess).getTarget() = result + } } /** A setter. */ @@ -262,7 +270,7 @@ class Setter extends Accessor { */ class TrivialSetter extends Method { TrivialSetter() { - exists(MethodImplementation impl | impl = getImplementation() | + exists(MethodImplementation impl | impl = this.getImplementation() | impl.getInstruction(0) instanceof ThisAccess and impl.getInstruction(1).(ParameterReadAccess).getTarget().getIndex() = 1 and impl.getInstruction(2) instanceof FieldWriteAccess @@ -271,7 +279,7 @@ class TrivialSetter extends Method { /** Gets the underlying field of this setter. */ Field getField() { - result = getImplementation().getAnInstruction().(FieldWriteAccess).getTarget() + result = this.getImplementation().getAnInstruction().(FieldWriteAccess).getTarget() } } @@ -283,5 +291,5 @@ class Operator extends Method { Operator() { this.isOperator() } /** Gets the name of the implementing method (for compatibility with C# data model). */ - string getFunctionName() { result = getName() } + string getFunctionName() { result = this.getName() } } diff --git a/csharp/ql/lib/semmle/code/cil/Type.qll b/csharp/ql/lib/semmle/code/cil/Type.qll index a081d62b7ee..7aeaf9a6495 100644 --- a/csharp/ql/lib/semmle/code/cil/Type.qll +++ b/csharp/ql/lib/semmle/code/cil/Type.qll @@ -19,7 +19,7 @@ class TypeContainer extends DotNet::NamedElement, @cil_type_container { /** A namespace. */ class Namespace extends DotNet::Namespace, TypeContainer, @namespace { - override string toString() { result = getQualifiedName() } + override string toString() { result = this.getQualifiedName() } override Namespace getParent() { result = this.getParentNamespace() } @@ -39,7 +39,7 @@ class Type extends DotNet::Type, Declaration, TypeContainer, @cil_type { override string toString() { result = this.getName() } /** Gets the containing type of this type, if any. */ - override Type getDeclaringType() { result = getParent() } + override Type getDeclaringType() { result = this.getParent() } /** Gets a member of this type, if any. */ Member getAMember() { result.getDeclaringType() = this } @@ -96,13 +96,13 @@ class Type extends DotNet::Type, Declaration, TypeContainer, @cil_type { Type getABaseInterface() { cil_base_interface(this, result) } /** Gets an immediate base type of this type, if any. */ - Type getABaseType() { result = getBaseClass() or result = getABaseInterface() } + Type getABaseType() { result = this.getBaseClass() or result = this.getABaseInterface() } /** Gets an immediate subtype of this type, if any. */ Type getASubtype() { result.getABaseType() = this } /** Gets the namespace directly containing this type, if any. */ - Namespace getNamespace() { result = getParent() } + Namespace getNamespace() { result = this.getParent() } /** * Gets an index for implicit conversions. A type can be converted to another numeric type diff --git a/csharp/ql/lib/semmle/code/cil/Types.qll b/csharp/ql/lib/semmle/code/cil/Types.qll index d4d9342b73d..1dfaa0191a1 100644 --- a/csharp/ql/lib/semmle/code/cil/Types.qll +++ b/csharp/ql/lib/semmle/code/cil/Types.qll @@ -12,7 +12,7 @@ class TypeParameter extends DotNet::TypeParameter, Type, @cil_typeparameter { /** Gets the generic type/method declaring this type parameter. */ TypeContainer getGeneric() { cil_type_parameter(result, _, this) } - override Location getLocation() { result = getParent().getLocation() } + override Location getLocation() { result = this.getParent().getLocation() } /** Holds if this type parameter has the `new` constraint. */ predicate isDefaultConstructible() { cil_typeparam_new(this) } @@ -34,11 +34,11 @@ class TypeParameter extends DotNet::TypeParameter, Type, @cil_typeparameter { /** A value or reference type. */ class ValueOrRefType extends DotNet::ValueOrRefType, Type, @cil_valueorreftype { - override ValueOrRefType getDeclaringType() { result = getParent() } + override ValueOrRefType getDeclaringType() { result = this.getParent() } override string getUndecoratedName() { cil_type(this, result, _, _, _) } - override Namespace getDeclaringNamespace() { result = getNamespace() } + override Namespace getDeclaringNamespace() { result = this.getNamespace() } override ValueOrRefType getABaseType() { result = Type.super.getABaseType() } } @@ -79,7 +79,7 @@ class ArrayType extends DotNet::ArrayType, Type, @cil_array_type { override string toStringWithTypes() { result = DotNet::ArrayType.super.toStringWithTypes() } - override Location getLocation() { result = getElementType().getLocation() } + override Location getLocation() { result = this.getElementType().getLocation() } override ValueOrRefType getABaseType() { result = Type.super.getABaseType() } } @@ -92,7 +92,7 @@ class PointerType extends DotNet::PointerType, PrimitiveType, @cil_pointer_type override string getName() { result = DotNet::PointerType.super.getName() } - override Location getLocation() { result = getReferentType().getLocation() } + override Location getLocation() { result = this.getReferentType().getLocation() } override string toString() { result = DotNet::PointerType.super.toString() } @@ -312,13 +312,13 @@ class FunctionPointerType extends Type, CustomModifierReceiver, Parameterizable, override string toString() { result = Type.super.toString() } /** Holds if the return type is `void`. */ - predicate returnsVoid() { getReturnType() instanceof VoidType } + predicate returnsVoid() { this.getReturnType() instanceof VoidType } /** Gets the number of stack items pushed in a call to this method. */ - int getCallPushCount() { if returnsVoid() then result = 0 else result = 1 } + int getCallPushCount() { if this.returnsVoid() then result = 0 else result = 1 } /** Gets the number of stack items popped in a call to this method. */ - int getCallPopCount() { result = count(getRawParameter(_)) } + int getCallPopCount() { result = count(this.getRawParameter(_)) } - override string getLabel() { result = getName() } + override string getLabel() { result = this.getName() } } diff --git a/csharp/ql/lib/semmle/code/cil/Variable.qll b/csharp/ql/lib/semmle/code/cil/Variable.qll index 3a247e1f0d1..604f2c2b646 100644 --- a/csharp/ql/lib/semmle/code/cil/Variable.qll +++ b/csharp/ql/lib/semmle/code/cil/Variable.qll @@ -17,10 +17,10 @@ class Variable extends DotNet::Variable, Declaration, DataFlowNode, @cil_variabl VariableAccess getAnAccess() { result.getTarget() = this } /** Gets a read access to this variable, if any. */ - ReadAccess getARead() { result = getAnAccess() } + ReadAccess getARead() { result = this.getAnAccess() } /** Gets a write access to this variable, if any. */ - WriteAccess getAWrite() { result = getAnAccess() } + WriteAccess getAWrite() { result = this.getAnAccess() } override string toString() { result = Declaration.super.toString() } @@ -40,20 +40,21 @@ class StackVariable extends Variable, @cil_stack_variable { class LocalVariable extends StackVariable, @cil_local_variable { override string toString() { result = - "Local variable " + getIndex() + " of method " + getImplementation().getMethod().getName() + "Local variable " + this.getIndex() + " of method " + + this.getImplementation().getMethod().getName() } /** Gets the method implementation defining this local variable. */ MethodImplementation getImplementation() { this = result.getALocalVariable() } /** Gets the index number of this local variable. This is not usually significant. */ - int getIndex() { this = getImplementation().getLocalVariable(result) } + int getIndex() { this = this.getImplementation().getLocalVariable(result) } override Type getType() { cil_local_variable(this, _, _, result) } - override Location getLocation() { result = getImplementation().getLocation() } + override Location getLocation() { result = this.getImplementation().getLocation() } - override Method getMethod() { result = getImplementation().getMethod() } + override Method getMethod() { result = this.getImplementation().getMethod() } } /** A parameter of a `Method` or `FunctionPointerType`. */ @@ -64,7 +65,7 @@ class Parameter extends DotNet::Parameter, CustomModifierReceiver, @cil_paramete int getIndex() { cil_parameter(this, _, result, _) } override string toString() { - result = "Parameter " + getIndex() + " of " + getDeclaringElement().getName() + result = "Parameter " + this.getIndex() + " of " + this.getDeclaringElement().getName() } override Type getType() { cil_parameter(this, _, _, result) } @@ -82,23 +83,25 @@ class Parameter extends DotNet::Parameter, CustomModifierReceiver, @cil_paramete predicate hasInFlag() { cil_parameter_in(this) } /** Holds if this parameter has C# `out` semantics. */ - override predicate isOut() { hasOutFlag() and not hasInFlag() } + override predicate isOut() { this.hasOutFlag() and not this.hasInFlag() } /** Holds if this parameter has C# `ref` semantics. */ - override predicate isRef() { hasOutFlag() and hasInFlag() } + override predicate isRef() { this.hasOutFlag() and this.hasInFlag() } - override string toStringWithTypes() { result = getPrefix() + getType().toStringWithTypes() } + override string toStringWithTypes() { + result = this.getPrefix() + this.getType().toStringWithTypes() + } private string getPrefix() { - if isOut() + if this.isOut() then result = "out " else - if isRef() + if this.isRef() then result = "ref " else result = "" } - override Location getLocation() { result = getDeclaringElement().getLocation() } + override Location getLocation() { result = this.getDeclaringElement().getLocation() } } /** A method parameter. */ @@ -110,11 +113,11 @@ class MethodParameter extends Parameter, StackVariable { /** Gets a parameter in an overridden method. */ MethodParameter getOverriddenParameter() { - result = getMethod().getOverriddenMethod().getRawParameter(getRawPosition()) + result = this.getMethod().getOverriddenMethod().getRawParameter(this.getRawPosition()) } override MethodParameter getUnboundDeclaration() { - result = getMethod().getUnboundDeclaration().getRawParameter(getRawPosition()) + result = this.getMethod().getUnboundDeclaration().getRawParameter(this.getRawPosition()) } override string toString() { result = Parameter.super.toString() } @@ -136,10 +139,10 @@ class ThisParameter extends MethodParameter { /** A field. */ class Field extends DotNet::Field, Variable, Member, CustomModifierReceiver, @cil_field { - override string toString() { result = getName() } + override string toString() { result = this.getName() } override string toStringWithTypes() { - result = getDeclaringType().toStringWithTypes() + "." + getName() + result = this.getDeclaringType().toStringWithTypes() + "." + this.getName() } override string getName() { cil_field(this, _, result, _) } @@ -148,5 +151,5 @@ class Field extends DotNet::Field, Variable, Member, CustomModifierReceiver, @ci override ValueOrRefType getDeclaringType() { cil_field(this, result, _, _) } - override Location getLocation() { result = getDeclaringType().getLocation() } + override Location getLocation() { result = this.getDeclaringType().getLocation() } } diff --git a/csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll b/csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll index 37aa2b23410..8afdbd0d4a3 100644 --- a/csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll +++ b/csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll @@ -67,7 +67,7 @@ private module Annotations { Nullability() { this = TNullability(nullability) } - override string toString() { result = getMemberString() + getSelfNullability() } + override string toString() { result = this.getMemberString() + this.getSelfNullability() } language[monotonicAggregates] private string getMemberString() { @@ -125,7 +125,9 @@ private module Annotations { } /** Gets a textual representation of this type annotation. */ - string toString() { result = getTypePrefix() + getNullability() + getTypeSuffix() } + string toString() { + result = this.getTypePrefix() + this.getNullability() + this.getTypeSuffix() + } private int getFlags() { this = TAnnotationFlags(result, _) } @@ -136,7 +138,7 @@ private module Annotations { /** Gets an annotation in this set of annotations. */ TypeAnnotation getAnAnnotation() { - isSet(result.getBit()) + this.isSet(result.getBit()) or result = this.getNullability() } @@ -298,7 +300,7 @@ class AnnotatedType extends TAnnotatedType { /** Gets a textual representation of this annotated type. */ string toString() { result = - annotations.getTypePrefix() + getUnderlyingType().toStringWithTypes() + + annotations.getTypePrefix() + this.getUnderlyingType().toStringWithTypes() + annotations.getTypeSuffix() } @@ -327,7 +329,7 @@ class AnnotatedType extends TAnnotatedType { /** Gets a type annotation of this annotated type. */ private Annotations::TypeAnnotation getAnAnnotation() { - result = getAnnotations().getAnAnnotation() + result = this.getAnnotations().getAnAnnotation() } /** Holds if the type is a non-nullable reference, for example, `string` in a nullable-enabled context. */ @@ -376,7 +378,7 @@ class AnnotatedArrayType extends AnnotatedType { private string getDimensionString(AnnotatedType elementType) { exists(AnnotatedType et, string res | - et = getElementType() and + et = this.getElementType() and res = type.getArraySuffix() and if et.getUnderlyingType() instanceof ArrayType and not et.isNullableRefType() then result = res + et.(AnnotatedArrayType).getDimensionString(elementType) diff --git a/csharp/ql/lib/semmle/code/csharp/Attribute.qll b/csharp/ql/lib/semmle/code/csharp/Attribute.qll index 06fbda2a150..dae9f8a9fad 100644 --- a/csharp/ql/lib/semmle/code/csharp/Attribute.qll +++ b/csharp/ql/lib/semmle/code/csharp/Attribute.qll @@ -89,7 +89,7 @@ class Attribute extends TopLevelExprParent, @attribute { override Location getALocation() { attribute_location(this, result) } override string toString() { - exists(string type, string name | type = getType().getName() | + exists(string type, string name | type = this.getType().getName() | (if type.matches("%Attribute") then name = type.prefix(type.length() - 9) else name = type) and result = "[" + name + "(...)]" ) diff --git a/csharp/ql/lib/semmle/code/csharp/Callable.qll b/csharp/ql/lib/semmle/code/csharp/Callable.qll index 133ae86d551..41641a9d032 100644 --- a/csharp/ql/lib/semmle/code/csharp/Callable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Callable.qll @@ -117,7 +117,7 @@ class Callable extends DotNet::Callable, Parameterizable, ExprOrStmtParent, @cal final BlockStmt getAStatementBody() { result = this.getStatementBody() } /** Holds if this callable has a statement body. */ - final predicate hasStatementBody() { exists(getStatementBody()) } + final predicate hasStatementBody() { exists(this.getStatementBody()) } /** * Gets the expression body of this callable (if any), specified by `=>`. @@ -157,7 +157,7 @@ class Callable extends DotNet::Callable, Parameterizable, ExprOrStmtParent, @cal deprecated final Expr getAnExpressionBody() { result = this.getExpressionBody() } /** Holds if this callable has an expression body. */ - final predicate hasExpressionBody() { exists(getExpressionBody()) } + final predicate hasExpressionBody() { exists(this.getExpressionBody()) } /** Gets the entry point in the control graph for this callable. */ ControlFlow::Nodes::EntryNode getEntryPoint() { result.getCallable() = this } @@ -218,7 +218,9 @@ class Callable extends DotNet::Callable, Parameterizable, ExprOrStmtParent, @cal exists(YieldReturnStmt yield | yield.getEnclosingCallable() = this | e = yield.getExpr()) } - override string toStringWithTypes() { result = getName() + "(" + parameterTypesToString() + ")" } + override string toStringWithTypes() { + result = this.getName() + "(" + this.parameterTypesToString() + ")" + } /** Gets a `Call` that has this callable as a target. */ Call getACall() { this = result.getTarget() } @@ -270,18 +272,18 @@ class Method extends Callable, Virtualizable, Attributable, @method { override Location getALocation() { method_location(this, result) } /** Holds if this method is an extension method. */ - predicate isExtensionMethod() { getParameter(0).hasExtensionMethodModifier() } + predicate isExtensionMethod() { this.getParameter(0).hasExtensionMethodModifier() } /** Gets the type of the `params` parameter of this method, if any. */ Type getParamsType() { - exists(Parameter last | last = getParameter(getNumberOfParameters() - 1) | + exists(Parameter last | last = this.getParameter(this.getNumberOfParameters() - 1) | last.isParams() and result = last.getType().(ArrayType).getElementType() ) } /** Holds if this method has a `params` parameter. */ - predicate hasParams() { exists(getParamsType()) } + predicate hasParams() { exists(this.getParamsType()) } // Remove when `Callable.isOverridden()` is removed override predicate isOverridden() { Virtualizable.super.isOverridden() } @@ -316,7 +318,7 @@ class ExtensionMethod extends Method { /** Gets the type being extended by this method. */ pragma[noinline] - Type getExtendedType() { result = getParameter(0).getType() } + Type getExtendedType() { result = this.getParameter(0).getType() } override string getAPrimaryQlClass() { result = "ExtensionMethod" } } @@ -355,7 +357,7 @@ class Constructor extends DotNet::Constructor, Callable, Member, Attributable, @ ConstructorInitializer getInitializer() { result = this.getChildExpr(-1) } /** Holds if this constructor has an initializer. */ - predicate hasInitializer() { exists(getInitializer()) } + predicate hasInitializer() { exists(this.getInitializer()) } override ValueOrRefType getDeclaringType() { constructors(this, _, result, _) } @@ -467,7 +469,7 @@ class Operator extends Callable, Member, Attributable, @operator { override string toString() { result = Callable.super.toString() } - override Parameter getRawParameter(int i) { result = getParameter(i) } + override Parameter getRawParameter(int i) { result = this.getParameter(i) } } /** A clone method on a record. */ @@ -999,10 +1001,10 @@ class LocalFunction extends Callable, Modifiable, Attributable, @local_function override Type getReturnType() { local_functions(this, _, result, _) } - override Element getParent() { result = getStatement().getParent() } + override Element getParent() { result = this.getStatement().getParent() } /** Gets the local function statement defining this function. */ - LocalFunctionStmt getStatement() { result.getLocalFunction() = getUnboundDeclaration() } + LocalFunctionStmt getStatement() { result.getLocalFunction() = this.getUnboundDeclaration() } override Callable getEnclosingCallable() { result = this.getStatement().getEnclosingCallable() } @@ -1011,9 +1013,9 @@ class LocalFunction extends Callable, Modifiable, Attributable, @local_function name = this.getName() } - override Location getALocation() { result = getStatement().getALocation() } + override Location getALocation() { result = this.getStatement().getALocation() } - override Parameter getRawParameter(int i) { result = getParameter(i) } + override Parameter getRawParameter(int i) { result = this.getParameter(i) } override string getAPrimaryQlClass() { result = "LocalFunction" } diff --git a/csharp/ql/lib/semmle/code/csharp/Element.qll b/csharp/ql/lib/semmle/code/csharp/Element.qll index fbd96f6086d..390a7b16632 100644 --- a/csharp/ql/lib/semmle/code/csharp/Element.qll +++ b/csharp/ql/lib/semmle/code/csharp/Element.qll @@ -31,7 +31,7 @@ class Element extends DotNet::Element, @element { Element getParent() { result.getAChild() = this } /** Gets a child of this element, if any. */ - Element getAChild() { result = getChild(_) } + Element getAChild() { result = this.getChild(_) } /** Gets the `i`th child of this element (zero-based). */ Element getChild(int i) { none() } diff --git a/csharp/ql/lib/semmle/code/csharp/Event.qll b/csharp/ql/lib/semmle/code/csharp/Event.qll index 7cbfda76877..810cffa927a 100644 --- a/csharp/ql/lib/semmle/code/csharp/Event.qll +++ b/csharp/ql/lib/semmle/code/csharp/Event.qll @@ -29,10 +29,10 @@ class Event extends DeclarationWithAccessors, @event { EventAccessor getAnEventAccessor() { result.getDeclaration() = this } /** Gets the `add` accessor of this event, if any. */ - AddEventAccessor getAddEventAccessor() { result = getAnEventAccessor() } + AddEventAccessor getAddEventAccessor() { result = this.getAnEventAccessor() } /** Gets the `remove` accessor of this event, if any. */ - RemoveEventAccessor getRemoveEventAccessor() { result = getAnEventAccessor() } + RemoveEventAccessor getRemoveEventAccessor() { result = this.getAnEventAccessor() } /** * Holds if this event can be used like a field within its declaring type @@ -111,9 +111,9 @@ class EventAccessor extends Accessor, @event_accessor { * ``` */ class AddEventAccessor extends EventAccessor, @add_event_accessor { - override string getName() { result = "add" + "_" + getDeclaration().getName() } + override string getName() { result = "add" + "_" + this.getDeclaration().getName() } - override string getUndecoratedName() { result = "add" + "_" + getDeclaration().getName() } + override string getUndecoratedName() { result = "add" + "_" + this.getDeclaration().getName() } override string getAPrimaryQlClass() { result = "AddEventAccessor" } } @@ -132,9 +132,9 @@ class AddEventAccessor extends EventAccessor, @add_event_accessor { * ``` */ class RemoveEventAccessor extends EventAccessor, @remove_event_accessor { - override string getName() { result = "remove" + "_" + getDeclaration().getName() } + override string getName() { result = "remove" + "_" + this.getDeclaration().getName() } - override string getUndecoratedName() { result = "remove" + "_" + getDeclaration().getName() } + override string getUndecoratedName() { result = "remove" + "_" + this.getDeclaration().getName() } override string getAPrimaryQlClass() { result = "RemoveEventAccessor" } } diff --git a/csharp/ql/lib/semmle/code/csharp/File.qll b/csharp/ql/lib/semmle/code/csharp/File.qll index df9ce6f3cf6..55fd2ccdc81 100644 --- a/csharp/ql/lib/semmle/code/csharp/File.qll +++ b/csharp/ql/lib/semmle/code/csharp/File.qll @@ -47,7 +47,7 @@ class Container extends @container { */ string getRelativePath() { exists(string absPath, string pref | - absPath = getAbsolutePath() and sourceLocationPrefix(pref) + absPath = this.getAbsolutePath() and sourceLocationPrefix(pref) | absPath = pref and result = "" or @@ -74,7 +74,7 @@ class Container extends @container { * */ string getBaseName() { - result = getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) + result = this.getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) } /** @@ -100,7 +100,9 @@ class Container extends @container { * "/tmp/x.tar.gz""gz" * */ - string getExtension() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) } + string getExtension() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) + } /** * Gets the stem of this container, that is, the prefix of its base name up to @@ -119,7 +121,9 @@ class Container extends @container { * "/tmp/x.tar.gz""x.tar" * */ - string getStem() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) } + string getStem() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) + } /** Gets the parent container of this file or folder, if any. */ Container getParentContainer() { containerparent(result, this) } @@ -128,52 +132,52 @@ class Container extends @container { Container getAChildContainer() { this = result.getParentContainer() } /** Gets a file in this container. */ - File getAFile() { result = getAChildContainer() } + File getAFile() { result = this.getAChildContainer() } /** Gets the file in this container that has the given `baseName`, if any. */ File getFile(string baseName) { - result = getAFile() and + result = this.getAFile() and result.getBaseName() = baseName } /** Gets a sub-folder in this container. */ - Folder getAFolder() { result = getAChildContainer() } + Folder getAFolder() { result = this.getAChildContainer() } /** Gets the sub-folder in this container that has the given `baseName`, if any. */ Folder getFolder(string baseName) { - result = getAFolder() and + result = this.getAFolder() and result.getBaseName() = baseName } /** Gets the file or sub-folder in this container that has the given `name`, if any. */ Container getChildContainer(string name) { - result = getAChildContainer() and + result = this.getAChildContainer() and result.getBaseName() = name } /** Gets the file in this container that has the given `stem` and `extension`, if any. */ File getFile(string stem, string extension) { - result = getAChildContainer() and + result = this.getAChildContainer() and result.getStem() = stem and result.getExtension() = extension } /** Gets a sub-folder contained in this container. */ - Folder getASubFolder() { result = getAChildContainer() } + Folder getASubFolder() { result = this.getAChildContainer() } /** * Gets a textual representation of the path of this container. * * This is the absolute path of the container. */ - string toString() { result = getAbsolutePath() } + string toString() { result = this.getAbsolutePath() } } /** A folder. */ class Folder extends Container, @folder { override string getAbsolutePath() { folders(this, result) } - override string getURL() { result = "folder://" + getAbsolutePath() } + override string getURL() { result = "folder://" + this.getAbsolutePath() } } /** A file. */ diff --git a/csharp/ql/lib/semmle/code/csharp/Generics.qll b/csharp/ql/lib/semmle/code/csharp/Generics.qll index 25a3679715b..9190523e3c0 100644 --- a/csharp/ql/lib/semmle/code/csharp/Generics.qll +++ b/csharp/ql/lib/semmle/code/csharp/Generics.qll @@ -71,14 +71,14 @@ class ConstructedGeneric extends DotNet::ConstructedGeneric, Generic { override UnboundGeneric getUnboundGeneric() { constructed_generic(this, result) } override UnboundGeneric getUnboundDeclaration() { - result = getUnboundGeneric().getUnboundDeclaration() + result = this.getUnboundGeneric().getUnboundDeclaration() } override int getNumberOfTypeArguments() { result = count(int i | type_arguments(_, i, this)) } override Type getTypeArgument(int i) { none() } - override Type getATypeArgument() { result = getTypeArgument(_) } + override Type getATypeArgument() { result = this.getTypeArgument(_) } /** Gets the annotated type of type argument `i`. */ final AnnotatedType getAnnotatedTypeArgument(int i) { result.appliesToTypeArgument(this, i) } @@ -141,7 +141,7 @@ class UnboundGenericType extends ValueOrRefType, UnboundGeneric { result = ValueOrRefType.super.getUnboundDeclaration() } - final override Type getChild(int n) { result = getTypeParameter(n) } + final override Type getChild(int n) { result = this.getTypeParameter(n) } override string toStringWithTypes() { result = this.getUndecoratedName() + "<" + getTypeParametersToString(this) + ">" @@ -173,7 +173,7 @@ class TypeParameter extends DotNet::TypeParameter, Type, @type_parameter { TypeParameterConstraints getConstraints() { result.getTypeParameter() = this } override predicate isRefType() { - exists(TypeParameterConstraints tpc | tpc = getConstraints() | + exists(TypeParameterConstraints tpc | tpc = this.getConstraints() | tpc.hasRefTypeConstraint() or tpc.getATypeConstraint() instanceof Class or tpc.getATypeConstraint().(TypeParameter).isRefType() @@ -182,7 +182,7 @@ class TypeParameter extends DotNet::TypeParameter, Type, @type_parameter { } override predicate isValueType() { - exists(TypeParameterConstraints tpc | tpc = getConstraints() | + exists(TypeParameterConstraints tpc | tpc = this.getConstraints() | tpc.hasValueTypeConstraint() or tpc.getATypeConstraint().(TypeParameter).isValueType() ) @@ -219,9 +219,9 @@ class TypeParameter extends DotNet::TypeParameter, Type, @type_parameter { /** Gets a non-type-parameter type that was transitively supplied for this parameter. */ Type getAnUltimatelySuppliedType() { - result = getASuppliedType() and not result instanceof TypeParameter + result = this.getASuppliedType() and not result instanceof TypeParameter or - result = getASuppliedType().(TypeParameter).getAnUltimatelySuppliedType() + result = this.getASuppliedType().(TypeParameter).getAnUltimatelySuppliedType() } override int getIndex() { type_parameters(this, result, _, _) } @@ -376,8 +376,8 @@ class UnboundGenericDelegateType extends DelegateType, UnboundGenericType { override string toStringWithTypes() { result = - getUndecoratedName() + "<" + getTypeParametersToString(this) + ">(" + parameterTypesToString() - + ")" + this.getUndecoratedName() + "<" + getTypeParametersToString(this) + ">(" + + this.parameterTypesToString() + ")" } } @@ -404,7 +404,7 @@ class ConstructedType extends ValueOrRefType, ConstructedGeneric { override UnboundGenericType getUnboundGeneric() { constructed_generic(this, getTypeRef(result)) } - final override Type getChild(int n) { result = getTypeArgument(n) } + final override Type getChild(int n) { result = this.getTypeArgument(n) } final override string toStringWithTypes() { result = this.getUndecoratedName() + "<" + getTypeArgumentsToString(this) + ">" @@ -542,12 +542,12 @@ class UnboundGenericMethod extends Method, UnboundGeneric { override string toStringWithTypes() { result = - getUndecoratedName() + "<" + getTypeParametersToString(this) + ">" + "(" + - parameterTypesToString() + ")" + this.getUndecoratedName() + "<" + getTypeParametersToString(this) + ">" + "(" + + this.parameterTypesToString() + ")" } final override string getName() { - result = getUndecoratedName() + "<" + getTypeParameterCommas(this) + ">" + result = this.getUndecoratedName() + "<" + getTypeParameterCommas(this) + ">" } final override string getUndecoratedName() { methods(this, result, _, _, _) } @@ -580,8 +580,8 @@ class ConstructedMethod extends Method, ConstructedGeneric { override string toStringWithTypes() { result = - getUndecoratedName() + "<" + getTypeArgumentsToString(this) + ">" + "(" + - parameterTypesToString() + ")" + this.getUndecoratedName() + "<" + getTypeArgumentsToString(this) + ">" + "(" + + this.parameterTypesToString() + ")" } override UnboundGenericMethod getUnboundDeclaration() { @@ -589,12 +589,12 @@ class ConstructedMethod extends Method, ConstructedGeneric { } final override string getName() { - result = getUndecoratedName() + "<" + getTypeArgumentsNames(this) + ">" + result = this.getUndecoratedName() + "<" + getTypeArgumentsNames(this) + ">" } override predicate hasQualifiedName(string qualifier, string name) { - qualifier = getDeclaringType().getQualifiedName() and - name = getUndecoratedName() + "<" + getTypeArgumentsQualifiedNames(this) + ">" + qualifier = this.getDeclaringType().getQualifiedName() and + name = this.getUndecoratedName() + "<" + getTypeArgumentsQualifiedNames(this) + ">" } final override string getUndecoratedName() { methods(this, result, _, _, _) } diff --git a/csharp/ql/lib/semmle/code/csharp/Member.qll b/csharp/ql/lib/semmle/code/csharp/Member.qll index 9f8408621fc..40b887f052a 100644 --- a/csharp/ql/lib/semmle/code/csharp/Member.qll +++ b/csharp/ql/lib/semmle/code/csharp/Member.qll @@ -155,7 +155,9 @@ class Modifiable extends Declaration, @modifiable { * Holds if this declaration is effectively `public`, meaning that it can be * referenced outside the declaring assembly. */ - predicate isEffectivelyPublic() { not isEffectivelyPrivate() and not isEffectivelyInternal() } + predicate isEffectivelyPublic() { + not this.isEffectivelyPrivate() and not this.isEffectivelyInternal() + } } /** A declaration that is a member of a type. */ @@ -193,12 +195,12 @@ class Virtualizable extends Member, @virtualizable { override predicate isPublic() { Member.super.isPublic() or - implementsExplicitInterface() + this.implementsExplicitInterface() } override predicate isPrivate() { super.isPrivate() and - not implementsExplicitInterface() + not this.implementsExplicitInterface() } /** @@ -211,17 +213,17 @@ class Virtualizable extends Member, @virtualizable { /** * Holds if this member implements an interface member explicitly. */ - predicate implementsExplicitInterface() { exists(getExplicitlyImplementedInterface()) } + predicate implementsExplicitInterface() { exists(this.getExplicitlyImplementedInterface()) } /** Holds if this member can be overridden or implemented. */ predicate isOverridableOrImplementable() { - not isSealed() and - not getDeclaringType().isSealed() and + not this.isSealed() and + not this.getDeclaringType().isSealed() and ( - isVirtual() or - isOverride() or - isAbstract() or - getDeclaringType() instanceof Interface + this.isVirtual() or + this.isOverride() or + this.isAbstract() or + this.getDeclaringType() instanceof Interface ) } @@ -243,10 +245,10 @@ class Virtualizable extends Member, @virtualizable { Virtualizable getAnOverrider() { this = result.getOverridee() } /** Holds if this member is overridden by some other member. */ - predicate isOverridden() { exists(getAnOverrider()) } + predicate isOverridden() { exists(this.getAnOverrider()) } /** Holds if this member overrides another member. */ - predicate overrides() { exists(getOverridee()) } + predicate overrides() { exists(this.getOverridee()) } /** * Gets the interface member that is immediately implemented by this member, if any. @@ -274,7 +276,7 @@ class Virtualizable extends Member, @virtualizable { Virtualizable getImplementee(ValueOrRefType t) { implements(this, result, t) } /** Gets the interface member that is immediately implemented by this member, if any. */ - Virtualizable getImplementee() { result = getImplementee(_) } + Virtualizable getImplementee() { result = this.getImplementee(_) } /** * Gets a member that immediately implements this interface member, if any. @@ -338,8 +340,8 @@ class Virtualizable extends Member, @virtualizable { | this = implementation or - getOverridee+() = implementation and - getDeclaringType().getABaseType+() = implementationType + this.getOverridee+() = implementation and + this.getDeclaringType().getABaseType+() = implementationType ) } @@ -355,10 +357,10 @@ class Virtualizable extends Member, @virtualizable { Virtualizable getAnUltimateImplementor() { this = result.getAnUltimateImplementee() } /** Holds if this interface member is implemented by some other member. */ - predicate isImplemented() { exists(getAnImplementor()) } + predicate isImplemented() { exists(this.getAnImplementor()) } /** Holds if this member implements (transitively) an interface member. */ - predicate implements() { exists(getAnUltimateImplementee()) } + predicate implements() { exists(this.getAnUltimateImplementee()) } /** * Holds if this member overrides or implements (reflexively, transitively) @@ -366,8 +368,8 @@ class Virtualizable extends Member, @virtualizable { */ predicate overridesOrImplementsOrEquals(Virtualizable that) { this = that or - getOverridee+() = that or - getAnUltimateImplementee() = that + this.getOverridee+() = that or + this.getAnUltimateImplementee() = that } } @@ -386,7 +388,7 @@ class Parameterizable extends DotNet::Parameterizable, Declaration, @parameteriz */ private string parameterTypeToString(int i) { exists(Parameter p, string prefix | - p = getParameter(i) and + p = this.getParameter(i) and result = prefix + p.getType().toStringWithTypes() | if p.isOut() @@ -407,6 +409,7 @@ class Parameterizable extends DotNet::Parameterizable, Declaration, @parameteriz */ language[monotonicAggregates] string parameterTypesToString() { - result = concat(int i | exists(getParameter(i)) | parameterTypeToString(i), ", " order by i) + result = + concat(int i | exists(this.getParameter(i)) | this.parameterTypeToString(i), ", " order by i) } } diff --git a/csharp/ql/lib/semmle/code/csharp/Modifier.qll b/csharp/ql/lib/semmle/code/csharp/Modifier.qll index 0cf9b883430..39652070af3 100644 --- a/csharp/ql/lib/semmle/code/csharp/Modifier.qll +++ b/csharp/ql/lib/semmle/code/csharp/Modifier.qll @@ -19,5 +19,5 @@ class Modifier extends Element, @modifier { * An access modifier: `public`, `private`, `internal` or `protected`. */ class AccessModifier extends Modifier { - AccessModifier() { hasName(["public", "private", "internal", "protected"]) } + AccessModifier() { this.hasName(["public", "private", "internal", "protected"]) } } diff --git a/csharp/ql/lib/semmle/code/csharp/Preprocessor.qll b/csharp/ql/lib/semmle/code/csharp/Preprocessor.qll index daf4978da53..3342dd5c59c 100644 --- a/csharp/ql/lib/semmle/code/csharp/Preprocessor.qll +++ b/csharp/ql/lib/semmle/code/csharp/Preprocessor.qll @@ -289,7 +289,7 @@ class IfDirective extends ConditionalDirective, @directive_if { } /** Gets a sibling `#elif` or `#else` preprocessor directive. */ - BranchDirective getASiblingDirective() { result = getSiblingDirective(_) } + BranchDirective getASiblingDirective() { result = this.getSiblingDirective(_) } override string toString() { result = "#if ..." } diff --git a/csharp/ql/lib/semmle/code/csharp/PrintAst.qll b/csharp/ql/lib/semmle/code/csharp/PrintAst.qll index a701c7bfbf3..a3d36fba69d 100644 --- a/csharp/ql/lib/semmle/code/csharp/PrintAst.qll +++ b/csharp/ql/lib/semmle/code/csharp/PrintAst.qll @@ -171,7 +171,7 @@ class PrintAstNode extends TPrintAstNode { /** * Gets a child of this node. */ - final PrintAstNode getAChild() { result = getChild(_) } + final PrintAstNode getAChild() { result = this.getChild(_) } /** * Gets the parent of this node, if any. @@ -189,7 +189,7 @@ class PrintAstNode extends TPrintAstNode { */ string getProperty(string key) { key = "semmle.label" and - result = toString() + result = this.toString() } /** @@ -198,7 +198,7 @@ class PrintAstNode extends TPrintAstNode { * this. */ string getChildEdgeLabel(int childIndex) { - exists(getChild(childIndex)) and + exists(this.getChild(childIndex)) and result = childIndex.toString() } } diff --git a/csharp/ql/lib/semmle/code/csharp/Property.qll b/csharp/ql/lib/semmle/code/csharp/Property.qll index 5464142a085..a91ac6f13a4 100644 --- a/csharp/ql/lib/semmle/code/csharp/Property.qll +++ b/csharp/ql/lib/semmle/code/csharp/Property.qll @@ -53,10 +53,10 @@ class DeclarationWithAccessors extends AssignableMember, Virtualizable, Attribut class DeclarationWithGetSetAccessors extends DeclarationWithAccessors, TopLevelExprParent, @assignable_with_accessors { /** Gets the `get` accessor of this declaration, if any. */ - Getter getGetter() { result = getAnAccessor() } + Getter getGetter() { result = this.getAnAccessor() } /** Gets the `set` accessor of this declaration, if any. */ - Setter getSetter() { result = getAnAccessor() } + Setter getSetter() { result = this.getAnAccessor() } override DeclarationWithGetSetAccessors getOverridee() { result = DeclarationWithAccessors.super.getOverridee() @@ -182,10 +182,10 @@ class Property extends DotNet::Property, DeclarationWithGetSetAccessors, @proper or // For library types, we don't know about assignments in constructors. We instead assume that // arguments passed to parameters of constructors with suitable names. - getDeclaringType().fromLibrary() and + this.getDeclaringType().fromLibrary() and exists(Parameter param, Constructor c, string propertyName | - propertyName = getName() and - c = getDeclaringType().getAConstructor() and + propertyName = this.getName() and + c = this.getDeclaringType().getAConstructor() and param = c.getAParameter() and // Find a constructor parameter with the same name, but with a lower case initial letter. param.hasName(propertyName.charAt(0).toLowerCase() + propertyName.suffix(1)) @@ -256,7 +256,7 @@ class Indexer extends DeclarationWithGetSetAccessors, Parameterizable, @indexer override string getUndecoratedName() { indexers(this, result, _, _, _) } /** Gets the dimension of this indexer, that is, its number of parameters. */ - int getDimension() { result = getNumberOfParameters() } + int getDimension() { result = this.getNumberOfParameters() } override ValueOrRefType getDeclaringType() { indexers(this, _, result, _, _) } @@ -304,7 +304,9 @@ class Indexer extends DeclarationWithGetSetAccessors, Parameterizable, @indexer override Location getALocation() { indexer_location(this, result) } - override string toStringWithTypes() { result = getName() + "[" + parameterTypesToString() + "]" } + override string toStringWithTypes() { + result = this.getName() + "[" + this.parameterTypesToString() + "]" + } override string getAPrimaryQlClass() { result = "Indexer" } } @@ -368,17 +370,17 @@ class Accessor extends Callable, Modifiable, Attributable, @callable_accessor { * ``` */ override Modifier getAModifier() { - result = getAnAccessModifier() + result = this.getAnAccessModifier() or - result = getDeclaration().getAModifier() and - not (result instanceof AccessModifier and exists(getAnAccessModifier())) + result = this.getDeclaration().getAModifier() and + not (result instanceof AccessModifier and exists(this.getAnAccessModifier())) } override Accessor getUnboundDeclaration() { accessors(this, _, _, _, result) } override Location getALocation() { accessor_location(this, result) } - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** @@ -395,11 +397,11 @@ class Accessor extends Callable, Modifiable, Attributable, @callable_accessor { * ``` */ class Getter extends Accessor, @getter { - override string getName() { result = "get" + "_" + getDeclaration().getName() } + override string getName() { result = "get" + "_" + this.getDeclaration().getName() } - override string getUndecoratedName() { result = "get" + "_" + getDeclaration().getName() } + override string getUndecoratedName() { result = "get" + "_" + this.getDeclaration().getName() } - override Type getReturnType() { result = getDeclaration().getType() } + override Type getReturnType() { result = this.getDeclaration().getType() } /** * Gets the field used in the trival implementation of this getter, if any. @@ -417,8 +419,8 @@ class Getter extends Accessor, @getter { */ Field trivialGetterField() { exists(ReturnStmt ret | - getStatementBody().getNumberOfStmts() = 1 and - getStatementBody().getAChild() = ret and + this.getStatementBody().getNumberOfStmts() = 1 and + this.getStatementBody().getAChild() = ret and ret.getExpr() = result.getAnAccess() ) } @@ -444,9 +446,9 @@ class Getter extends Accessor, @getter { * ``` */ class Setter extends Accessor, @setter { - override string getName() { result = "set" + "_" + getDeclaration().getName() } + override string getName() { result = "set" + "_" + this.getDeclaration().getName() } - override string getUndecoratedName() { result = "set" + "_" + getDeclaration().getName() } + override string getUndecoratedName() { result = "set" + "_" + this.getDeclaration().getName() } override Type getReturnType() { exists(this) and // needed to avoid compiler warning @@ -469,8 +471,8 @@ class Setter extends Accessor, @setter { */ Field trivialSetterField() { exists(AssignExpr assign | - getStatementBody().getNumberOfStmts() = 1 and - assign.getParent() = getStatementBody().getAChild() and + this.getStatementBody().getNumberOfStmts() = 1 and + assign.getParent() = this.getStatementBody().getAChild() and assign.getLValue() = result.getAnAccess() and assign.getRValue() = accessToValue() ) @@ -521,9 +523,9 @@ private ParameterAccess accessToValue() { */ class TrivialProperty extends Property { TrivialProperty() { - isAutoImplemented() + this.isAutoImplemented() or - getGetter().trivialGetterField() = getSetter().trivialSetterField() + this.getGetter().trivialGetterField() = this.getSetter().trivialSetterField() or exists(CIL::TrivialProperty prop | this.matchesHandle(prop)) } diff --git a/csharp/ql/lib/semmle/code/csharp/Stmt.qll b/csharp/ql/lib/semmle/code/csharp/Stmt.qll index 2ccd57078db..be074c176ba 100644 --- a/csharp/ql/lib/semmle/code/csharp/Stmt.qll +++ b/csharp/ql/lib/semmle/code/csharp/Stmt.qll @@ -65,10 +65,10 @@ class BlockStmt extends Stmt, @block_stmt { int getNumberOfStmts() { result = count(this.getAStmt()) } /** Gets the first statement in this block, if any. */ - Stmt getFirstStmt() { result = getStmt(0) } + Stmt getFirstStmt() { result = this.getStmt(0) } /** Gets the last statement in this block, if any. */ - Stmt getLastStmt() { result = getStmt(getNumberOfStmts() - 1) } + Stmt getLastStmt() { result = this.getStmt(this.getNumberOfStmts() - 1) } /** Holds if this block is an empty block with no statements. */ predicate isEmpty() { not exists(this.getAStmt()) } @@ -79,8 +79,8 @@ class BlockStmt extends Stmt, @block_stmt { } override Stmt stripSingletonBlocks() { - if getNumberOfStmts() = 1 - then result = getAChildStmt().stripSingletonBlocks() + if this.getNumberOfStmts() = 1 + then result = this.getAChildStmt().stripSingletonBlocks() else result = this } @@ -420,7 +420,7 @@ class ForStmt extends LoopStmt, @for_stmt { * } * ``` */ - Expr getAnInitializer() { result = getInitializer(_) } + Expr getAnInitializer() { result = this.getInitializer(_) } /** * Gets the `n`th initializer expression of this `for` loop @@ -451,7 +451,7 @@ class ForStmt extends LoopStmt, @for_stmt { * } * ``` */ - Expr getAnUpdate() { result = getUpdate(_) } + Expr getAnUpdate() { result = this.getUpdate(_) } /** * Gets the `n`th update expression of this `for` loop (starting at index 0). @@ -519,7 +519,7 @@ class ForeachStmt extends LoopStmt, @foreach_stmt { * ``` */ LocalVariableDeclExpr getVariableDeclExpr(int i) { - result = getVariableDeclTuple().getArgument(i) + result = this.getVariableDeclTuple().getArgument(i) or i = 0 and result = this.getChild(0) } @@ -547,7 +547,7 @@ class ForeachStmt extends LoopStmt, @foreach_stmt { * } * ``` */ - LocalVariable getVariable(int i) { result = getVariableDeclExpr(i).getVariable() } + LocalVariable getVariable(int i) { result = this.getVariableDeclExpr(i).getVariable() } /** * Gets a local variable of this `foreach` loop. @@ -560,7 +560,7 @@ class ForeachStmt extends LoopStmt, @foreach_stmt { * } * ``` */ - LocalVariable getAVariable() { result = getVariable(_) } + LocalVariable getAVariable() { result = this.getVariable(_) } /** * Gets a local variable declaration of this `foreach` loop. @@ -573,7 +573,7 @@ class ForeachStmt extends LoopStmt, @foreach_stmt { * } * ``` */ - LocalVariableDeclExpr getAVariableDeclExpr() { result = getVariableDeclExpr(_) } + LocalVariableDeclExpr getAVariableDeclExpr() { result = this.getVariableDeclExpr(_) } override Expr getCondition() { none() } @@ -690,8 +690,8 @@ class GotoLabelStmt extends GotoStmt, @goto_stmt { /** Gets the target statement that this `goto` statement jumps to. */ LabeledStmt getTarget() { - result.getEnclosingCallable() = getEnclosingCallable() and - result.getLabel() = getLabel() + result.getEnclosingCallable() = this.getEnclosingCallable() and + result.getLabel() = this.getLabel() } override string getAPrimaryQlClass() { result = "GotoLabelStmt" } @@ -717,7 +717,7 @@ class GotoCaseStmt extends GotoStmt, @goto_case_stmt { /** Gets the constant expression that this `goto case` statement jumps to. */ Expr getExpr() { result = this.getChild(0) } - override string getLabel() { result = getExpr().getValue() } + override string getLabel() { result = this.getExpr().getValue() } override string toString() { result = "goto case ...;" } @@ -764,14 +764,14 @@ class ThrowStmt extends JumpStmt, ThrowElement, @throw_stmt { override ExceptionClass getThrownExceptionType() { result = ThrowElement.super.getThrownExceptionType() or - result = getRethrowParent().(CatchClause).getCaughtExceptionType() + result = this.getRethrowParent().(CatchClause).getCaughtExceptionType() } private ControlFlowElement getRethrowParent() { - result = this and not exists(getExpr()) + result = this and not exists(this.getExpr()) or exists(ControlFlowElement mid | - mid = getRethrowParent() and + mid = this.getRethrowParent() and not mid instanceof CatchClause and result = mid.getParent() ) @@ -785,7 +785,7 @@ class ThrowStmt extends JumpStmt, ThrowElement, @throw_stmt { * and may be thrown as an exception. */ class ExceptionClass extends Class { - ExceptionClass() { getBaseClass*() instanceof SystemExceptionClass } + ExceptionClass() { this.getBaseClass*() instanceof SystemExceptionClass } } /** @@ -897,13 +897,15 @@ class TryStmt extends Stmt, @try_stmt { override string getAPrimaryQlClass() { result = "TryStmt" } /** Gets the `catch` clause that handles an exception of type `ex`, if any. */ - CatchClause getAnExceptionHandler(ExceptionClass ex) { result = clauseHandlesException(ex, 0) } + CatchClause getAnExceptionHandler(ExceptionClass ex) { + result = this.clauseHandlesException(ex, 0) + } /** * Holds if catch clause `cc` definitely handles exceptions of type `ex`. */ predicate definitelyHandles(ExceptionClass ex, CatchClause cc) { - cc = getACatchClause() and + cc = this.getACatchClause() and not exists(cc.getFilterClause()) and ( cc.getCaughtExceptionType() = ex.getBaseClass*() @@ -913,22 +915,22 @@ class TryStmt extends Stmt, @try_stmt { } private predicate maybeHandles(ExceptionClass ex, CatchClause cc) { - cc = getACatchClause() and + cc = this.getACatchClause() and cc.getCaughtExceptionType().getBaseClass*() = ex } private CatchClause clauseHandlesException(ExceptionClass ex, int n) { - exists(CatchClause clause | clause = getCatchClause(n) | - if definitelyHandles(ex, clause) + exists(CatchClause clause | clause = this.getCatchClause(n) | + if this.definitelyHandles(ex, clause) then result = clause else - if maybeHandles(ex, clause) + if this.maybeHandles(ex, clause) then result = clause or - result = clauseHandlesException(ex, n + 1) + result = this.clauseHandlesException(ex, n + 1) else // Does not handle - result = clauseHandlesException(ex, n + 1) + result = this.clauseHandlesException(ex, n + 1) ) } @@ -939,10 +941,10 @@ class TryStmt extends Stmt, @try_stmt { * `try` statement. */ ControlFlowElement getATriedElement() { - result = getBlock() + result = this.getBlock() or exists(ControlFlowElement mid | - mid = getATriedElement() and + mid = this.getATriedElement() and not mid instanceof TryStmt and result = getAChild(mid, mid.getEnclosingCallable()) ) @@ -996,10 +998,10 @@ class CatchClause extends Stmt, @catch { * } * ``` */ - Expr getFilterClause() { result = getChild(2) } + Expr getFilterClause() { result = this.getChild(2) } /** Holds if this `catch` clause has a filter. */ - predicate hasFilterClause() { exists(getFilterClause()) } + predicate hasFilterClause() { exists(this.getFilterClause()) } /** Holds if this is the last `catch` clause in the `try` statement that it belongs to. */ predicate isLast() { @@ -1120,7 +1122,7 @@ class LockStmt extends Stmt, @lock_stmt { override string toString() { result = "lock (...) {...}" } /** Gets the variable being locked, if any. */ - Variable getLockVariable() { result.getAnAccess() = getExpr() } + Variable getLockVariable() { result.getAnAccess() = this.getExpr() } /** Gets a statement in the scope of this `lock` statement. */ Stmt getALockedStmt() { @@ -1128,14 +1130,14 @@ class LockStmt extends Stmt, @lock_stmt { // delegates and lambdas result.getParent() = this or - exists(Stmt mid | mid = getALockedStmt() and result.getParent() = mid) + exists(Stmt mid | mid = this.getALockedStmt() and result.getParent() = mid) } /** Holds if this statement is of the form `lock(this) { ... }`. */ - predicate isLockThis() { getExpr() instanceof ThisAccess } + predicate isLockThis() { this.getExpr() instanceof ThisAccess } /** Gets the type `T` if this statement is of the form `lock(typeof(T)) { ... }`. */ - Type getLockTypeObject() { result = getExpr().(TypeofExpr).getTypeAccess().getTarget() } + Type getLockTypeObject() { result = this.getExpr().(TypeofExpr).getTypeAccess().getTarget() } override string getAPrimaryQlClass() { result = "LockStmt" } } @@ -1453,7 +1455,7 @@ class LocalFunctionStmt extends Stmt, @local_function_stmt { /** Gets the local function defined by this statement. */ LocalFunction getLocalFunction() { local_function_stmts(this, result) } - override string toString() { result = getLocalFunction().getName() + "(...)" } + override string toString() { result = this.getLocalFunction().getName() + "(...)" } override string getAPrimaryQlClass() { result = "LocalFunctionStmt" } } diff --git a/csharp/ql/lib/semmle/code/csharp/Type.qll b/csharp/ql/lib/semmle/code/csharp/Type.qll index d7a15000bbf..109c1df00c7 100644 --- a/csharp/ql/lib/semmle/code/csharp/Type.qll +++ b/csharp/ql/lib/semmle/code/csharp/Type.qll @@ -37,7 +37,7 @@ class Type extends DotNet::Type, Member, TypeContainer, @type { predicate containsTypeParameters() { this instanceof TypeParameter or - not this instanceof UnboundGenericType and getAChild().containsTypeParameters() + not this instanceof UnboundGenericType and this.getAChild().containsTypeParameters() } /** Holds if this type is a reference type, or a type parameter that is a reference type. */ @@ -133,8 +133,8 @@ class ValueOrRefType extends DotNet::ValueOrRefType, Type, Attributable, @value_ /** Gets an immediate base type of this type, if any. */ override ValueOrRefType getABaseType() { - result = getBaseClass() or - result = getABaseInterface() + result = this.getBaseClass() or + result = this.getABaseInterface() } /** Gets an immediate subtype of this type, if any. */ @@ -200,9 +200,9 @@ class ValueOrRefType extends DotNet::ValueOrRefType, Type, Attributable, @value_ */ pragma[inline] predicate hasCallable(Callable c) { - hasMethod(c) + this.hasMethod(c) or - hasMember(c.(Accessor).getDeclaration()) + this.hasMember(c.(Accessor).getDeclaration()) } /** @@ -234,63 +234,63 @@ class ValueOrRefType extends DotNet::ValueOrRefType, Type, Attributable, @value_ or hasNonOverriddenMember(this.getBaseClass+(), m) or - hasOverriddenMember(m) + this.hasOverriddenMember(m) } cached private predicate hasOverriddenMember(Virtualizable v) { v.isOverridden() and - v = getAMember() + v = this.getAMember() or - getBaseClass().(ValueOrRefType).hasOverriddenMember(v) and + this.getBaseClass().(ValueOrRefType).hasOverriddenMember(v) and not v.isPrivate() and - not memberOverrides(v) + not this.memberOverrides(v) } // Predicate folding for proper join-order pragma[noinline] private predicate memberOverrides(Virtualizable v) { - getAMember().(Virtualizable).getOverridee() = v + this.getAMember().(Virtualizable).getOverridee() = v } /** Gets a field (or member constant) with the given name. */ - Field getField(string name) { result = getAMember() and result.hasName(name) } + Field getField(string name) { result = this.getAMember() and result.hasName(name) } /** Gets a field (or member constant) of this type, if any. */ Field getAField() { result = this.getField(_) } /** Gets a member constant of this type, if any. */ - MemberConstant getAConstant() { result = getAMember() } + MemberConstant getAConstant() { result = this.getAMember() } /** Gets a method of this type, if any. */ - Method getAMethod() { result = getAMember() } + Method getAMethod() { result = this.getAMember() } /** Gets a method of this type with the given name. */ - Method getAMethod(string name) { result = getAMember() and result.hasName(name) } + Method getAMethod(string name) { result = this.getAMember() and result.hasName(name) } /** Gets a property of this type, if any. */ - Property getAProperty() { result = getAMember() } + Property getAProperty() { result = this.getAMember() } /** Gets a named property of this type. */ - Property getProperty(string name) { result = getAMember() and result.hasName(name) } + Property getProperty(string name) { result = this.getAMember() and result.hasName(name) } /** Gets an indexer of this type, if any. */ - Indexer getAnIndexer() { result = getAMember() } + Indexer getAnIndexer() { result = this.getAMember() } /** Gets an event of this type, if any. */ - Event getAnEvent() { result = getAMember() } + Event getAnEvent() { result = this.getAMember() } /** Gets a user-defined operator of this type, if any. */ - Operator getAnOperator() { result = getAMember() } + Operator getAnOperator() { result = this.getAMember() } /** Gets a static or instance constructor of this type, if any. */ - Constructor getAConstructor() { result = getAMember() } + Constructor getAConstructor() { result = this.getAMember() } /** Gets the static constructor of this type, if any. */ - StaticConstructor getStaticConstructor() { result = getAMember() } + StaticConstructor getStaticConstructor() { result = this.getAMember() } /** Gets a nested type of this type, if any. */ - NestedType getANestedType() { result = getAMember() } + NestedType getANestedType() { result = this.getAMember() } /** Gets the number of types that directly depend on this type. */ int getAfferentCoupling() { afferentCoupling(this, result) } @@ -675,10 +675,10 @@ class Enum extends ValueType, @enum_type { */ class Struct extends ValueType, @struct_type { /** Holds if this `struct` has a `ref` modifier. */ - predicate isRef() { hasModifier("ref") } + predicate isRef() { this.hasModifier("ref") } /** Holds if this `struct` has a `readonly` modifier. */ - predicate isReadonly() { hasModifier("readonly") } + predicate isReadonly() { this.hasModifier("readonly") } override string getAPrimaryQlClass() { result = "Struct" } } @@ -695,7 +695,7 @@ class RefType extends ValueOrRefType, @ref_type { /** Gets a member that overrides a non-abstract member in a super type, if any. */ private Virtualizable getAnOverrider() { - getAMember() = result and + this.getAMember() = result and exists(Virtualizable v | result.getOverridee() = v and not v.isAbstract()) } @@ -897,14 +897,14 @@ class FunctionPointerType extends Type, Parameterizable, @function_pointer_type } /** Gets an unmanaged calling convention. */ - Type getAnUnmanagedCallingConvention() { result = getUnmanagedCallingConvention(_) } + Type getAnUnmanagedCallingConvention() { result = this.getUnmanagedCallingConvention(_) } /** Gets the annotated return type of this function pointer type. */ AnnotatedType getAnnotatedReturnType() { result.appliesTo(this) } override string getAPrimaryQlClass() { result = "FunctionPointerType" } - override string getLabel() { result = getName() } + override string getLabel() { result = this.getName() } } /** @@ -922,13 +922,15 @@ class NullableType extends ValueType, DotNet::ConstructedGeneric, @nullable_type */ Type getUnderlyingType() { nullable_underlying_type(this, getTypeRef(result)) } - override string toStringWithTypes() { result = getUnderlyingType().toStringWithTypes() + "?" } + override string toStringWithTypes() { + result = this.getUnderlyingType().toStringWithTypes() + "?" + } - override Type getChild(int n) { result = getUnderlyingType() and n = 0 } + override Type getChild(int n) { result = this.getUnderlyingType() and n = 0 } - override Location getALocation() { result = getUnderlyingType().getALocation() } + override Location getALocation() { result = this.getUnderlyingType().getALocation() } - override Type getTypeArgument(int p) { p = 0 and result = getUnderlyingType() } + override Type getTypeArgument(int p) { p = 0 and result = this.getUnderlyingType() } override string getAPrimaryQlClass() { result = "NullableType" } @@ -966,8 +968,8 @@ class ArrayType extends DotNet::ArrayType, RefType, @array_type { /** Holds if this array type has the same shape (dimension and rank) as `that` array type. */ predicate hasSameShapeAs(ArrayType that) { - getDimension() = that.getDimension() and - getRank() = that.getRank() + this.getDimension() = that.getDimension() and + this.getRank() = that.getRank() } /** @@ -981,7 +983,7 @@ class ArrayType extends DotNet::ArrayType, RefType, @array_type { private string getDimensionString(Type elementType) { exists(Type et, string res | et = this.getElementType() and - res = getArraySuffix() and + res = this.getArraySuffix() and if et instanceof ArrayType then result = res + et.(ArrayType).getDimensionString(elementType) else ( @@ -996,7 +998,7 @@ class ArrayType extends DotNet::ArrayType, RefType, @array_type { ) } - override Type getChild(int n) { result = getElementType() and n = 0 } + override Type getChild(int n) { result = this.getElementType() and n = 0 } override Location getALocation() { type_location(this, result) @@ -1021,13 +1023,15 @@ class PointerType extends DotNet::PointerType, Type, @pointer_type { override string toStringWithTypes() { result = DotNet::PointerType.super.toStringWithTypes() } - override Type getChild(int n) { result = getReferentType() and n = 0 } + override Type getChild(int n) { result = this.getReferentType() and n = 0 } final override string getName() { types(this, _, result) } - final override string getUndecoratedName() { result = getReferentType().getUndecoratedName() } + final override string getUndecoratedName() { + result = this.getReferentType().getUndecoratedName() + } - override Location getALocation() { result = getReferentType().getALocation() } + override Location getALocation() { result = this.getReferentType().getALocation() } override string toString() { result = DotNet::PointerType.super.toString() } @@ -1082,10 +1086,10 @@ class TupleType extends ValueType, @tuple_type { * Gets the type of the `n`th element of this tuple, indexed from 0. * For example, the 0th (first) element type of `(int, string)` is `int`. */ - Type getElementType(int n) { result = getElement(n).getType() } + Type getElementType(int n) { result = this.getElement(n).getType() } /** Gets an element of this tuple. */ - Field getAnElement() { result = getElement(_) } + Field getAnElement() { result = this.getElement(_) } override Location getALocation() { type_location(this, result) } @@ -1093,23 +1097,27 @@ class TupleType extends ValueType, @tuple_type { * Gets the arity of this tuple. For example, the arity of * `(int, int, double)` is 3. */ - int getArity() { result = count(getAnElement()) } + int getArity() { result = count(this.getAnElement()) } language[monotonicAggregates] override string toStringWithTypes() { result = "(" + - concat(Type t, int i | t = getElement(i).getType() | t.toStringWithTypes(), ", " order by i) - + ")" + concat(Type t, int i | + t = this.getElement(i).getType() + | + t.toStringWithTypes(), ", " order by i + ) + ")" } language[monotonicAggregates] override string getName() { result = - "(" + concat(Type t, int i | t = getElement(i).getType() | t.getName(), "," order by i) + ")" + "(" + concat(Type t, int i | t = this.getElement(i).getType() | t.getName(), "," order by i) + + ")" } - override string getLabel() { result = getUnderlyingType().getLabel() } + override string getLabel() { result = this.getUnderlyingType().getLabel() } override Type getChild(int i) { result = this.getUnderlyingType().getChild(i) } diff --git a/csharp/ql/lib/semmle/code/csharp/Unification.qll b/csharp/ql/lib/semmle/code/csharp/Unification.qll index 3a2c6745f45..d9f39cec603 100644 --- a/csharp/ql/lib/semmle/code/csharp/Unification.qll +++ b/csharp/ql/lib/semmle/code/csharp/Unification.qll @@ -297,7 +297,7 @@ module Gvn { or result = strictconcat(int i, int j | - toStringPart(i, j) + this.toStringPart(i, j) | this.toStringConstructedPart(i, j) order by i desc, j ) diff --git a/csharp/ql/lib/semmle/code/csharp/Variable.qll b/csharp/ql/lib/semmle/code/csharp/Variable.qll index a13175dfeb0..6592320fdd7 100644 --- a/csharp/ql/lib/semmle/code/csharp/Variable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Variable.qll @@ -149,7 +149,7 @@ class Parameter extends DotNet::Parameter, LocalScopeVariable, Attributable, Top predicate isIn() { params(this, _, _, _, 5, _, _) } /** Holds if this parameter is an output or reference parameter. */ - predicate isOutOrRef() { isOut() or isRef() } + predicate isOutOrRef() { this.isOut() or this.isRef() } /** * Holds if this parameter is a parameter array. For example, `args` @@ -210,7 +210,7 @@ class Parameter extends DotNet::Parameter, LocalScopeVariable, Attributable, Top Expr getDefaultValue() { result = this.getUnboundDeclaration().getChildExpr(0) } /** Holds if this parameter has a default value. */ - predicate hasDefaultValue() { exists(getDefaultValue()) } + predicate hasDefaultValue() { exists(this.getDefaultValue()) } /** Gets the callable to which this parameter belongs, if any. */ override Callable getCallable() { result = this.getDeclaringElement() } @@ -238,7 +238,9 @@ class Parameter extends DotNet::Parameter, LocalScopeVariable, Attributable, Top * `y` is `5`, and the assigned arguments to `z` are `3` and `6`, respectively. */ pragma[nomagic] - Expr getAnAssignedArgument() { result = getCallable().getACall().getArgumentForParameter(this) } + Expr getAnAssignedArgument() { + result = this.getCallable().getACall().getArgumentForParameter(this) + } /** Holds if this parameter is potentially overwritten in the body of its callable. */ predicate isOverwritten() { @@ -323,7 +325,7 @@ class LocalVariable extends LocalScopeVariable, @local_variable { /** Gets the enclosing callable of this local variable. */ Callable getEnclosingCallable() { result = this.getVariableDeclExpr().getEnclosingCallable() } - override Callable getCallable() { result = getEnclosingCallable() } + override Callable getCallable() { result = this.getEnclosingCallable() } override predicate isRef() { localvars(this, 3, _, _, _, _) } diff --git a/csharp/ql/lib/semmle/code/csharp/XML.qll b/csharp/ql/lib/semmle/code/csharp/XML.qll index 4c762f4bf65..76f3b3cb022 100755 --- a/csharp/ql/lib/semmle/code/csharp/XML.qll +++ b/csharp/ql/lib/semmle/code/csharp/XML.qll @@ -108,7 +108,7 @@ class XMLParent extends @xmlparent { } /** Gets the text value contained in this XML parent. */ - string getTextValue() { result = allCharactersString() } + string getTextValue() { result = this.allCharactersString() } /** Gets a printable representation of this XML parent. */ string toString() { result = this.getName() } @@ -119,7 +119,7 @@ class XMLFile extends XMLParent, File { XMLFile() { xmlEncoding(this, _) } /** Gets a printable representation of this XML file. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } /** Gets the name of this XML file. */ override string getName() { result = File.super.getAbsolutePath() } @@ -129,14 +129,14 @@ class XMLFile extends XMLParent, File { * * Gets the path of this XML file. */ - deprecated string getPath() { result = getAbsolutePath() } + deprecated string getPath() { result = this.getAbsolutePath() } /** * DEPRECATED: Use `getParentContainer().getAbsolutePath()` instead. * * Gets the path of the folder that contains this XML file. */ - deprecated string getFolder() { result = getParentContainer().getAbsolutePath() } + deprecated string getFolder() { result = this.getParentContainer().getAbsolutePath() } /** Gets the encoding of this XML file. */ string getEncoding() { xmlEncoding(this, result) } @@ -200,7 +200,7 @@ class XMLDTD extends XMLLocatable, @xmldtd { */ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { /** Holds if this XML element has the given `name`. */ - predicate hasName(string name) { name = getName() } + predicate hasName(string name) { name = this.getName() } /** Gets the name of this XML element. */ override string getName() { xmlElements(this, result, _, _, _) } @@ -239,7 +239,7 @@ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { string getAttributeValue(string name) { result = this.getAttribute(name).getValue() } /** Gets a printable representation of this XML element. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll b/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll index d425ec118ed..4f364147395 100644 --- a/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll +++ b/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll @@ -42,7 +42,7 @@ abstract class AssertMethod extends Method { * * Gets the index of a parameter being asserted. */ - deprecated final int getAssertionIndex() { result = getAnAssertionIndex() } + deprecated final int getAssertionIndex() { result = this.getAnAssertionIndex() } /** Gets the parameter at position `i` being asserted. */ final Parameter getAssertedParameter(int i) { @@ -55,7 +55,7 @@ abstract class AssertMethod extends Method { * * Gets a parameter being asserted. */ - deprecated final Parameter getAssertedParameter() { result = getAssertedParameter(_) } + deprecated final Parameter getAssertedParameter() { result = this.getAssertedParameter(_) } /** Gets the failure type if the assertion fails for argument `i`, if any. */ abstract AssertionFailure getAssertionFailure(int i); diff --git a/csharp/ql/lib/semmle/code/csharp/commons/GeneratedCode.qll b/csharp/ql/lib/semmle/code/csharp/commons/GeneratedCode.qll index 42e04ddcbb9..38d559d8ffd 100644 --- a/csharp/ql/lib/semmle/code/csharp/commons/GeneratedCode.qll +++ b/csharp/ql/lib/semmle/code/csharp/commons/GeneratedCode.qll @@ -57,7 +57,7 @@ abstract class GeneratedCodeComment extends CommentLine { } */ class GenericGeneratedCodeComment extends GeneratedCodeComment { GenericGeneratedCodeComment() { - exists(string line, string entity, string was, string automatically | line = getText() | + exists(string line, string entity, string was, string automatically | line = this.getText() | entity = "file|class|interface|art[ei]fact|module|script" and was = "was|is|has been" and automatically = "automatically |mechanically |auto[- ]?" and @@ -70,7 +70,7 @@ class GenericGeneratedCodeComment extends GeneratedCodeComment { /** A comment warning against modifications. */ class DontModifyMarkerComment extends GeneratedCodeComment { DontModifyMarkerComment() { - exists(string line | line = getText() | + exists(string line | line = this.getText() | line.regexpMatch("(?i).*\\bGenerated by\\b.*\\bDo not edit\\b.*") or line.regexpMatch("(?i).*\\bAny modifications to this file will be lost\\b.*") ) diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll index b4448a71380..08e5925ad50 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll @@ -11,7 +11,7 @@ private import ControlFlow::SuccessorTypes */ class BasicBlock extends TBasicBlockStart { /** Gets an immediate successor of this basic block, if any. */ - BasicBlock getASuccessor() { result.getFirstNode() = getLastNode().getASuccessor() } + BasicBlock getASuccessor() { result.getFirstNode() = this.getLastNode().getASuccessor() } /** Gets an immediate successor of this basic block of a given type, if any. */ BasicBlock getASuccessorByType(ControlFlow::SuccessorType t) { @@ -42,7 +42,7 @@ class BasicBlock extends TBasicBlockStart { * The basic block on line 2 is an immediate `true` successor of the * basic block on line 1. */ - BasicBlock getATrueSuccessor() { result.getFirstNode() = getLastNode().getATrueSuccessor() } + BasicBlock getATrueSuccessor() { result.getFirstNode() = this.getLastNode().getATrueSuccessor() } /** * Gets an immediate `false` successor, if any. @@ -60,25 +60,27 @@ class BasicBlock extends TBasicBlockStart { * The basic block on line 2 is an immediate `false` successor of the * basic block on line 1. */ - BasicBlock getAFalseSuccessor() { result.getFirstNode() = getLastNode().getAFalseSuccessor() } + BasicBlock getAFalseSuccessor() { + result.getFirstNode() = this.getLastNode().getAFalseSuccessor() + } /** Gets the control flow node at a specific (zero-indexed) position in this basic block. */ - ControlFlow::Node getNode(int pos) { bbIndex(getFirstNode(), result, pos) } + ControlFlow::Node getNode(int pos) { bbIndex(this.getFirstNode(), result, pos) } /** Gets a control flow node in this basic block. */ - ControlFlow::Node getANode() { result = getNode(_) } + ControlFlow::Node getANode() { result = this.getNode(_) } /** Gets the first control flow node in this basic block. */ ControlFlow::Node getFirstNode() { this = TBasicBlockStart(result) } /** Gets the last control flow node in this basic block. */ - ControlFlow::Node getLastNode() { result = getNode(length() - 1) } + ControlFlow::Node getLastNode() { result = this.getNode(this.length() - 1) } /** Gets the callable that this basic block belongs to. */ final Callable getCallable() { result = this.getFirstNode().getEnclosingCallable() } /** Gets the length of this basic block. */ - int length() { result = strictcount(getANode()) } + int length() { result = strictcount(this.getANode()) } /** * Holds if this basic block immediately dominates basic block `bb`. @@ -151,7 +153,7 @@ class BasicBlock extends TBasicBlockStart { */ predicate dominates(BasicBlock bb) { bb = this or - strictlyDominates(bb) + this.strictlyDominates(bb) } /** @@ -177,14 +179,14 @@ class BasicBlock extends TBasicBlockStart { * does not dominate the basic block on line 6. */ predicate inDominanceFrontier(BasicBlock df) { - dominatesPredecessor(df) and - not strictlyDominates(df) + this.dominatesPredecessor(df) and + not this.strictlyDominates(df) } /** * Holds if this basic block dominates a predecessor of `df`. */ - private predicate dominatesPredecessor(BasicBlock df) { dominates(df.getAPredecessor()) } + private predicate dominatesPredecessor(BasicBlock df) { this.dominates(df.getAPredecessor()) } /** * Gets the basic block that immediately dominates this basic block, if any. @@ -263,7 +265,7 @@ class BasicBlock extends TBasicBlockStart { * post-dominates itself. */ predicate postDominates(BasicBlock bb) { - strictlyPostDominates(bb) or + this.strictlyPostDominates(bb) or this = bb } @@ -276,10 +278,10 @@ class BasicBlock extends TBasicBlockStart { predicate inLoop() { this.getASuccessor+() = this } /** Gets a textual representation of this basic block. */ - string toString() { result = getFirstNode().toString() } + string toString() { result = this.getFirstNode().toString() } /** Gets the location of this basic block. */ - Location getLocation() { result = getFirstNode().getLocation() } + Location getLocation() { result = this.getFirstNode().getLocation() } } /** @@ -420,7 +422,7 @@ private module JoinBlockPredecessors { /** A basic block with more than one predecessor. */ class JoinBlock extends BasicBlock { - JoinBlock() { getFirstNode().isJoin() } + JoinBlock() { this.getFirstNode().isJoin() } /** * Gets the `i`th predecessor of this join block, with respect to some diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll index 7601b83f6b8..9e7fd92d2a4 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll @@ -72,13 +72,14 @@ class ControlFlowElement extends ExprOrStmtParent, @control_flow_element { ControlFlowElement getAReachableElement() { // Reachable in same basic block exists(BasicBlock bb, int i, int j | - bb.getNode(i) = getAControlFlowNode() and + bb.getNode(i) = this.getAControlFlowNode() and bb.getNode(j) = result.getAControlFlowNode() and i < j ) or // Reachable in different basic blocks - getAControlFlowNode().getBasicBlock().getASuccessor+().getANode() = result.getAControlFlowNode() + this.getAControlFlowNode().getBasicBlock().getASuccessor+().getANode() = + result.getAControlFlowNode() } pragma[noinline] diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll index 96b73d8978d..c94184b4f66 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll @@ -33,10 +33,10 @@ module ControlFlow { ControlFlowElement getElement() { none() } /** Gets the location of this control flow node. */ - Location getLocation() { result = getElement().getLocation() } + Location getLocation() { result = this.getElement().getLocation() } /** Holds if this control flow node has conditional successors. */ - predicate isCondition() { exists(getASuccessorByType(any(ConditionalSuccessor e))) } + predicate isCondition() { exists(this.getASuccessorByType(any(ConditionalSuccessor e))) } /** Gets the basic block that this control flow node belongs to. */ BasicBlock getBasicBlock() { result.getANode() = this } @@ -67,7 +67,7 @@ module ControlFlow { // potentially very large predicate, so must be inlined pragma[inline] predicate dominates(Node that) { - strictlyDominates(that) + this.strictlyDominates(that) or this = that } @@ -138,7 +138,7 @@ module ControlFlow { // potentially very large predicate, so must be inlined pragma[inline] predicate postDominates(Node that) { - strictlyPostDominates(that) + this.strictlyPostDominates(that) or this = that } @@ -186,13 +186,13 @@ module ControlFlow { Node getASuccessorByType(SuccessorType t) { result = getASuccessor(this, t) } /** Gets an immediate successor, if any. */ - Node getASuccessor() { result = getASuccessorByType(_) } + Node getASuccessor() { result = this.getASuccessorByType(_) } /** Gets an immediate predecessor node of a given flow type, if any. */ Node getAPredecessorByType(SuccessorType t) { result.getASuccessorByType(t) = this } /** Gets an immediate predecessor, if any. */ - Node getAPredecessor() { result = getAPredecessorByType(_) } + Node getAPredecessor() { result = this.getAPredecessorByType(_) } /** * Gets an immediate `true` successor, if any. @@ -211,7 +211,7 @@ module ControlFlow { * on line 1. */ Node getATrueSuccessor() { - result = getASuccessorByType(any(BooleanSuccessor t | t.getValue() = true)) + result = this.getASuccessorByType(any(BooleanSuccessor t | t.getValue() = true)) } /** @@ -231,7 +231,7 @@ module ControlFlow { * on line 1. */ Node getAFalseSuccessor() { - result = getASuccessorByType(any(BooleanSuccessor t | t.getValue() = false)) + result = this.getASuccessorByType(any(BooleanSuccessor t | t.getValue() = false)) } /** Holds if this node has more than one predecessor. */ @@ -285,7 +285,7 @@ module ControlFlow { override Callable getEnclosingCallable() { result = this.getCallable() } - override Location getLocation() { result = getCallable().getLocation() } + override Location getLocation() { result = this.getCallable().getLocation() } override string toString() { exists(string s | @@ -293,7 +293,7 @@ module ControlFlow { or normal = false and s = "abnormal" | - result = "exit " + getCallable() + " (" + s + ")" + result = "exit " + this.getCallable() + " (" + s + ")" ) } } @@ -307,9 +307,9 @@ module ControlFlow { override Callable getEnclosingCallable() { result = this.getCallable() } - override Location getLocation() { result = getCallable().getLocation() } + override Location getLocation() { result = this.getCallable().getLocation() } - override string toString() { result = "exit " + getCallable().toString() } + override string toString() { result = "exit " + this.getCallable().toString() } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll index 5a402717401..5e3f00c3c5e 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll @@ -1740,7 +1740,7 @@ module Internal { e = this.getAChildExpr() or exists(Expr mid | - descendant(mid) and + this.descendant(mid) and not interestingDescendantCandidate(mid) and e = mid.getAChildExpr() ) @@ -1748,7 +1748,7 @@ module Internal { /** Holds if `e` is an interesting descendant of this descendant. */ predicate interestingDescendant(Expr e) { - descendant(e) and + this.descendant(e) and interestingDescendantCandidate(e) } } @@ -1797,7 +1797,7 @@ module Internal { override predicate candidate(ControlFlowElement x, ControlFlowElement y) { exists(BasicBlock bb, Declaration d | - candidateAux(x, d, bb) and + this.candidateAux(x, d, bb) and y = any(AccessOrCallExpr e | e.getAControlFlowNode().getBasicBlock() = bb and diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll index 8a02fb95dee..82eb5d302ad 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll @@ -495,7 +495,7 @@ module Expressions { // Flow from last element of left operand to first element of right operand last(this.getLeftOperand(), pred, c) and c.(NullnessCompletion).isNull() and - first(getRightOperand(), succ) + first(this.getRightOperand(), succ) or // Post-order: flow from last element of left operand to element itself last(this.getLeftOperand(), pred, c) and @@ -504,7 +504,7 @@ module Expressions { not c.(NullnessCompletion).isNull() or // Post-order: flow from last element of right operand to element itself - last(getRightOperand(), pred, c) and + last(this.getRightOperand(), pred, c) and c instanceof NormalCompletion and succ = this } @@ -575,7 +575,7 @@ module Expressions { PostOrderTree.super.last(last, c) or // Qualifier exits with a `null` completion - lastQualifier(last, c) and + this.lastQualifier(last, c) and c.(NullnessCompletion).isNull() } @@ -1483,7 +1483,7 @@ module Statements { ) or // Flow into `finally` block - pred = getAFinallyPredecessor(c, true) and + pred = this.getAFinallyPredecessor(c, true) and first(this.getFinally(), succ) } } diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll index 31155dea0ae..de44808b18e 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll @@ -69,9 +69,9 @@ class PreBasicBlock extends ControlFlowElement { ControlFlowElement getFirstElement() { result = this } - ControlFlowElement getLastElement() { result = this.getElement(length() - 1) } + ControlFlowElement getLastElement() { result = this.getElement(this.length() - 1) } - int length() { result = strictcount(getAnElement()) } + int length() { result = strictcount(this.getAnElement()) } predicate immediatelyDominates(PreBasicBlock bb) { bbIDominates(this, bb) } @@ -117,7 +117,7 @@ class ConditionBlock extends PreBasicBlock { pragma[nomagic] predicate controls(PreBasicBlock controlled, SuccessorTypes::ConditionalSuccessor s) { - exists(PreBasicBlock succ, ConditionalCompletion c | immediatelyControls(succ, c) | + exists(PreBasicBlock succ, ConditionalCompletion c | this.immediatelyControls(succ, c) | succ.dominates(controlled) and s = c.getAMatchingSuccessorType() ) diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll index 4d1d39de988..83ea302e691 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll @@ -628,7 +628,7 @@ module FinallySplitting { */ private predicate exit(ControlFlowElement pred, Completion c, boolean inherited) { exists(TryStmt try, FinallySplitType type | - exit0(pred, try, this.getNestLevel(), c) and + this.exit0(pred, try, this.getNestLevel(), c) and type = this.getType() | if last(try.getFinally(), pred, c) @@ -690,18 +690,18 @@ module FinallySplitting { override predicate hasExit(ControlFlowElement pred, ControlFlowElement succ, Completion c) { succ(pred, succ, c) and ( - exit(pred, c, _) + this.exit(pred, c, _) or - exit(pred, c.(NestedBreakCompletion).getAnInnerCompatibleCompletion(), _) + this.exit(pred, c.(NestedBreakCompletion).getAnInnerCompatibleCompletion(), _) ) } override predicate hasExitScope(CfgScope scope, ControlFlowElement last, Completion c) { scopeLast(scope, last, c) and ( - exit(last, c, _) + this.exit(last, c, _) or - exit(last, c.(NestedBreakCompletion).getAnInnerCompatibleCompletion(), _) + this.exit(last, c.(NestedBreakCompletion).getAnInnerCompatibleCompletion(), _) ) } diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll index 648c2cd847c..76da2fb62ef 100644 --- a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll +++ b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll @@ -77,7 +77,7 @@ module SuccessorTypes { class BooleanSuccessor extends ConditionalSuccessor, TBooleanSuccessor { override boolean getValue() { this = TBooleanSuccessor(result) } - override string toString() { result = getValue().toString() } + override string toString() { result = this.getValue().toString() } } /** @@ -310,7 +310,7 @@ module SuccessorTypes { /** Gets the type of exception. */ ExceptionClass getExceptionClass() { this = TExceptionSuccessor(result) } - override string toString() { result = "exception(" + getExceptionClass().getName() + ")" } + override string toString() { result = "exception(" + this.getExceptionClass().getName() + ")" } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll index f36783f56c6..f405484a55d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll @@ -505,20 +505,20 @@ class SystemBooleanFlow extends LibraryTypeDataFlow, SystemBooleanStruct { CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - methodFlow(source, sink, c) and + this.methodFlow(source, sink, c) and preservesValue = false } private predicate methodFlow( CallableFlowSource source, CallableFlowSink sink, SourceDeclarationMethod m ) { - m = getParseMethod() and + m = this.getParseMethod() and ( source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() ) or - m = getTryParseMethod() and + m = this.getTryParseMethod() and ( source = TCallableFlowSourceArg(0) and ( @@ -537,12 +537,12 @@ class SystemUriFlow extends LibraryTypeDataFlow, SystemUriClass { boolean preservesValue ) { ( - constructorFlow(source, sink, c) + this.constructorFlow(source, sink, c) or - methodFlow(source, sink, c) + this.methodFlow(source, sink, c) or exists(Property p | - propertyFlow(p) and + this.propertyFlow(p) and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and c = p.getGetter() @@ -552,7 +552,7 @@ class SystemUriFlow extends LibraryTypeDataFlow, SystemUriClass { } private predicate constructorFlow(CallableFlowSource source, CallableFlowSink sink, Constructor c) { - c = getAMember() and + c = this.getAMember() and c.getParameter(0).getType() instanceof StringType and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() @@ -567,11 +567,11 @@ class SystemUriFlow extends LibraryTypeDataFlow, SystemUriClass { } private predicate propertyFlow(Property p) { - p = getPathAndQueryProperty() + p = this.getPathAndQueryProperty() or - p = getQueryProperty() + p = this.getQueryProperty() or - p = getOriginalStringProperty() + p = this.getOriginalStringProperty() } } @@ -582,15 +582,15 @@ class SystemIOStringReaderFlow extends LibraryTypeDataFlow, SystemIOStringReader boolean preservesValue ) { ( - constructorFlow(source, sink, c) + this.constructorFlow(source, sink, c) or - methodFlow(source, sink, c) + this.methodFlow(source, sink, c) ) and preservesValue = false } private predicate constructorFlow(CallableFlowSource source, CallableFlowSink sink, Constructor c) { - c = getAMember() and + c = this.getAMember() and c.getParameter(0).getType() instanceof StringType and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() @@ -599,7 +599,7 @@ class SystemIOStringReaderFlow extends LibraryTypeDataFlow, SystemIOStringReader private predicate methodFlow( CallableFlowSource source, CallableFlowSink sink, SourceDeclarationMethod m ) { - m.getDeclaringType() = getABaseType*() and + m.getDeclaringType() = this.getABaseType*() and m.getName().matches("Read%") and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() @@ -612,17 +612,17 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp, SourceDeclarationCallable c, boolean preservesValue ) { - constructorFlow(source, sourceAp, sink, sinkAp, c) and + this.constructorFlow(source, sourceAp, sink, sinkAp, c) and preservesValue = false or - methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue) + this.methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue) } private predicate constructorFlow( CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp, Constructor c ) { - c = getAMember() and + c = this.getAMember() and c.getParameter(0).getType().(ArrayType).getElementType() instanceof CharType and source = TCallableFlowSourceArg(0) and sourceAp = AccessPath::element() and @@ -641,14 +641,14 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { sinkAp = AccessPath::empty() and preservesValue = true or - m = getSplitMethod() and + m = this.getSplitMethod() and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::element() and preservesValue = false or - m = getReplaceMethod() and + m = this.getReplaceMethod() and sourceAp = AccessPath::empty() and sinkAp = AccessPath::empty() and ( @@ -661,21 +661,21 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { preservesValue = false ) or - m = getSubstringMethod() and + m = this.getSubstringMethod() and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = false or - m = getCloneMethod() and + m = this.getCloneMethod() and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = true or - m = getInsertMethod() and + m = this.getInsertMethod() and sourceAp = AccessPath::empty() and sinkAp = AccessPath::empty() and ( @@ -688,21 +688,21 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { preservesValue = false ) or - m = getNormalizeMethod() and + m = this.getNormalizeMethod() and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = false or - m = getRemoveMethod() and + m = this.getRemoveMethod() and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = false or - m = getAMethod() and + m = this.getAMethod() and m.getName().regexpMatch("((ToLower|ToUpper)(Invariant)?)|(Trim(Start|End)?)|(Pad(Left|Right))") and source = TCallableFlowSourceQualifier() and sourceAp = AccessPath::empty() and @@ -710,7 +710,7 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { sinkAp = AccessPath::empty() and preservesValue = false or - m = getConcatMethod() and + m = this.getConcatMethod() and exists(int i | source = getFlowSourceArg(m, i, sourceAp) and sink = TCallableFlowSinkReturn() and @@ -718,20 +718,20 @@ class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass { preservesValue = false ) or - m = getCopyMethod() and + m = this.getCopyMethod() and source = TCallableFlowSourceArg(0) and sourceAp = AccessPath::empty() and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = true or - m = getJoinMethod() and + m = this.getJoinMethod() and source = getFlowSourceArg(m, [0, 1], sourceAp) and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = false or - m = getFormatMethod() and + m = this.getFormatMethod() and exists(int i | (m.getParameter(0).getType() instanceof SystemIFormatProviderInterface implies i != 0) and source = getFlowSourceArg(m, i, sourceAp) and @@ -749,10 +749,10 @@ class SystemTextStringBuilderFlow extends LibraryTypeDataFlow, SystemTextStringB SourceDeclarationCallable c, boolean preservesValue ) { ( - constructorFlow(source, sourceAp, sink, sinkAp, c) and + this.constructorFlow(source, sourceAp, sink, sinkAp, c) and preservesValue = true or - methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue) + this.methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue) ) } @@ -760,7 +760,7 @@ class SystemTextStringBuilderFlow extends LibraryTypeDataFlow, SystemTextStringB CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp, Constructor c ) { - c = getAMember() and + c = this.getAMember() and c.getParameter(0).getType() instanceof StringType and source = TCallableFlowSourceArg(0) and sourceAp = AccessPath::empty() and @@ -894,7 +894,7 @@ class IEnumerableFlow extends LibraryTypeDataFlow, RefType { ) { preservesValue = true and ( - methodFlowLINQExtensions(source, sourceAp, sink, sinkAp, c) + this.methodFlowLINQExtensions(source, sourceAp, sink, sinkAp, c) or c = this.getFind() and sourceAp = AccessPath::element() and @@ -1674,14 +1674,14 @@ class SystemConvertFlow extends LibraryTypeDataFlow, SystemConvertClass { CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - methodFlow(source, sink, c) and + this.methodFlow(source, sink, c) and preservesValue = false } private predicate methodFlow( CallableFlowSource source, CallableFlowSink sink, SourceDeclarationMethod m ) { - m = getAMethod() and + m = this.getAMethod() and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() } @@ -1694,7 +1694,7 @@ class SystemWebHttpCookieFlow extends LibraryTypeDataFlow, SystemWebHttpCookie { boolean preservesValue ) { exists(Property p | - propertyFlow(p) and + this.propertyFlow(p) and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and c = p.getGetter() @@ -1703,8 +1703,8 @@ class SystemWebHttpCookieFlow extends LibraryTypeDataFlow, SystemWebHttpCookie { } private predicate propertyFlow(Property p) { - p = getValueProperty() or - p = getValuesProperty() + p = this.getValueProperty() or + p = this.getValuesProperty() } } @@ -1715,7 +1715,7 @@ class SystemNetCookieFlow extends LibraryTypeDataFlow, SystemNetCookieClass { boolean preservesValue ) { exists(Property p | - propertyFlow(p) and + this.propertyFlow(p) and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and c = p.getGetter() @@ -1733,7 +1733,7 @@ class SystemNetIPHostEntryFlow extends LibraryTypeDataFlow, SystemNetIPHostEntry boolean preservesValue ) { exists(Property p | - propertyFlow(p) and + this.propertyFlow(p) and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and c = p.getGetter() @@ -1742,8 +1742,8 @@ class SystemNetIPHostEntryFlow extends LibraryTypeDataFlow, SystemNetIPHostEntry } private predicate propertyFlow(Property p) { - p = getHostNameProperty() or - p = getAliasesProperty() + p = this.getHostNameProperty() or + p = this.getAliasesProperty() } } @@ -1755,7 +1755,7 @@ class SystemWebUIWebControlsTextBoxFlow extends LibraryTypeDataFlow, boolean preservesValue ) { exists(Property p | - propertyFlow(p) and + this.propertyFlow(p) and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and c = p.getGetter() @@ -1763,7 +1763,7 @@ class SystemWebUIWebControlsTextBoxFlow extends LibraryTypeDataFlow, preservesValue = false } - private predicate propertyFlow(Property p) { p = getTextProperty() } + private predicate propertyFlow(Property p) { p = this.getTextProperty() } } /** Data flow for `System.Collections.Generic.KeyValuePair`. */ @@ -1864,11 +1864,11 @@ class SystemThreadingTasksTaskFlow extends LibraryTypeDataFlow, SystemThreadingT SourceDeclarationCallable c, boolean preservesValue ) { ( - constructorFlow(source, sink, c) and + this.constructorFlow(source, sink, c) and sourceAp = AccessPath::empty() and sinkAp = AccessPath::empty() or - methodFlow(source, sourceAp, sink, sinkAp, c) + this.methodFlow(source, sourceAp, sink, sinkAp, c) ) and preservesValue = true } @@ -1954,9 +1954,9 @@ class SystemThreadingTasksTaskTFlow extends LibraryTypeDataFlow, SystemThreading SourceDeclarationCallable c, boolean preservesValue ) { ( - constructorFlow(source, sourceAp, sink, sinkAp, c) + this.constructorFlow(source, sourceAp, sink, sinkAp, c) or - methodFlow(source, sourceAp, sink, sinkAp, c) + this.methodFlow(source, sourceAp, sink, sinkAp, c) ) and preservesValue = true or @@ -2101,14 +2101,14 @@ private class SystemRuntimeCompilerServicesConfiguredTaskAwaitableTFlow extends class SystemThreadingTasksFactoryFlow extends LibraryTypeDataFlow { SystemThreadingTasksFactoryFlow() { this instanceof SystemThreadingTasksClass and - getName().regexpMatch("TaskFactory(<>)?") + this.getName().regexpMatch("TaskFactory(<>)?") } override predicate callableFlow( CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp, SourceDeclarationCallable c, boolean preservesValue ) { - methodFlow(source, sourceAp, sink, sinkAp, c) and + this.methodFlow(source, sourceAp, sink, sinkAp, c) and preservesValue = true } @@ -2236,12 +2236,12 @@ library class SystemTextEncodingFlow extends LibraryTypeDataFlow, SystemTextEnco preservesValue = false and c = this.getAMethod() and exists(Method m | m.getAnOverrider*().getUnboundDeclaration() = c | - m = getGetBytesMethod() and + m = this.getGetBytesMethod() and source = getFlowSourceArg(m, 0, sourceAp) and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() or - m = [getGetStringMethod(), getGetCharsMethod()] and + m = [this.getGetStringMethod(), this.getGetCharsMethod()] and source = TCallableFlowSourceArg(0) and sourceAp = AccessPath::element() and sink = TCallableFlowSinkReturn() and @@ -2257,9 +2257,9 @@ library class SystemIOMemoryStreamFlow extends LibraryTypeDataFlow, SystemIOMemo boolean preservesValue ) { ( - constructorFlow(source, sink, c) + this.constructorFlow(source, sink, c) or - c = getToArrayMethod().getAnOverrider*() and + c = this.getToArrayMethod().getAnOverrider*() and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() ) and @@ -2267,7 +2267,7 @@ library class SystemIOMemoryStreamFlow extends LibraryTypeDataFlow, SystemIOMemo } private predicate constructorFlow(CallableFlowSource source, CallableFlowSink sink, Constructor c) { - c = getAMember() and + c = this.getAMember() and c.getParameter(0).getType().(ArrayType).getElementType() instanceof ByteType and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() @@ -2281,17 +2281,17 @@ class SystemIOStreamFlow extends LibraryTypeDataFlow, SystemIOStreamClass { boolean preservesValue ) { ( - c = getAReadMethod().getAnOverrider*() and + c = this.getAReadMethod().getAnOverrider*() and c.getParameter(0).getType().(ArrayType).getElementType() instanceof ByteType and sink = TCallableFlowSinkArg(0) and source = TCallableFlowSourceQualifier() or - c = getAWriteMethod().getAnOverrider*() and + c = this.getAWriteMethod().getAnOverrider*() and c.getParameter(0).getType().(ArrayType).getElementType() instanceof ByteType and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkQualifier() or - c = any(Method m | m = getAMethod() and m.getName().matches("CopyTo%")).getAnOverrider*() and + c = any(Method m | m = this.getAMethod() and m.getName().matches("CopyTo%")).getAnOverrider*() and c.getParameter(0).getType() instanceof SystemIOStreamClass and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkArg(0) @@ -2307,12 +2307,12 @@ class SystemIOCompressionDeflateStreamFlow extends LibraryTypeDataFlow, CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - constructorFlow(source, sink, c) and + this.constructorFlow(source, sink, c) and preservesValue = false } private predicate constructorFlow(CallableFlowSource source, CallableFlowSink sink, Constructor c) { - c = getAMember() and + c = this.getAMember() and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() } @@ -2324,7 +2324,7 @@ class SystemXmlXmlReaderFlow extends LibraryTypeDataFlow, SystemXmlXmlReaderClas CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - c = getCreateMethod() and + c = this.getCreateMethod() and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() and preservesValue = false @@ -2337,7 +2337,7 @@ class SystemXmlXmlDocumentFlow extends LibraryTypeDataFlow, SystemXmlXmlDocument CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - c = getLoadMethod() and + c = this.getLoadMethod() and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkQualifier() and preservesValue = false @@ -2352,13 +2352,13 @@ class SystemXmlXmlNodeFlow extends LibraryTypeDataFlow, SystemXmlXmlNodeClass { ) { ( exists(Property p | - p = getAProperty() and + p = this.getAProperty() and c = p.getGetter() and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() ) or - c = getASelectNodeMethod() and + c = this.getASelectNodeMethod() and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() ) and @@ -2372,7 +2372,7 @@ class SystemXmlXmlNamedNodeMapFlow extends LibraryTypeDataFlow, SystemXmlXmlName CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c, boolean preservesValue ) { - c = getGetNamedItemMethod() and + c = this.getGetNamedItemMethod() and source = TCallableFlowSourceQualifier() and sink = TCallableFlowSinkReturn() and preservesValue = true @@ -2385,14 +2385,14 @@ class SystemIOPathFlow extends LibraryTypeDataFlow, SystemIOPathClass { CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp, SourceDeclarationCallable c, boolean preservesValue ) { - c = getAMethod("Combine") and + c = this.getAMethod("Combine") and source = getFlowSourceArg(c, _, sourceAp) and sink = TCallableFlowSinkReturn() and sinkAp = AccessPath::empty() and preservesValue = false or exists(Parameter p | - c = getAMethod() and + c = this.getAMethod() and c.getName().matches("Get%") and p = c.getAParameter() and p.hasName("path") and @@ -2411,10 +2411,10 @@ class SystemWebHttpUtilityFlow extends LibraryTypeDataFlow, SystemWebHttpUtility boolean preservesValue ) { ( - c = getAnHtmlAttributeEncodeMethod() or - c = getAnHtmlEncodeMethod() or - c = getAJavaScriptStringEncodeMethod() or - c = getAnUrlEncodeMethod() + c = this.getAnHtmlAttributeEncodeMethod() or + c = this.getAnHtmlEncodeMethod() or + c = this.getAJavaScriptStringEncodeMethod() or + c = this.getAnUrlEncodeMethod() ) and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() and @@ -2429,8 +2429,8 @@ class SystemWebHttpServerUtilityFlow extends LibraryTypeDataFlow, SystemWebHttpS boolean preservesValue ) { ( - c = getAnHtmlEncodeMethod() or - c = getAnUrlEncodeMethod() + c = this.getAnHtmlEncodeMethod() or + c = this.getAnUrlEncodeMethod() ) and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() and @@ -2445,8 +2445,8 @@ class SystemNetWebUtilityFlow extends LibraryTypeDataFlow, SystemNetWebUtility { boolean preservesValue ) { ( - c = getAnHtmlEncodeMethod() or - c = getAnUrlEncodeMethod() + c = this.getAnHtmlEncodeMethod() or + c = this.getAnUrlEncodeMethod() ) and source = TCallableFlowSourceArg(0) and sink = TCallableFlowSinkReturn() and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll index 44307d68e1f..4f70b53275d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll @@ -76,9 +76,9 @@ module Ssa { override Callable getEnclosingCallable() { this = SsaImpl::TLocalVar(result, _) } - override string toString() { result = getAssignable().getName() } + override string toString() { result = this.getAssignable().getName() } - override Location getLocation() { result = getAssignable().getLocation() } + override Location getLocation() { result = this.getAssignable().getLocation() } } /** A fully qualified field or property. */ @@ -105,7 +105,7 @@ module Ssa { ) } - override Location getLocation() { result = getFirstAccess().getLocation() } + override Location getLocation() { result = this.getFirstAccess().getLocation() } } /** A plain field or property. */ @@ -115,8 +115,8 @@ module Ssa { override string toString() { exists(Assignable f, string prefix | - f = getAssignable() and - result = prefix + "." + getAssignable() + f = this.getAssignable() and + result = prefix + "." + this.getAssignable() | if f.(Modifiable).isStatic() then prefix = f.getDeclaringType().getQualifiedName() @@ -134,7 +134,7 @@ module Ssa { override SourceVariable getQualifier() { this = SsaImpl::TQualifiedFieldOrProp(_, result, _) } - override string toString() { result = getQualifier() + "." + getAssignable() } + override string toString() { result = this.getQualifier() + "." + this.getAssignable() } } } @@ -611,20 +611,20 @@ module Ssa { * and which targets the same assignable as this SSA definition. */ final AssignableDefinition getAPossibleDefinition() { - exists(Callable setter | SsaImpl::updatesNamedFieldOrProp(_, _, getCall(), _, setter) | + exists(Callable setter | SsaImpl::updatesNamedFieldOrProp(_, _, this.getCall(), _, setter) | result.getEnclosingCallable() = setter and result.getTarget() = this.getSourceVariable().getAssignable() ) or - SsaImpl::updatesCapturedVariable(_, _, getCall(), _, result, _) and + SsaImpl::updatesCapturedVariable(_, _, this.getCall(), _, result, _) and result.getTarget() = this.getSourceVariable().getAssignable() } override string toString() { - result = getToStringPrefix(this) + "SSA call def(" + getSourceVariable() + ")" + result = getToStringPrefix(this) + "SSA call def(" + this.getSourceVariable() + ")" } - override Location getLocation() { result = getCall().getLocation() } + override Location getLocation() { result = this.getCall().getLocation() } } /** @@ -649,10 +649,10 @@ module Ssa { final Definition getQualifierDefinition() { result = q } override string toString() { - result = getToStringPrefix(this) + "SSA qualifier def(" + getSourceVariable() + ")" + result = getToStringPrefix(this) + "SSA qualifier def(" + this.getSourceVariable() + ")" } - override Location getLocation() { result = getQualifierDefinition().getLocation() } + override Location getLocation() { result = this.getQualifierDefinition().getLocation() } } /** @@ -699,7 +699,7 @@ module Ssa { } override string toString() { - result = getToStringPrefix(this) + "SSA phi(" + getSourceVariable() + ")" + result = getToStringPrefix(this) + "SSA phi(" + this.getSourceVariable() + ")" } /* diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll index f43a550af57..494780d2e1b 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll @@ -937,7 +937,7 @@ class CallContextSpecificCall extends CallContextCall, TSpecificCall { } override predicate relevantFor(DataFlowCallable callable) { - recordDataFlowCallSite(getCall(), callable) + recordDataFlowCallSite(this.getCall(), callable) } override predicate matchesCall(DataFlowCall call) { call = this.getCall() } @@ -1257,7 +1257,7 @@ abstract class AccessPathFront extends TAccessPathFront { TypedContent getHead() { this = TFrontHead(result) } - predicate isClearedAt(Node n) { clearsContentCached(n, getHead().getContent()) } + predicate isClearedAt(Node n) { clearsContentCached(n, this.getHead().getContent()) } } class AccessPathFrontNil extends AccessPathFront, TFrontNil { diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll index f007ba939e8..067a9b94f45 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll @@ -419,9 +419,9 @@ module ExprNode { * "else" expression of this conditional expression. */ ExprNode getBranchExpr(boolean branch) { - branch = true and result = getTrueExpr() + branch = true and result = this.getTrueExpr() or - branch = false and result = getFalseExpr() + branch = false and result = this.getFalseExpr() } } } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll index 558ecd1b88b..e450c11b5ab 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll @@ -28,7 +28,7 @@ class SsaReadPositionBlock extends SsaReadPosition, TSsaReadPositionBlock { /** Gets the basic block corresponding to this position. */ BasicBlock getBlock() { this = TSsaReadPositionBlock(result) } - override predicate hasReadOfVar(SsaVariable v) { getBlock() = getAReadBasicBlock(v) } + override predicate hasReadOfVar(SsaVariable v) { this.getBlock() = getAReadBasicBlock(v) } override string toString() { result = "block" } } @@ -49,8 +49,8 @@ class SsaReadPositionPhiInputEdge extends SsaReadPosition, TSsaReadPositionPhiIn /** Holds if `inp` is an input to `phi` along this edge. */ predicate phiInput(SsaPhiNode phi, SsaVariable inp) { - phi.hasInputFromBlock(inp, getOrigBlock()) and - getPhiBlock() = phi.getBasicBlock() + phi.hasInputFromBlock(inp, this.getOrigBlock()) and + this.getPhiBlock() = phi.getBasicBlock() } override string toString() { result = "edge" } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll index d0b4ef45ce8..509bdfb5e04 100644 --- a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll +++ b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll @@ -11,10 +11,10 @@ private import RuntimeCallable /** A call. */ class DispatchCall extends Internal::TDispatchCall { /** Gets a textual representation of this call. */ - string toString() { result = getCall().toString() } + string toString() { result = this.getCall().toString() } /** Gets the location of this call. */ - Location getLocation() { result = getCall().getLocation() } + Location getLocation() { result = this.getCall().getLocation() } /** Gets the underlying expression of this call. */ Expr getCall() { result = Internal::getCall(this) } @@ -209,7 +209,7 @@ private module Internal { abstract Expr getArgument(int i); /** Gets the number of arguments of this call. */ - int getNumberOfArguments() { result = count(int i | exists(getArgument(i))) } + int getNumberOfArguments() { result = count(int i | exists(this.getArgument(i))) } /** Gets the qualifier of this call, if any. */ abstract Expr getQualifier(); @@ -506,12 +506,12 @@ private module Internal { } override RuntimeCallable getADynamicTarget() { - result = getAViableInherited() + result = this.getAViableInherited() or - result = getAViableOverrider() + result = this.getAViableOverrider() or // Simple case: target method cannot be overridden - result = getAStaticTarget() and + result = this.getAStaticTarget() and not result instanceof OverridableCallable } @@ -779,9 +779,9 @@ private module Internal { ) } - override Expr getQualifier() { result = getCall().getQualifier() } + override Expr getQualifier() { result = this.getCall().getQualifier() } - override Method getAStaticTarget() { result = getCall().getTarget() } + override Method getAStaticTarget() { result = this.getCall().getTarget() } } /** @@ -793,24 +793,24 @@ private module Internal { private class DispatchAccessorCall extends DispatchMethodOrAccessorCall, TDispatchAccessorCall { override AccessorCall getCall() { this = TDispatchAccessorCall(result) } - override Expr getArgument(int i) { result = getCall().getArgument(i) } + override Expr getArgument(int i) { result = this.getCall().getArgument(i) } - override Expr getQualifier() { result = getCall().(MemberAccess).getQualifier() } + override Expr getQualifier() { result = this.getCall().(MemberAccess).getQualifier() } - override Accessor getAStaticTarget() { result = getCall().getTarget() } + override Accessor getAStaticTarget() { result = this.getCall().getTarget() } override RuntimeAccessor getADynamicTarget() { result = DispatchMethodOrAccessorCall.super.getADynamicTarget() and // Calls to accessors may have `dynamic` expression arguments, // so we need to check that the types match - forall(Type argumentType, int i | hasDynamicArg(i, argumentType) | + forall(Type argumentType, int i | this.hasDynamicArg(i, argumentType) | argumentType.isImplicitlyConvertibleTo(result.getParameter(i).getType()) ) } private predicate hasDynamicArg(int i, Type argumentType) { exists(Expr argument | - argument = getArgument(i) and + argument = this.getArgument(i) and argument.stripImplicitCasts().getType() instanceof DynamicType and argumentType = getAPossibleType(argument, _) ) @@ -896,7 +896,7 @@ private module Internal { // names and number of parameters. This set is further reduced in // `getADynamicTarget()` by taking type information into account. override Callable getAStaticTarget() { - result = getACallableWithMatchingName() and + result = this.getACallableWithMatchingName() and exists(int minArgs | minArgs = count(Parameter p | @@ -904,16 +904,19 @@ private module Internal { not p.hasDefaultValue() and not p.isParams() ) and - getNumberOfArguments() >= minArgs and - (result.(Method).hasParams() or getNumberOfArguments() <= result.getNumberOfParameters()) + this.getNumberOfArguments() >= minArgs and + ( + result.(Method).hasParams() or + this.getNumberOfArguments() <= result.getNumberOfParameters() + ) ) } private RuntimeCallable getACallableWithMatchingName() { - result.(Operator).getFunctionName() = getName() + result.(Operator).getFunctionName() = this.getName() or not result instanceof Operator and - result.getUndecoratedName() = getName() + result.getUndecoratedName() = this.getName() } // A callable is viable if the following conditions are all satisfied: @@ -987,7 +990,7 @@ private module Internal { * type of one of the arguments. */ RuntimeCallable getADynamicTargetCandidate() { - result = getAStaticTarget() and + result = this.getAStaticTarget() and ( result = getADynamicTargetCandidateInstanceMethod(this.getAQualifierType()) or @@ -999,13 +1002,13 @@ private module Internal { result instanceof RuntimeInstanceAccessor and this.hasUnknownQualifierType() or - result = getADynamicTargetCandidateOperator() + result = this.getADynamicTargetCandidateOperator() ) } pragma[noinline] private RuntimeOperator getADynamicTargetCandidateOperator() { - result = getAStaticTarget() and + result = this.getAStaticTarget() and result.getDeclaringType() = result.getAParameter().getType() } } @@ -1138,8 +1141,8 @@ private module Internal { result = DispatchReflectionOrDynamicCall.super.getADynamicTargetCandidate() or // Static callables can be called using reflection as well - result = getAStaticTarget() and - result.getDeclaringType() = getStaticType() and + result = this.getAStaticTarget() and + result.getDeclaringType() = this.getStaticType() and result.(Modifiable).isStatic() } @@ -1147,7 +1150,7 @@ private module Internal { override Expr getArgument(int i) { exists(int args, ArrayCreation ac | this = TDispatchReflectionCall(_, _, _, _, args) and - ac = getAMethodCallArgSource(getCall().getArgument(args)) and + ac = getAMethodCallArgSource(this.getCall().getArgument(args)) and result = ac.getInitializer().getElement(i) ) } @@ -1158,20 +1161,20 @@ private module Internal { TDispatchDynamicMethodCall { override DynamicMethodCall getCall() { this = TDispatchDynamicMethodCall(result) } - override string getName() { result = getCall().getLateBoundTargetName() } + override string getName() { result = this.getCall().getLateBoundTargetName() } - override Expr getQualifier() { result = getCall().getQualifier() } + override Expr getQualifier() { result = this.getCall().getQualifier() } override RuntimeMethod getADynamicTargetCandidate() { - if exists(getCall().getTarget()) + if exists(this.getCall().getTarget()) then // static method call - result = getCall().getTarget() + result = this.getCall().getTarget() else result = DispatchReflectionOrDynamicCall.super.getADynamicTargetCandidate() } // Does not take named arguments into account - override Expr getArgument(int i) { result = getCall().getArgument(i) } + override Expr getArgument(int i) { result = this.getCall().getArgument(i) } } /** An operator call using dynamic types. */ @@ -1181,14 +1184,14 @@ private module Internal { override string getName() { exists(Operator o | - o.getName() = getCall().getLateBoundTargetName() and + o.getName() = this.getCall().getLateBoundTargetName() and result = o.getFunctionName() ) } override Expr getQualifier() { none() } - override Expr getArgument(int i) { result = getCall().getArgument(i) } + override Expr getArgument(int i) { result = this.getCall().getArgument(i) } } /** A (potential) call to a property accessor using dynamic types. */ @@ -1255,7 +1258,7 @@ private module Internal { any(DynamicMemberAccess dma | this = TDispatchDynamicEventAccess(_, dma, _)).getQualifier() } - override Expr getArgument(int i) { i = 0 and result = getCall().getRValue() } + override Expr getArgument(int i) { i = 0 and result = this.getCall().getRValue() } } /** A call to a constructor using dynamic types. */ @@ -1267,9 +1270,9 @@ private module Internal { override Expr getQualifier() { none() } - override Expr getArgument(int i) { result = getCall().getArgument(i) } + override Expr getArgument(int i) { result = this.getCall().getArgument(i) } - override RuntimeCallable getADynamicTargetCandidate() { result = getCall().getTarget() } + override RuntimeCallable getADynamicTargetCandidate() { result = this.getCall().getTarget() } } /** A call where the target can be resolved statically. */ @@ -1285,8 +1288,8 @@ private module Internal { ) } - override Callable getAStaticTarget() { result = getCall().getTarget() } + override Callable getAStaticTarget() { result = this.getCall().getTarget() } - override RuntimeCallable getADynamicTarget() { result = getCall().getTarget() } + override RuntimeCallable getADynamicTarget() { result = this.getCall().getTarget() } } } diff --git a/csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll b/csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll index 4913ea2bc3c..dc963881cbf 100644 --- a/csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll +++ b/csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll @@ -58,13 +58,13 @@ class OverridableCallable extends Callable { * `I.M.getAnImplementorSubType(D) = C.M`. */ private Callable getAnImplementorSubType(ValueOrRefType t) { - result = getAnImplementor(t) + result = this.getAnImplementor(t) or exists(ValueOrRefType mid | - result = getAnImplementorSubType(mid) and + result = this.getAnImplementorSubType(mid) and t.getBaseClass() = mid and // There must be no other implementation of this callable in `t` - forall(Callable other | other = getAnImplementor(t) | other = result) + forall(Callable other | other = this.getAnImplementor(t) | other = result) ) } @@ -107,8 +107,8 @@ class OverridableCallable extends Callable { * implements this interface callable, if any. */ private Callable getAnOverridingImplementor() { - result = getAnUltimateImplementor() and - not result = getAnImplementor(_) + result = this.getAnUltimateImplementor() and + not result = this.getAnImplementor(_) } /** @@ -150,10 +150,10 @@ class OverridableCallable extends Callable { } private Callable getInherited1(ValueOrRefType t) { - result = getInherited0(t) + result = this.getInherited0(t) or // An interface implementation - result = getAnImplementorSubType(t) + result = this.getAnImplementorSubType(t) } pragma[noinline] @@ -171,7 +171,7 @@ class OverridableCallable extends Callable { private predicate isDeclaringSubType(ValueOrRefType t) { t = this.getDeclaringType() or - exists(ValueOrRefType mid | isDeclaringSubType(mid) | t = mid.getASubType()) + exists(ValueOrRefType mid | this.isDeclaringSubType(mid) | t = mid.getASubType()) } pragma[noinline] @@ -232,7 +232,7 @@ class OverridableAccessor extends Accessor, OverridableCallable { override Accessor getAnImplementor(ValueOrRefType t) { exists(Virtualizable implementor, int kind | - getAnImplementorAux(t, implementor, kind) and + this.getAnImplementorAux(t, implementor, kind) and result.getDeclaration() = implementor and getAccessorKind(result) = kind ) @@ -241,7 +241,7 @@ class OverridableAccessor extends Accessor, OverridableCallable { // predicate folding to get proper join order private predicate getAnImplementorAux(ValueOrRefType t, Virtualizable implementor, int kind) { exists(Virtualizable implementee | - implementee = getDeclaration() and + implementee = this.getDeclaration() and kind = getAccessorKind(this) and implementor = implementee.getAnImplementor(t) ) @@ -249,7 +249,7 @@ class OverridableAccessor extends Accessor, OverridableCallable { override Accessor getAnUltimateImplementor() { exists(Virtualizable implementor, int kind | - getAnUltimateImplementorAux(implementor, kind) and + this.getAnUltimateImplementorAux(implementor, kind) and result.getDeclaration() = implementor and getAccessorKind(result) = kind ) @@ -258,7 +258,7 @@ class OverridableAccessor extends Accessor, OverridableCallable { // predicate folding to get proper join order private predicate getAnUltimateImplementorAux(Virtualizable implementor, int kind) { exists(Virtualizable implementee | - implementee = getDeclaration() and + implementee = this.getDeclaration() and kind = getAccessorKind(this) and implementor = implementee.getAnUltimateImplementor() ) diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll index ab3ea182056..9d7cf3a5867 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll @@ -115,7 +115,7 @@ class MemberAccess extends Access, QualifiableExpr, @member_access_expr { not exists(MemberInitializer mi | mi.getLValue() = this) } - override Member getQualifiedDeclaration() { result = getTarget() } + override Member getQualifiedDeclaration() { result = this.getTarget() } override Member getTarget() { none() } } @@ -147,8 +147,8 @@ class AssignableAccess extends Access, @assignable_access_expr { * or a `ref` argument in a method call. */ predicate isOutOrRefArgument() { - isOutArgument() or - isRefArgument() + this.isOutArgument() or + this.isRefArgument() } /** @@ -507,7 +507,7 @@ class ElementAccess extends AssignableAccess, QualifiableExpr, @element_access_e * Gets an index expression of this element access, for example * `1` in `x[0, 1]`. */ - Expr getAnIndex() { result = getIndex(_) } + Expr getAnIndex() { result = this.getIndex(_) } /** * Gets the `i`th index expression of this element access, for example the @@ -515,7 +515,7 @@ class ElementAccess extends AssignableAccess, QualifiableExpr, @element_access_e */ Expr getIndex(int i) { result = this.getChild(i) and i >= 0 } - override Assignable getQualifiedDeclaration() { result = getTarget() } + override Assignable getQualifiedDeclaration() { result = this.getTarget() } } /** @@ -615,7 +615,7 @@ class IndexerWrite extends IndexerAccess, ElementWrite { } * ``` */ class VirtualIndexerAccess extends IndexerAccess { - VirtualIndexerAccess() { targetIsOverridableOrImplementable() } + VirtualIndexerAccess() { this.targetIsOverridableOrImplementable() } } /** @@ -647,7 +647,7 @@ library class EventAccessExpr extends Expr, @event_access_expr { * ``` */ class EventAccess extends AssignableMemberAccess, EventAccessExpr { - override Event getTarget() { result = getEvent() } + override Event getTarget() { result = this.getEvent() } override string getAPrimaryQlClass() { result = "EventAccess" } } @@ -707,7 +707,7 @@ class EventWrite extends EventAccess, AssignableWrite { } * ``` */ class VirtualEventAccess extends EventAccess { - VirtualEventAccess() { targetIsOverridableOrImplementable() } + VirtualEventAccess() { this.targetIsOverridableOrImplementable() } } /** @@ -787,7 +787,7 @@ class LocalFunctionAccess extends CallableAccess { * ``` */ class VirtualMethodAccess extends MethodAccess { - VirtualMethodAccess() { targetIsOverridableOrImplementable() } + VirtualMethodAccess() { this.targetIsOverridableOrImplementable() } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/ArithmeticOperation.qll b/csharp/ql/lib/semmle/code/csharp/exprs/ArithmeticOperation.qll index ac98c0eafcf..f20bfba1589 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/ArithmeticOperation.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/ArithmeticOperation.qll @@ -138,10 +138,10 @@ class DivExpr extends BinaryArithmeticOperation, @div_expr { override string getOperator() { result = "/" } /** Gets the numerator of this division operation. */ - Expr getNumerator() { result = getLeftOperand() } + Expr getNumerator() { result = this.getLeftOperand() } /** Gets the denominator of this division operation. */ - Expr getDenominator() { result = getRightOperand() } + Expr getDenominator() { result = this.getRightOperand() } override string getAPrimaryQlClass() { result = "DivExpr" } } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll index 88ef770160a..562a4dd9cd5 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll @@ -27,7 +27,7 @@ class Assignment extends Operation, @assign_expr { Expr getRValue() { result = this.getChild(0) } /** Gets the variable being assigned to, if any. */ - Variable getTargetVariable() { result.getAnAccess() = getLValue() } + Variable getTargetVariable() { result.getAnAccess() = this.getLValue() } override string getOperator() { none() } } @@ -38,7 +38,7 @@ class Assignment extends Operation, @assign_expr { class LocalVariableDeclAndInitExpr extends LocalVariableDeclExpr, Assignment { override string getOperator() { result = "=" } - override LocalVariable getTargetVariable() { result = getVariable() } + override LocalVariable getTargetVariable() { result = this.getVariable() } override LocalVariableAccess getLValue() { result = Assignment.super.getLValue() } @@ -86,7 +86,7 @@ class AssignOperation extends Assignment, @assign_op_expr { * If an expanded version exists, then it is used in the control * flow graph. */ - predicate hasExpandedAssignment() { exists(getExpandedAssignment()) } + predicate hasExpandedAssignment() { exists(this.getExpandedAssignment()) } override string toString() { result = "... " + this.getOperator() + " ..." } } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Call.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Call.qll index 6dc88e941ef..a4c4ab1b670 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Call.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Call.qll @@ -47,7 +47,7 @@ class Call extends DotNet::Call, Expr, @call { override Expr getRawArgument(int i) { result = this.getArgument(i) } - override Expr getAnArgument() { result = getArgument(_) } + override Expr getAnArgument() { result = this.getArgument(_) } /** Gets the number of arguments of this call. */ int getNumberOfArguments() { result = count(this.getAnArgument()) } @@ -80,7 +80,7 @@ class Call extends DotNet::Call, Expr, @call { */ cached override Expr getArgumentForParameter(DotNet::Parameter p) { - getTarget().getAParameter() = p and + this.getTarget().getAParameter() = p and ( // Appears in the positional part of the call result = this.getImplicitArgument(p.getPosition()) and @@ -94,7 +94,7 @@ class Call extends DotNet::Call, Expr, @call { ) or // Appears in the named part of the call - result = getExplicitArgument(p.getName()) and + result = this.getExplicitArgument(p.getName()) and (p.(Parameter).isParams() implies isValidExplicitParamsType(p, result.getType())) ) } @@ -112,13 +112,13 @@ class Call extends DotNet::Call, Expr, @call { pragma[noinline] private Expr getImplicitArgument(int pos) { - result = getArgument(pos) and + result = this.getArgument(pos) and not exists(result.getExplicitArgumentName()) } pragma[nomagic] private Expr getExplicitArgument(string name) { - result = getAnArgument() and + result = this.getAnArgument() and result.getExplicitArgumentName() = name } @@ -131,7 +131,7 @@ class Call extends DotNet::Call, Expr, @call { */ Expr getArgumentForName(string name) { exists(Parameter p | - result = getArgumentForParameter(p) and + result = this.getArgumentForParameter(p) and p.hasName(name) ) } @@ -219,7 +219,7 @@ class Call extends DotNet::Call, Expr, @call { */ Expr getRuntimeArgumentForParameter(Parameter p) { exists(Callable c | - c = getARuntimeTarget() and + c = this.getARuntimeTarget() and p = c.getAParameter() and result = this.getRuntimeArgument(p.getPosition()) ) @@ -231,7 +231,7 @@ class Call extends DotNet::Call, Expr, @call { */ Expr getRuntimeArgumentForName(string name) { exists(Parameter p | - result = getRuntimeArgumentForParameter(p) and + result = this.getRuntimeArgumentForParameter(p) and p.hasName(name) ) } @@ -240,19 +240,19 @@ class Call extends DotNet::Call, Expr, @call { * Gets an argument that corresponds to a parameter of a potential * run-time target of this call. */ - Expr getARuntimeArgument() { result = getRuntimeArgument(_) } + Expr getARuntimeArgument() { result = this.getRuntimeArgument(_) } /** * Gets the number of arguments that correspond to a parameter of a potential * run-time target of this call. */ - int getNumberOfRuntimeArguments() { result = count(getARuntimeArgument()) } + int getNumberOfRuntimeArguments() { result = count(this.getARuntimeArgument()) } /** * Holds if this call has no arguments that correspond to a parameter of a * potential (run-time) target of this call. */ - predicate hasNoRuntimeArguments() { not exists(getARuntimeArgument()) } + predicate hasNoRuntimeArguments() { not exists(this.getARuntimeArgument()) } override string toString() { result = "call" } } @@ -295,19 +295,19 @@ private predicate isValidExplicitParamsType(Parameter p, Type t) { class MethodCall extends Call, QualifiableExpr, LateBindableExpr, @method_invocation_expr { override Method getTarget() { expr_call(this, result) } - override Method getQualifiedDeclaration() { result = getTarget() } + override Method getQualifiedDeclaration() { result = this.getTarget() } override string toString() { result = "call to method " + concat(this.getTarget().getName()) } override string getAPrimaryQlClass() { result = "MethodCall" } override Expr getRawArgument(int i) { - if exists(getQualifier()) + if exists(this.getQualifier()) then - i = 0 and result = getQualifier() + i = 0 and result = this.getQualifier() or - result = getArgument(i - 1) - else result = getArgument(i) + result = this.getArgument(i - 1) + else result = this.getArgument(i) } } @@ -336,7 +336,7 @@ class ExtensionMethodCall extends MethodCall { override Expr getArgument(int i) { exists(int j | result = this.getChildExpr(j) | - if isOrdinaryStaticCall() then (j = i and j >= 0) else (j = i - 1 and j >= -1) + if this.isOrdinaryStaticCall() then (j = i and j >= 0) else (j = i - 1 and j >= -1) ) } @@ -379,8 +379,8 @@ class ExtensionMethodCall extends MethodCall { */ class VirtualMethodCall extends MethodCall { VirtualMethodCall() { - not getQualifier() instanceof BaseAccess and - getTarget().isOverridableOrImplementable() + not this.getQualifier() instanceof BaseAccess and + this.getTarget().isOverridableOrImplementable() } } @@ -573,7 +573,7 @@ class DelegateLikeCall extends Call, DelegateLikeCall_ { ) } - override Expr getRuntimeArgument(int i) { result = getArgument(i) } + override Expr getRuntimeArgument(int i) { result = this.getArgument(i) } } /** @@ -618,11 +618,11 @@ class DelegateCall extends DelegateLikeCall, @delegate_invocation_expr { } deprecated private AddEventSource getAnAddEventSourceSameEnclosingCallable() { - result = getAnAddEventSource(this.getEnclosingCallable()) + result = this.getAnAddEventSource(this.getEnclosingCallable()) } deprecated private AddEventSource getAnAddEventSourceDifferentEnclosingCallable() { - exists(Callable c | result = getAnAddEventSource(c) | c != this.getEnclosingCallable()) + exists(Callable c | result = this.getAnAddEventSource(c) | c != this.getEnclosingCallable()) } /** @@ -683,7 +683,7 @@ class AccessorCall extends Call, QualifiableExpr, @call_access_expr { */ class PropertyCall extends AccessorCall, PropertyAccessExpr { override Accessor getTarget() { - exists(PropertyAccess pa, Property p | pa = this and p = getProperty() | + exists(PropertyAccess pa, Property p | pa = this and p = this.getProperty() | pa instanceof AssignableRead and result = p.getGetter() or pa instanceof AssignableWrite and result = p.getSetter() @@ -718,7 +718,7 @@ class PropertyCall extends AccessorCall, PropertyAccessExpr { */ class IndexerCall extends AccessorCall, IndexerAccessExpr { override Accessor getTarget() { - exists(IndexerAccess ia, Indexer i | ia = this and i = getIndexer() | + exists(IndexerAccess ia, Indexer i | ia = this and i = this.getIndexer() | ia instanceof AssignableRead and result = i.getGetter() or ia instanceof AssignableWrite and result = i.getSetter() @@ -761,7 +761,7 @@ class IndexerCall extends AccessorCall, IndexerAccessExpr { class EventCall extends AccessorCall, EventAccessExpr { override EventAccessor getTarget() { exists(Event e, AddOrRemoveEventExpr aoree | - e = getEvent() and + e = this.getEvent() and aoree.getLValue() = this | aoree instanceof AddEventExpr and result = e.getAddEventAccessor() @@ -799,7 +799,7 @@ class EventCall extends AccessorCall, EventAccessExpr { class LocalFunctionCall extends Call, @local_function_invocation_expr { override LocalFunction getTarget() { expr_call(this, result) } - override string toString() { result = "call to local function " + getTarget().getName() } + override string toString() { result = "call to local function " + this.getTarget().getName() } override string getAPrimaryQlClass() { result = "LocalFunctionCall" } } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll index c9ae3919004..84bcf7b87bc 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll @@ -45,7 +45,7 @@ class ObjectInitializer extends ObjectOrCollectionInitializer, @object_init_expr * } * ``` */ - MemberInitializer getAMemberInitializer() { result = getMemberInitializer(_) } + MemberInitializer getAMemberInitializer() { result = this.getMemberInitializer(_) } /** * Gets the `i`th member initializer of this object initializer. For example, @@ -122,7 +122,7 @@ class CollectionInitializer extends ObjectOrCollectionInitializer, @collection_i * }; * ``` */ - ElementInitializer getAnElementInitializer() { result = getElementInitializer(_) } + ElementInitializer getAnElementInitializer() { result = this.getElementInitializer(_) } /** * Gets the `i`th element initializer of this collection initializer, for @@ -180,7 +180,7 @@ class ElementInitializer extends MethodCall { */ class ObjectCreation extends Call, LateBindableExpr, @object_creation_expr { /** Gets the type of the newly created object. */ - ValueOrRefType getObjectType() { result = getType() } + ValueOrRefType getObjectType() { result = this.getType() } override Constructor getTarget() { expr_call(this, result) } @@ -320,7 +320,7 @@ class ArrayInitializer extends Expr, @array_init_expr { * }; * ``` */ - Expr getAnElement() { result = getElement(_) } + Expr getAnElement() { result = this.getElement(_) } /** * Gets the `i`th element of this array initializer, for example the second @@ -365,7 +365,7 @@ class ArrayCreation extends Expr, @array_creation_expr { * new int[5, 10] * ``` */ - Expr getALengthArgument() { result = getLengthArgument(_) } + Expr getALengthArgument() { result = this.getLengthArgument(_) } /** * Gets the `i`th dimension's length argument of this array creation, for @@ -427,7 +427,7 @@ class AnonymousFunctionExpr extends Expr, Callable, Modifiable, @anonymous_funct override string toString() { result = Expr.super.toString() } - override string toStringWithTypes() { result = toString() } + override string toStringWithTypes() { result = this.toString() } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll index ea6012ca3e1..eda31432f38 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll @@ -15,7 +15,7 @@ private import semmle.code.csharp.dispatch.Dispatch * (`DynamicAccessorCall`), or a dynamic element access (`DynamicElementAccess`). */ class DynamicExpr extends LateBindableExpr { - DynamicExpr() { isLateBound() } + DynamicExpr() { this.isLateBound() } } /** @@ -67,7 +67,7 @@ class DynamicObjectCreation extends DynamicExpr, ObjectCreation { * may not be known at compile-time (as in the example above). */ class DynamicMethodCall extends DynamicExpr, MethodCall { - override string toString() { result = "dynamic call to method " + getLateBoundTargetName() } + override string toString() { result = "dynamic call to method " + this.getLateBoundTargetName() } override string getAPrimaryQlClass() { result = "DynamicMethodCall" } } @@ -97,7 +97,9 @@ class DynamicMethodCall extends DynamicExpr, MethodCall { * target operator may not be known at compile-time (as in the example above). */ class DynamicOperatorCall extends DynamicExpr, OperatorCall { - override string toString() { result = "dynamic call to operator " + getLateBoundTargetName() } + override string toString() { + result = "dynamic call to operator " + this.getLateBoundTargetName() + } override string getAPrimaryQlClass() { result = "DynamicOperatorCall" } } @@ -189,7 +191,9 @@ class DynamicAccess extends DynamicExpr { */ class DynamicMemberAccess extends DynamicAccess, MemberAccess, AssignableAccess, @dynamic_member_access_expr { - override string toString() { result = "dynamic access to member " + getLateBoundTargetName() } + override string toString() { + result = "dynamic access to member " + this.getLateBoundTargetName() + } override string getAPrimaryQlClass() { result = "DynamicMemberAccess" } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll index 0988bb84340..47477afe2b9 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll @@ -103,7 +103,7 @@ class Expr extends DotNet::Expr, ControlFlowElement, @expr { class LateBindableExpr extends Expr, @late_bindable_expr { /** Holds if this expression is late bound. */ predicate isLateBound() { - exists(getLateBoundTargetName()) or + exists(this.getLateBoundTargetName()) or isDynamicMemberAccess(this) or isDynamicElementAccess(this) } @@ -221,9 +221,9 @@ class BinaryOperation extends Operation, @bin_op { /** Gets the other operand of this binary operation, given operand `o`. */ Expr getOtherOperand(Expr o) { - o = getLeftOperand() and result = getRightOperand() + o = this.getLeftOperand() and result = this.getRightOperand() or - o = getRightOperand() and result = getLeftOperand() + o = this.getRightOperand() and result = this.getLeftOperand() } override string getOperator() { none() } @@ -368,7 +368,7 @@ class RelationalPatternExpr extends PatternExpr, @relational_pattern_expr { /** Gets the expression of this relational pattern. */ Expr getExpr() { result = this.getChild(0) } - override string toString() { result = getOperator() + " ..." } + override string toString() { result = this.getOperator() + " ..." } } /** A less-than pattern, for example `< 10` in `x is < 10`. */ @@ -520,7 +520,7 @@ class NotPatternExpr extends UnaryPatternExpr, @not_pattern_expr { /** A binary pattern. For example, `1 or 2`. */ class BinaryPatternExpr extends PatternExpr, @binary_pattern_expr { /** Gets a pattern. */ - PatternExpr getAnOperand() { result = getLeftOperand() or result = getRightOperand() } + PatternExpr getAnOperand() { result = this.getLeftOperand() or result = this.getRightOperand() } /** Gets the left pattern. */ PatternExpr getLeftOperand() { result = this.getChild(0) } @@ -743,7 +743,7 @@ class DefaultValueExpr extends Expr, @default_expr { TypeAccess getTypeAccess() { result = this.getChild(0) } override string toString() { - if exists(getTypeAccess()) then result = "default(...)" else result = "default" + if exists(this.getTypeAccess()) then result = "default(...)" else result = "default" } override string getAPrimaryQlClass() { result = "DefaultValueExpr" } @@ -757,7 +757,7 @@ class SizeofExpr extends UnaryOperation, @sizeof_expr { * Gets the type access in this `sizeof` expression, for example `int` in * `sizeof(int)`. */ - TypeAccess getTypeAccess() { result = getOperand() } + TypeAccess getTypeAccess() { result = this.getOperand() } override string getOperator() { result = "sizeof(..)" } @@ -830,7 +830,7 @@ class AddressOfExpr extends UnaryOperation, @address_of_expr { */ class AwaitExpr extends Expr, @await_expr { /** Gets the expression being awaited. */ - Expr getExpr() { result = getChild(0) } + Expr getExpr() { result = this.getChild(0) } override string toString() { result = "await ..." } @@ -881,7 +881,7 @@ class InterpolatedStringExpr extends Expr, @interpolated_string_expr { * element (`getText(0)` gets the text). */ Expr getInsert(int i) { - result = getChild(i) and + result = this.getChild(i) and not result instanceof StringLiteral } @@ -891,13 +891,13 @@ class InterpolatedStringExpr extends Expr, @interpolated_string_expr { * `$"Hello, {name}!"`. Note that there is no text element at index `i = 1`, * but instead an insert (`getInsert(1)` gets the insert). */ - StringLiteral getText(int i) { result = getChild(i) } + StringLiteral getText(int i) { result = this.getChild(i) } /** Gets an insert in this interpolated string. */ - Expr getAnInsert() { result = getInsert(_) } + Expr getAnInsert() { result = this.getInsert(_) } /** Gets a text element in this interpolated string. */ - StringLiteral getAText() { result = getText(_) } + StringLiteral getAText() { result = this.getText(_) } } /** @@ -914,7 +914,7 @@ class ThrowElement extends ControlFlowElement, DotNet::Throw, @throw_element { /** Gets the type of exception being thrown. */ Class getThrownExceptionType() { - result = getExpr().getType() + result = this.getExpr().getType() or // Corner case: `throw null` this.getExpr().getType() instanceof NullType and @@ -958,7 +958,7 @@ class QualifiableExpr extends Expr, @qualifiable_expr { Expr getQualifier() { result = this.getChildExpr(-1) } /** Holds if this expression is qualified. */ - final predicate hasQualifier() { exists(getQualifier()) } + final predicate hasQualifier() { exists(this.getQualifier()) } /** Holds if this expression has an implicit `this` qualifier. */ predicate hasImplicitThisQualifier() { this.getQualifier().(ThisAccess).isImplicit() } @@ -1029,10 +1029,10 @@ class TupleExpr extends Expr, @tuple_expr { override string toString() { result = "(..., ...)" } /** Gets the `i`th argument of this tuple. */ - Expr getArgument(int i) { result = getChild(i) } + Expr getArgument(int i) { result = this.getChild(i) } /** Gets an argument of this tuple. */ - Expr getAnArgument() { result = getArgument(_) } + Expr getAnArgument() { result = this.getArgument(_) } /** Holds if this tuple is a read access. */ deprecated predicate isReadAccess() { not this = getAnAssignOrForeachChild() } @@ -1057,11 +1057,11 @@ class TupleExpr extends Expr, @tuple_expr { */ class RefExpr extends Expr, @ref_expr { /** Gets the expression being referenced. */ - Expr getExpr() { result = getChild(0) } + Expr getExpr() { result = this.getChild(0) } override string toString() { result = "ref ..." } - override Type getType() { result = getExpr().getType() } + override Type getType() { result = this.getExpr().getType() } override string getAPrimaryQlClass() { result = "RefExpr" } } @@ -1154,7 +1154,7 @@ class DefineSymbolExpr extends Expr, @define_symbol_expr { /** Gets the name of the symbol. */ string getName() { directive_define_symbols(this, result) } - override string toString() { result = getName() } + override string toString() { result = this.getName() } override string getAPrimaryQlClass() { result = "DefineSymbolExpr" } } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Literal.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Literal.qll index 0ca9f6d0db0..842e27fb96b 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Literal.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Literal.qll @@ -23,9 +23,9 @@ class Literal extends DotNet::Literal, Expr, @literal_expr { class BoolLiteral extends Literal, @bool_literal_expr { /** Gets the value of this Boolean literal. */ boolean getBoolValue() { - getValue() = "true" and result = true + this.getValue() = "true" and result = true or - getValue() = "false" and result = false + this.getValue() = "false" and result = false } override string getAPrimaryQlClass() { result = "BoolLiteral" } @@ -105,7 +105,7 @@ class DecimalLiteral extends RealLiteral, @decimal_literal_expr { * A `string` literal, for example `"Hello, World!"`. */ class StringLiteral extends DotNet::StringLiteral, Literal, @string_literal_expr { - override string toString() { result = "\"" + getValue().replaceAll("\"", "\\\"") + "\"" } + override string toString() { result = "\"" + this.getValue().replaceAll("\"", "\\\"") + "\"" } override string getAPrimaryQlClass() { result = "StringLiteral" } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll index 36882d3b12e..723832906c6 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll @@ -239,7 +239,7 @@ module EntityFramework { private class SystemDataEntityDbSetSqlQuerySinkModelCsv extends SinkModelCsv { override predicate row(string row) { row = - ["System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql"] + "System.Data.Entity;DbSet;false;SqlQuery;(System.String,System.Object[]);;Argument[0];sql" } } @@ -317,7 +317,7 @@ module EntityFramework { dist = 0 ) or - step(_, _, c1, t1, dist - 1) and + this.step(_, _, c1, t1, dist - 1) and dist < DataFlowPrivate::accessPathLimit() - 1 and not isNotMapped(t2) and ( @@ -374,11 +374,11 @@ module EntityFramework { } private predicate stepRev(Content c1, Type t1, Content c2, Type t2, int dist) { - step(c1, t1, c2, t2, dist) and - c2.(PropertyContent).getProperty() = getAColumnProperty(dist) + this.step(c1, t1, c2, t2, dist) and + c2.(PropertyContent).getProperty() = this.getAColumnProperty(dist) or - stepRev(c2, t2, _, _, dist + 1) and - step(c1, t1, c2, t2, dist) + this.stepRev(c2, t2, _, _, dist + 1) and + this.step(c1, t1, c2, t2, dist) } /** Gets a `SaveChanges[Async]` method. */ @@ -453,8 +453,8 @@ module EntityFramework { ) { exists(Property mapped | preservesValue = true and - input(input, mapped) and - output(output, mapped) + this.input(input, mapped) and + this.output(output, mapped) ) } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll index 3c659d86d46..2ffbfe6e7e1 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll @@ -155,13 +155,13 @@ class InvalidFormatString extends StringLiteral { int oldstartcolumn, int padding | this.getLocation().hasLocationInfo(filepath, startline, oldstartcolumn, endline, endcolumn) and - startcolumn = padding + oldstartcolumn + getInvalidOffset() and + startcolumn = padding + oldstartcolumn + this.getInvalidOffset() and toUrl(filepath, startline, startcolumn, endline, endcolumn, result) | // Single-line string literal beginning " or @" // Figure out the correct indent. startline = endline and - padding = endcolumn - oldstartcolumn - getValue().length() + padding = endcolumn - oldstartcolumn - this.getValue().length() or // Multi-line literal beginning @" startline != endline and diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll index 841bf94dd9a..c0c1a765469 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll @@ -62,25 +62,25 @@ module JsonNET { boolean preservesValue ) { // ToString methods - c = getAToStringMethod() and + c = this.getAToStringMethod() and preservesValue = false and source = any(CallableFlowSourceArg arg | arg.getArgumentIndex() = 0) and sink instanceof CallableFlowSinkReturn or // Deserialize methods - c = getADeserializeMethod() and + c = this.getADeserializeMethod() and preservesValue = false and source = any(CallableFlowSourceArg arg | arg.getArgumentIndex() = 0) and sink instanceof CallableFlowSinkReturn or // Serialize methods - c = getASerializeMethod() and + c = this.getASerializeMethod() and preservesValue = false and source = any(CallableFlowSourceArg arg | arg.getArgumentIndex() = 0) and sink instanceof CallableFlowSinkReturn or // Populate methods - c = getAPopulateMethod() and + c = this.getAPopulateMethod() and preservesValue = false and source = any(CallableFlowSourceArg arg | arg.getArgumentIndex() = 0) and sink = any(CallableFlowSinkArg arg | arg.getArgumentIndex() = 1) diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Moq.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Moq.qll index 92811122696..e0705ac7d98 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/Moq.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Moq.qll @@ -21,7 +21,7 @@ class ReturnsMethod extends Method { */ Expr getAReturnedExpr() { exists(MethodCall mc, Expr arg | - mc = getACall() and + mc = this.getACall() and arg = mc.getArgument(0) | if arg instanceof LambdaExpr then arg.(LambdaExpr).canReturn(result) else result = arg diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll index 20ab350ffd4..e33004f109d 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll @@ -157,7 +157,7 @@ class SystemIComparableTInterface extends SystemUnboundGenericInterface { result.getDeclaringType() = this and result.hasName("CompareTo") and result.getNumberOfParameters() = 1 and - result.getParameter(0).getType() = getTypeParameter(0) and + result.getParameter(0).getType() = this.getTypeParameter(0) and result.getReturnType() instanceof IntType } } @@ -171,7 +171,7 @@ class SystemIEquatableTInterface extends SystemUnboundGenericInterface { result.getDeclaringType() = this and result.hasName("Equals") and result.getNumberOfParameters() = 1 and - result.getParameter(0).getType() = getTypeParameter(0) and + result.getParameter(0).getType() = this.getTypeParameter(0) and result.getReturnType() instanceof BoolType } } @@ -239,7 +239,7 @@ class SystemLazyClass extends SystemUnboundGenericClass { Property getValueProperty() { result.getDeclaringType() = this and result.hasName("Value") and - result.getType() = getTypeParameter(0) + result.getType() = this.getTypeParameter(0) } } @@ -254,7 +254,7 @@ class SystemNullableStruct extends SystemUnboundGenericStruct { Property getValueProperty() { result.getDeclaringType() = this and result.hasName("Value") and - result.getType() = getTypeParameter(0) + result.getType() = this.getTypeParameter(0) } /** Gets the `HasValue` property. */ @@ -268,7 +268,7 @@ class SystemNullableStruct extends SystemUnboundGenericStruct { Method getAGetValueOrDefaultMethod() { result.getDeclaringType() = this and result.hasName("GetValueOrDefault") and - result.getReturnType() = getTypeParameter(0) + result.getReturnType() = this.getTypeParameter(0) } } @@ -588,7 +588,7 @@ class IEquatableEqualsMethod extends Method { m = any(SystemIEquatableTInterface i).getAConstructedGeneric().getAMethod() and m.getUnboundDeclaration() = any(SystemIEquatableTInterface i).getEqualsMethod() | - this = m or getAnUltimateImplementee() = m + this = m or this.getAnUltimateImplementee() = m ) } } @@ -677,7 +677,7 @@ class DisposeMethod extends Method { /** A method with the signature `void Dispose(bool)`. */ library class DisposeBoolMethod extends Method { DisposeBoolMethod() { - hasName("Dispose") and + this.hasName("Dispose") and this.getReturnType() instanceof VoidType and this.getNumberOfParameters() = 1 and this.getParameter(0).getType() instanceof BoolType diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/WCF.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/WCF.qll index 655648d88c9..befb5f3ae1f 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/WCF.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/WCF.qll @@ -49,7 +49,7 @@ class OperationMethod extends Method { i.getAnAttribute() instanceof ServiceContractAttribute and m.getDeclaringType() = i and m.getAnAttribute() instanceof OperationContractAttribute and - getImplementee() = m + this.getImplementee() = m ) } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/AspNetCore.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/AspNetCore.qll index 5fe6665bd47..a918b603818 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/AspNetCore.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/AspNetCore.qll @@ -6,129 +6,133 @@ import semmle.code.csharp.frameworks.Microsoft /** The `Microsoft.AspNetCore` namespace. */ class MicrosoftAspNetCoreNamespace extends Namespace { MicrosoftAspNetCoreNamespace() { - getParentNamespace() instanceof MicrosoftNamespace and - hasName("AspNetCore") + this.getParentNamespace() instanceof MicrosoftNamespace and + this.hasName("AspNetCore") } } /** The `Microsoft.AspNetCore.Mvc` namespace. */ class MicrosoftAspNetCoreMvcNamespace extends Namespace { MicrosoftAspNetCoreMvcNamespace() { - getParentNamespace() instanceof MicrosoftAspNetCoreNamespace and - hasName("Mvc") + this.getParentNamespace() instanceof MicrosoftAspNetCoreNamespace and + this.hasName("Mvc") } } /** The 'Microsoft.AspNetCore.Mvc.ViewFeatures' namespace. */ class MicrosoftAspNetCoreMvcViewFeatures extends Namespace { MicrosoftAspNetCoreMvcViewFeatures() { - getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and - hasName("ViewFeatures") + this.getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and + this.hasName("ViewFeatures") } } /** The 'Microsoft.AspNetCore.Mvc.Rendering' namespace. */ class MicrosoftAspNetCoreMvcRendering extends Namespace { MicrosoftAspNetCoreMvcRendering() { - getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and - hasName("Rendering") + this.getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and + this.hasName("Rendering") } } /** An attribute whose type is in the `Microsoft.AspNetCore.Mvc` namespace. */ class MicrosoftAspNetCoreMvcAttribute extends Attribute { MicrosoftAspNetCoreMvcAttribute() { - getType().getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace + this.getType().getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace } } /** A `Microsoft.AspNetCore.Mvc.HttpPost` attribute. */ class MicrosoftAspNetCoreMvcHttpPostAttribute extends MicrosoftAspNetCoreMvcAttribute { - MicrosoftAspNetCoreMvcHttpPostAttribute() { getType().hasName("HttpPostAttribute") } + MicrosoftAspNetCoreMvcHttpPostAttribute() { this.getType().hasName("HttpPostAttribute") } } /** A `Microsoft.AspNetCore.Mvc.HttpPut` attribute. */ class MicrosoftAspNetCoreMvcHttpPutAttribute extends MicrosoftAspNetCoreMvcAttribute { - MicrosoftAspNetCoreMvcHttpPutAttribute() { getType().hasName("HttpPutAttribute") } + MicrosoftAspNetCoreMvcHttpPutAttribute() { this.getType().hasName("HttpPutAttribute") } } /** A `Microsoft.AspNetCore.Mvc.HttpDelete` attribute. */ class MicrosoftAspNetCoreMvcHttpDeleteAttribute extends MicrosoftAspNetCoreMvcAttribute { - MicrosoftAspNetCoreMvcHttpDeleteAttribute() { getType().hasName("HttpDeleteAttribute") } + MicrosoftAspNetCoreMvcHttpDeleteAttribute() { this.getType().hasName("HttpDeleteAttribute") } } /** A `Microsoft.AspNetCore.Mvc.NonAction` attribute. */ class MicrosoftAspNetCoreMvcNonActionAttribute extends MicrosoftAspNetCoreMvcAttribute { - MicrosoftAspNetCoreMvcNonActionAttribute() { getType().hasName("NonActionAttribute") } + MicrosoftAspNetCoreMvcNonActionAttribute() { this.getType().hasName("NonActionAttribute") } } /** The `Microsoft.AspNetCore.Antiforgery` namespace. */ class MicrosoftAspNetCoreAntiforgeryNamespace extends Namespace { MicrosoftAspNetCoreAntiforgeryNamespace() { - getParentNamespace() instanceof MicrosoftAspNetCoreNamespace and - hasName("Antiforgery") + this.getParentNamespace() instanceof MicrosoftAspNetCoreNamespace and + this.hasName("Antiforgery") } } /** The `Microsoft.AspNetCore.Mvc.Filters` namespace. */ class MicrosoftAspNetCoreMvcFilters extends Namespace { MicrosoftAspNetCoreMvcFilters() { - getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and - hasName("Filters") + this.getParentNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and + this.hasName("Filters") } } /** The `Microsoft.AspNetCore.Mvc.Filters.IFilterMetadataInterface` interface. */ class MicrosoftAspNetCoreMvcIFilterMetadataInterface extends Interface { MicrosoftAspNetCoreMvcIFilterMetadataInterface() { - getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and - hasName("IFilterMetadata") + this.getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and + this.hasName("IFilterMetadata") } } /** The `Microsoft.AspNetCore.IAuthorizationFilter` interface. */ class MicrosoftAspNetCoreIAuthorizationFilterInterface extends Interface { MicrosoftAspNetCoreIAuthorizationFilterInterface() { - getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and - hasName("IAsyncAuthorizationFilter") + this.getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and + this.hasName("IAsyncAuthorizationFilter") } /** Gets the `OnAuthorizationAsync` method. */ - Method getOnAuthorizationMethod() { result = getAMethod("OnAuthorizationAsync") } + Method getOnAuthorizationMethod() { result = this.getAMethod("OnAuthorizationAsync") } } /** The `Microsoft.AspNetCore.IAntiforgery` interface. */ class MicrosoftAspNetCoreIAntiForgeryInterface extends Interface { MicrosoftAspNetCoreIAntiForgeryInterface() { - getNamespace() instanceof MicrosoftAspNetCoreAntiforgeryNamespace and - hasName("IAntiforgery") + this.getNamespace() instanceof MicrosoftAspNetCoreAntiforgeryNamespace and + this.hasName("IAntiforgery") } /** Gets the `ValidateRequestAsync` method. */ - Method getValidateMethod() { result = getAMethod("ValidateRequestAsync") } + Method getValidateMethod() { result = this.getAMethod("ValidateRequestAsync") } } /** The `Microsoft.AspNetCore.DefaultAntiForgery` class, or another user-supplied class that implements `IAntiForgery`. */ class AntiForgeryClass extends Class { - AntiForgeryClass() { getABaseInterface*() instanceof MicrosoftAspNetCoreIAntiForgeryInterface } + AntiForgeryClass() { + this.getABaseInterface*() instanceof MicrosoftAspNetCoreIAntiForgeryInterface + } /** Gets the `ValidateRequestAsync` method. */ - Method getValidateMethod() { result = getAMethod("ValidateRequestAsync") } + Method getValidateMethod() { result = this.getAMethod("ValidateRequestAsync") } } /** An authorization filter class defined by AspNetCore or the user. */ class AuthorizationFilterClass extends Class { AuthorizationFilterClass() { - getABaseInterface*() instanceof MicrosoftAspNetCoreIAuthorizationFilterInterface + this.getABaseInterface*() instanceof MicrosoftAspNetCoreIAuthorizationFilterInterface } /** Gets the `OnAuthorization` method provided by this filter. */ - Method getOnAuthorizationMethod() { result = getAMethod("OnAuthorizationAsync") } + Method getOnAuthorizationMethod() { result = this.getAMethod("OnAuthorizationAsync") } } /** An attribute whose type has a name like `[Auto...]Validate[...]Anti[Ff]orgery[...Token]Attribute`. */ class ValidateAntiForgeryAttribute extends Attribute { - ValidateAntiForgeryAttribute() { getType().getName().matches("%Validate%Anti_orgery%Attribute") } + ValidateAntiForgeryAttribute() { + this.getType().getName().matches("%Validate%Anti_orgery%Attribute") + } } /** @@ -137,43 +141,43 @@ class ValidateAntiForgeryAttribute extends Attribute { */ class ValidateAntiforgeryTokenAuthorizationFilter extends Class { ValidateAntiforgeryTokenAuthorizationFilter() { - getABaseInterface*() instanceof MicrosoftAspNetCoreMvcIFilterMetadataInterface and - getName().matches("%Validate%Anti_orgery%") + this.getABaseInterface*() instanceof MicrosoftAspNetCoreMvcIFilterMetadataInterface and + this.getName().matches("%Validate%Anti_orgery%") } } /** The `Microsoft.AspNetCore.Mvc.Filters.FilterCollection` class. */ class MicrosoftAspNetCoreMvcFilterCollection extends Class { MicrosoftAspNetCoreMvcFilterCollection() { - getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and - hasName("FilterCollection") + this.getNamespace() instanceof MicrosoftAspNetCoreMvcFilters and + this.hasName("FilterCollection") } /** Gets an `Add` method. */ Method getAddMethod() { - result = getAMethod("Add") or - result = getABaseType().getAMethod("Add") + result = this.getAMethod("Add") or + result = this.getABaseType().getAMethod("Add") } } /** The `Microsoft.AspNetCore.Mvc.MvcOptions` class. */ class MicrosoftAspNetCoreMvcOptions extends Class { MicrosoftAspNetCoreMvcOptions() { - getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and - hasName("MvcOptions") + this.getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and + this.hasName("MvcOptions") } /** Gets the `Filters` property. */ - Property getFilterCollectionProperty() { result = getProperty("Filters") } + Property getFilterCollectionProperty() { result = this.getProperty("Filters") } } /** The base class for controllers in MVC, i.e. `Microsoft.AspNetCore.Mvc.Controller` or `Microsoft.AspNetCore.Mvc.ControllerBase` class. */ class MicrosoftAspNetCoreMvcControllerBaseClass extends Class { MicrosoftAspNetCoreMvcControllerBaseClass() { - getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and + this.getNamespace() instanceof MicrosoftAspNetCoreMvcNamespace and ( - hasName("Controller") or - hasName("ControllerBase") + this.hasName("Controller") or + this.hasName("ControllerBase") ) } } @@ -181,12 +185,12 @@ class MicrosoftAspNetCoreMvcControllerBaseClass extends Class { /** A subtype of `Microsoft.AspNetCore.Mvc.Controller` or `Microsoft.AspNetCore.Mvc.ControllerBase`. */ class MicrosoftAspNetCoreMvcController extends Class { MicrosoftAspNetCoreMvcController() { - getABaseType*() instanceof MicrosoftAspNetCoreMvcControllerBaseClass + this.getABaseType*() instanceof MicrosoftAspNetCoreMvcControllerBaseClass } /** Gets an action method for this controller. */ Method getAnActionMethod() { - result = getAMethod() and + result = this.getAMethod() and result.isPublic() and not result.isStatic() and not result.getAnAttribute() instanceof MicrosoftAspNetCoreMvcNonActionAttribute @@ -208,12 +212,12 @@ class MicrosoftAspNetCoreMvcController extends Class { /** The `Microsoft.AspNetCore.Mvc.Rendering.IHtmlHelper` interface. */ class MicrosoftAspNetCoreMvcRenderingIHtmlHelperInterface extends Interface { MicrosoftAspNetCoreMvcRenderingIHtmlHelperInterface() { - getNamespace() instanceof MicrosoftAspNetCoreMvcRendering and - hasName("IHtmlHelper") + this.getNamespace() instanceof MicrosoftAspNetCoreMvcRendering and + this.hasName("IHtmlHelper") } /** Gets the `Raw` method. */ - Method getRawMethod() { result = getAMethod("Raw") } + Method getRawMethod() { result = this.getAMethod("Raw") } } /** A class deriving from `Microsoft.AspNetCore.Mvc.Razor.RazorPageBase`, implements Razor page in ASPNET Core. */ @@ -223,7 +227,7 @@ class MicrosoftAspNetCoreMvcRazorPageBase extends Class { } /** Gets the `WriteLiteral` method. */ - Method getWriteLiteralMethod() { result = getAMethod("WriteLiteral") } + Method getWriteLiteralMethod() { result = this.getAMethod("WriteLiteral") } } /** A class deriving from `Microsoft.AspNetCore.Http.HttpRequest`, implements `HttpRequest` in ASP.NET Core. */ diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll index a3616e57522..2b632d2b07c 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll @@ -41,8 +41,8 @@ class SystemCollectionsGenericIComparerTInterface extends SystemCollectionsGener result.getDeclaringType() = this and result.hasName("Compare") and result.getNumberOfParameters() = 2 and - result.getParameter(0).getType() = getTypeParameter(0) and - result.getParameter(1).getType() = getTypeParameter(0) and + result.getParameter(0).getType() = this.getTypeParameter(0) and + result.getParameter(1).getType() = this.getTypeParameter(0) and result.getReturnType() instanceof IntType } } @@ -56,8 +56,8 @@ class SystemCollectionsGenericIEqualityComparerTInterface extends SystemCollecti result.getDeclaringType() = this and result.hasName("Equals") and result.getNumberOfParameters() = 2 and - result.getParameter(0).getType() = getTypeParameter(0) and - result.getParameter(1).getType() = getTypeParameter(0) and + result.getParameter(0).getType() = this.getTypeParameter(0) and + result.getParameter(1).getType() = this.getTypeParameter(0) and result.getReturnType() instanceof BoolType } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/SqlClient.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/SqlClient.qll index 858100fe7f7..c3b6f1fdd6d 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/SqlClient.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/SqlClient.qll @@ -13,7 +13,7 @@ class SystemDataSqlClientNamespace extends Namespace { /** A class in the `System.Data.SqlClient` namespace. */ class SystemDataSqlClientClass extends Class { - SystemDataSqlClientClass() { getNamespace() instanceof SystemDataSqlClientNamespace } + SystemDataSqlClientClass() { this.getNamespace() instanceof SystemDataSqlClientNamespace } } /** The `System.Data.SqlClient.SqlDataAdapter` class. */ diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll index 1820192da11..531fa6ef721 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll @@ -67,7 +67,7 @@ class RegexOperation extends Call { */ Expr getInput() { if this instanceof MethodCall - then result = getArgumentForName("input") + then result = this.getArgumentForName("input") else exists(MethodCall call | call.getTarget() = any(SystemTextRegularExpressionsRegexClass rs).getAMethod() and diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/Mvc.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/Mvc.qll index 78aaa6dc065..b2051a8464f 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/Mvc.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/Mvc.qll @@ -6,8 +6,8 @@ private import semmle.code.csharp.frameworks.system.Web /** The `System.Web.Mvc` namespace. */ class SystemWebMvcNamespace extends Namespace { SystemWebMvcNamespace() { - getParentNamespace() instanceof SystemWebNamespace and - hasName("Mvc") + this.getParentNamespace() instanceof SystemWebNamespace and + this.hasName("Mvc") } } @@ -31,7 +31,7 @@ class SystemWebMvcHtmlHelperClass extends SystemWebMvcClass { /** An attribute whose type is in the `System.Web.Mvc` namespace. */ class SystemWebMvcAttribute extends Attribute { - SystemWebMvcAttribute() { getType().getNamespace() instanceof SystemWebMvcNamespace } + SystemWebMvcAttribute() { this.getType().getNamespace() instanceof SystemWebMvcNamespace } } /** An attribute whose type is `System.Web.Mvc.HttpPost`. */ diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/WebPages.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/WebPages.qll index 0d43f76719b..915acbfe41f 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/WebPages.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/WebPages.qll @@ -6,16 +6,16 @@ private import semmle.code.csharp.frameworks.system.Web /** The `System.Web.WebPages` namespace. */ class SystemWebWebPagesNamespace extends Namespace { SystemWebWebPagesNamespace() { - getParentNamespace() instanceof SystemWebNamespace and - hasName("WebPages") + this.getParentNamespace() instanceof SystemWebNamespace and + this.hasName("WebPages") } } /** The `System.Web.WebPages.WebPageExecutingBase` class. */ class SystemWebWebPagesWebPageExecutingBaseClass extends Class { SystemWebWebPagesWebPageExecutingBaseClass() { - getNamespace() instanceof SystemWebWebPagesNamespace and - hasName("WebPageExecutingBase") + this.getNamespace() instanceof SystemWebWebPagesNamespace and + this.hasName("WebPageExecutingBase") } } @@ -24,8 +24,8 @@ class WebPageClass extends Class { WebPageClass() { this.getBaseClass*() instanceof SystemWebWebPagesWebPageExecutingBaseClass } /** Gets the `WriteLiteral` method. */ - Method getWriteLiteralMethod() { result = getAMethod("WriteLiteral") } + Method getWriteLiteralMethod() { result = this.getAMethod("WriteLiteral") } /** Gets the `WriteLiteralTo` method. */ - Method getWriteLiteralToMethod() { result = getAMethod("WriteLiteralTo") } + Method getWriteLiteralToMethod() { result = this.getAMethod("WriteLiteralTo") } } diff --git a/csharp/ql/lib/semmle/code/csharp/security/SensitiveActions.qll b/csharp/ql/lib/semmle/code/csharp/security/SensitiveActions.qll index cc7701ad318..483000895aa 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/SensitiveActions.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/SensitiveActions.qll @@ -72,7 +72,7 @@ class SensitiveProperty extends Property { /** A parameter to a library method that may hold a sensitive value. */ class SensitiveLibraryParameter extends Parameter { SensitiveLibraryParameter() { - fromLibrary() and + this.fromLibrary() and exists(string s | this.getName().toLowerCase() = s | s.matches(suspicious())) } } diff --git a/csharp/ql/lib/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll b/csharp/ql/lib/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll index 915dae12a9f..3cf3fa107bf 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll @@ -21,7 +21,7 @@ module HardcodedSymmetricEncryptionKey { abstract class Sanitizer extends DataFlow::ExprNode { } private class ByteArrayType extends ArrayType { - ByteArrayType() { getElementType() instanceof ByteType } + ByteArrayType() { this.getElementType() instanceof ByteType } } private class ByteArrayLiteralSource extends Source { @@ -49,7 +49,7 @@ module HardcodedSymmetricEncryptionKey { private class SymmetricEncryptionCreateEncryptorSink extends Sink { SymmetricEncryptionCreateEncryptorSink() { exists(SymmetricAlgorithm ag, MethodCall mc | mc = ag.getASymmetricEncryptor() | - asExpr() = mc.getArgumentForName("rgbKey") + this.asExpr() = mc.getArgumentForName("rgbKey") ) } @@ -59,7 +59,7 @@ module HardcodedSymmetricEncryptionKey { private class SymmetricEncryptionCreateDecryptorSink extends Sink { SymmetricEncryptionCreateDecryptorSink() { exists(SymmetricAlgorithm ag, MethodCall mc | mc = ag.getASymmetricDecryptor() | - asExpr() = mc.getArgumentForName("rgbKey") + this.asExpr() = mc.getArgumentForName("rgbKey") ) } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll index bccd71d7096..fd643b5b7f0 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll @@ -69,7 +69,7 @@ class ExternalAPIDataNode extends DataFlow::Node { int getIndex() { result = i } /** Gets the description of the callable being called. */ - string getCallableDescription() { result = getCallable().getQualifiedName() } + string getCallableDescription() { result = this.getCallable().getQualifiedName() } } /** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalAPIDataNode`s. */ @@ -108,7 +108,7 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI { /** Gets the number of untrusted sources used with this external API. */ int getNumberOfUntrustedSources() { - result = count(getUntrustedDataNode().getAnUntrustedSource()) + result = count(this.getUntrustedDataNode().getAnUntrustedSource()) } /** Gets a textual representation of this element. */ diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll index 4be005be4de..d0999605b61 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll @@ -166,7 +166,7 @@ class AspInlineMember extends AspInlineCode { Member getMember() { result = member } /** Gets the type of this member. */ - Type getType() { result = getMemberType(getMember()) } + Type getType() { result = getMemberType(this.getMember()) } } /** Gets a value that is written to the member accessed by the given `AspInlineMember`. */ @@ -251,7 +251,7 @@ private class HttpResponseBaseSink extends Sink { */ private class StringContentSinkModelCsv extends SinkModelCsv { override predicate row(string row) { - row = ["System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss"] + row = "System.Net.Http;StringContent;false;StringContent;;;Argument[0];xss" } } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll index fb452e36308..6b3746f36f0 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll @@ -78,7 +78,7 @@ class AspNetUnvalidatedQueryStringRemoteFlowSource extends AspNetRemoteFlowSourc /** A data flow source of remote user input (ASP.NET user input). */ class AspNetUserInputRemoteFlowSource extends AspNetRemoteFlowSource, DataFlow::ExprNode { - AspNetUserInputRemoteFlowSource() { getType() instanceof SystemWebUIWebControlsTextBoxClass } + AspNetUserInputRemoteFlowSource() { this.getType() instanceof SystemWebUIWebControlsTextBoxClass } override string getSourceType() { result = "ASP.NET user input" } } @@ -105,7 +105,7 @@ class AspNetServiceRemoteFlowSource extends RemoteFlowSource, DataFlow::Paramete /** A data flow source of remote user input (ASP.NET request message). */ class SystemNetHttpRequestMessageRemoteFlowSource extends RemoteFlowSource, DataFlow::ExprNode { SystemNetHttpRequestMessageRemoteFlowSource() { - getType() instanceof SystemWebHttpRequestMessageClass + this.getType() instanceof SystemWebHttpRequestMessageClass } override string getSourceType() { result = "ASP.NET request message" } diff --git a/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll index 2483452113a..17856d3e7e8 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll @@ -157,8 +157,8 @@ module XmlReader { override predicate isUnsafe(string reason) { exists(string dtdReason, string resolverReason | - dtdEnabled(dtdReason, _) and - insecureResolver(resolverReason, _) and + this.dtdEnabled(dtdReason, _) and + this.insecureResolver(resolverReason, _) and reason = dtdReason + ", " + resolverReason ) } diff --git a/csharp/ql/lib/semmle/code/dotnet/Callable.qll b/csharp/ql/lib/semmle/code/dotnet/Callable.qll index 2beccfe422c..0a63e5c95cd 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Callable.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Callable.qll @@ -75,7 +75,7 @@ class Callable extends Parameterizable, @dotnet_callable { } private string getReturnTypeLabel() { - result = getReturnType().getLabel() + result = this.getReturnType().getLabel() or not exists(this.getReturnType()) and result = "System.Void" } diff --git a/csharp/ql/lib/semmle/code/dotnet/Declaration.qll b/csharp/ql/lib/semmle/code/dotnet/Declaration.qll index 7f78077d766..60e434f9ae6 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Declaration.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Declaration.qll @@ -16,7 +16,7 @@ class Declaration extends NamedElement, @dotnet_declaration { string getUndecoratedName() { none() } /** Holds if this element has undecorated name 'name'. */ - final predicate hasUndecoratedName(string name) { name = getUndecoratedName() } + final predicate hasUndecoratedName(string name) { name = this.getUndecoratedName() } /** Gets the type containing this declaration, if any. */ Type getDeclaringType() { none() } diff --git a/csharp/ql/lib/semmle/code/dotnet/Element.qll b/csharp/ql/lib/semmle/code/dotnet/Element.qll index 3b1955887f9..d8c27f88e10 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Element.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Element.qll @@ -35,7 +35,7 @@ class Element extends @dotnet_element { * Gets the "language" of this program element, as defined by the extension of the filename. * For example, C# has language "cs", and Visual Basic has language "vb". */ - final string getLanguage() { result = getLocation().getFile().getExtension() } + final string getLanguage() { result = this.getLocation().getFile().getExtension() } /** Gets the full textual representation of this element, including type information. */ string toStringWithTypes() { result = this.toString() } @@ -43,7 +43,7 @@ class Element extends @dotnet_element { /** * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs. */ - final string getPrimaryQlClasses() { result = concat(getAPrimaryQlClass(), ",") } + final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } /** * Gets the name of a primary CodeQL class to which this element belongs. @@ -66,7 +66,7 @@ class NamedElement extends Element, @dotnet_named_element { string getName() { none() } /** Holds if this element has name 'name'. */ - final predicate hasName(string name) { name = getName() } + final predicate hasName(string name) { name = this.getName() } /** * Gets the fully qualified name of this element, for example the diff --git a/csharp/ql/lib/semmle/code/dotnet/Expr.qll b/csharp/ql/lib/semmle/code/dotnet/Expr.qll index e5bea3a52d7..15d658f54c2 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Expr.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Expr.qll @@ -45,7 +45,7 @@ class Call extends Expr, @dotnet_call { Expr getArgument(int i) { none() } /** Gets an argument to this call. */ - Expr getAnArgument() { result = getArgument(_) } + Expr getAnArgument() { result = this.getArgument(_) } /** Gets the expression that is supplied for parameter `p`. */ Expr getArgumentForParameter(Parameter p) { none() } diff --git a/csharp/ql/lib/semmle/code/dotnet/Generics.qll b/csharp/ql/lib/semmle/code/dotnet/Generics.qll index 9b236cdbfb9..f84718d4b82 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Generics.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Generics.qll @@ -14,7 +14,7 @@ abstract class UnboundGeneric extends Generic { abstract TypeParameter getTypeParameter(int i); /** Gets a type parameter. */ - TypeParameter getATypeParameter() { result = getTypeParameter(_) } + TypeParameter getATypeParameter() { result = this.getTypeParameter(_) } /** * Gets one of the constructed versions of this declaration, @@ -32,7 +32,7 @@ abstract class ConstructedGeneric extends Generic { abstract Type getTypeArgument(int i); /** Gets a type argument. */ - Type getATypeArgument() { result = getTypeArgument(_) } + Type getATypeArgument() { result = this.getTypeArgument(_) } /** * Gets the unbound generic declaration from which this declaration was diff --git a/csharp/ql/lib/semmle/code/dotnet/Namespace.qll b/csharp/ql/lib/semmle/code/dotnet/Namespace.qll index 55b42e737db..324448728de 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Namespace.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Namespace.qll @@ -33,7 +33,7 @@ class Namespace extends Declaration, @namespace { override string toString() { result = this.getQualifiedName() } /** Holds if this is the global namespace. */ - final predicate isGlobalNamespace() { getName() = "" } + final predicate isGlobalNamespace() { this.getName() = "" } /** Gets the simple name of this namespace, for example `IO` in `System.IO`. */ final override string getName() { namespaces(this, result) } diff --git a/csharp/ql/lib/semmle/code/dotnet/Type.qll b/csharp/ql/lib/semmle/code/dotnet/Type.qll index 5dc9c409c18..81fefa96550 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Type.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Type.qll @@ -24,11 +24,11 @@ class ValueOrRefType extends Type, @dotnet_valueorreftype { Namespace getDeclaringNamespace() { none() } private string getPrefixWithTypes() { - result = getDeclaringType().getLabel() + "." + result = this.getDeclaringType().getLabel() + "." or - if getDeclaringNamespace().isGlobalNamespace() + if this.getDeclaringNamespace().isGlobalNamespace() then result = "" - else result = getDeclaringNamespace().getQualifiedName() + "." + else result = this.getDeclaringNamespace().getQualifiedName() + "." } pragma[noinline] @@ -64,9 +64,9 @@ class TypeParameter extends Type, @dotnet_type_parameter { /** Gets the index of this type parameter. For example the index of `U` in `Func` is 1. */ int getIndex() { none() } - final override string getLabel() { result = "!" + getIndex() } + final override string getLabel() { result = "!" + this.getIndex() } - override string getUndecoratedName() { result = "!" + getIndex() } + override string getUndecoratedName() { result = "!" + this.getIndex() } } /** A pointer type. */ @@ -76,9 +76,9 @@ class PointerType extends Type, @dotnet_pointer_type { override string getName() { result = this.getReferentType().getName() + "*" } - final override string getLabel() { result = getReferentType().getLabel() + "*" } + final override string getLabel() { result = this.getReferentType().getLabel() + "*" } - override string toStringWithTypes() { result = getReferentType().toStringWithTypes() + "*" } + override string toStringWithTypes() { result = this.getReferentType().toStringWithTypes() + "*" } } /** An array type. */ @@ -86,7 +86,7 @@ class ArrayType extends ValueOrRefType, @dotnet_array_type { /** Gets the type of the array element. */ Type getElementType() { none() } - final override string getLabel() { result = getElementType().getLabel() + "[]" } + final override string getLabel() { result = this.getElementType().getLabel() + "[]" } - override string toStringWithTypes() { result = getElementType().toStringWithTypes() + "[]" } + override string toStringWithTypes() { result = this.getElementType().toStringWithTypes() + "[]" } } diff --git a/csharp/ql/lib/semmle/code/dotnet/Variable.qll b/csharp/ql/lib/semmle/code/dotnet/Variable.qll index 9f9a12e7d98..ee9ccebbbe6 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Variable.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Variable.qll @@ -15,10 +15,10 @@ class Field extends Variable, Member, @dotnet_field { } /** A parameter to a .Net callable, property or function pointer type. */ class Parameter extends Variable, @dotnet_parameter { /** Gets the raw position of this parameter, including the `this` parameter at index 0. */ - final int getRawPosition() { this = getDeclaringElement().getRawParameter(result) } + final int getRawPosition() { this = this.getDeclaringElement().getRawParameter(result) } /** Gets the position of this parameter, excluding the `this` parameter. */ - int getPosition() { this = getDeclaringElement().getParameter(result) } + int getPosition() { this = this.getDeclaringElement().getParameter(result) } /** Gets the callable defining this parameter. */ Callable getCallable() { result = this.getDeclaringElement() } diff --git a/csharp/ql/lib/tutorial.qll b/csharp/ql/lib/tutorial.qll new file mode 100644 index 00000000000..8cb1797a532 --- /dev/null +++ b/csharp/ql/lib/tutorial.qll @@ -0,0 +1,1207 @@ +/** + * This library is used in the QL detective tutorials. + * + * Note: Data is usually stored in a separate database and the QL libraries only contain predicates, + * but for this tutorial both the data and the predicates are stored in the library. + */ +class Person extends string { + Person() { + this = "Ronil" or + this = "Dina" or + this = "Ravi" or + this = "Bruce" or + this = "Jo" or + this = "Aida" or + this = "Esme" or + this = "Charlie" or + this = "Fred" or + this = "Meera" or + this = "Maya" or + this = "Chad" or + this = "Tiana" or + this = "Laura" or + this = "George" or + this = "Will" or + this = "Mary" or + this = "Almira" or + this = "Susannah" or + this = "Rhoda" or + this = "Cynthia" or + this = "Eunice" or + this = "Olive" or + this = "Virginia" or + this = "Angeline" or + this = "Helen" or + this = "Cornelia" or + this = "Harriet" or + this = "Mahala" or + this = "Abby" or + this = "Margaret" or + this = "Deb" or + this = "Minerva" or + this = "Severus" or + this = "Lavina" or + this = "Adeline" or + this = "Cath" or + this = "Elisa" or + this = "Lucretia" or + this = "Anne" or + this = "Eleanor" or + this = "Joanna" or + this = "Adam" or + this = "Agnes" or + this = "Rosanna" or + this = "Clara" or + this = "Melissa" or + this = "Amy" or + this = "Isabel" or + this = "Jemima" or + this = "Cordelia" or + this = "Melinda" or + this = "Delila" or + this = "Jeremiah" or + this = "Elijah" or + this = "Hester" or + this = "Walter" or + this = "Oliver" or + this = "Hugh" or + this = "Aaron" or + this = "Reuben" or + this = "Eli" or + this = "Amos" or + this = "Augustus" or + this = "Theodore" or + this = "Ira" or + this = "Timothy" or + this = "Cyrus" or + this = "Horace" or + this = "Simon" or + this = "Asa" or + this = "Frank" or + this = "Nelson" or + this = "Leonard" or + this = "Harrison" or + this = "Anthony" or + this = "Louis" or + this = "Milton" or + this = "Noah" or + this = "Cornelius" or + this = "Abdul" or + this = "Warren" or + this = "Harvey" or + this = "Dennis" or + this = "Wesley" or + this = "Sylvester" or + this = "Gilbert" or + this = "Sullivan" or + this = "Edmund" or + this = "Wilson" or + this = "Perry" or + this = "Matthew" or + this = "Simba" or + this = "Nala" or + this = "Rafiki" or + this = "Shenzi" or + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Edwin" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" or + this = "Stephen" + } + + /** Gets the hair color of the person. If the person is bald, there is no result. */ + string getHairColor() { + this = "Ronil" and result = "black" + or + this = "Dina" and result = "black" + or + this = "Ravi" and result = "black" + or + this = "Bruce" and result = "brown" + or + this = "Jo" and result = "red" + or + this = "Aida" and result = "blond" + or + this = "Esme" and result = "blond" + or + this = "Fred" and result = "gray" + or + this = "Meera" and result = "brown" + or + this = "Maya" and result = "brown" + or + this = "Chad" and result = "brown" + or + this = "Tiana" and result = "black" + or + this = "Laura" and result = "blond" + or + this = "George" and result = "blond" + or + this = "Will" and result = "blond" + or + this = "Mary" and result = "blond" + or + this = "Almira" and result = "black" + or + this = "Susannah" and result = "blond" + or + this = "Rhoda" and result = "blond" + or + this = "Cynthia" and result = "gray" + or + this = "Eunice" and result = "white" + or + this = "Olive" and result = "brown" + or + this = "Virginia" and result = "brown" + or + this = "Angeline" and result = "red" + or + this = "Helen" and result = "white" + or + this = "Cornelia" and result = "gray" + or + this = "Harriet" and result = "white" + or + this = "Mahala" and result = "black" + or + this = "Abby" and result = "red" + or + this = "Margaret" and result = "brown" + or + this = "Deb" and result = "brown" + or + this = "Minerva" and result = "brown" + or + this = "Severus" and result = "black" + or + this = "Lavina" and result = "brown" + or + this = "Adeline" and result = "brown" + or + this = "Cath" and result = "brown" + or + this = "Elisa" and result = "brown" + or + this = "Lucretia" and result = "gray" + or + this = "Anne" and result = "black" + or + this = "Eleanor" and result = "brown" + or + this = "Joanna" and result = "brown" + or + this = "Adam" and result = "black" + or + this = "Agnes" and result = "black" + or + this = "Rosanna" and result = "gray" + or + this = "Clara" and result = "blond" + or + this = "Melissa" and result = "brown" + or + this = "Amy" and result = "brown" + or + this = "Isabel" and result = "black" + or + this = "Jemima" and result = "red" + or + this = "Cordelia" and result = "red" + or + this = "Melinda" and result = "gray" + or + this = "Delila" and result = "white" + or + this = "Jeremiah" and result = "gray" + or + this = "Hester" and result = "black" + or + this = "Walter" and result = "black" + or + this = "Aaron" and result = "gray" + or + this = "Reuben" and result = "gray" + or + this = "Eli" and result = "gray" + or + this = "Amos" and result = "white" + or + this = "Augustus" and result = "white" + or + this = "Theodore" and result = "white" + or + this = "Timothy" and result = "brown" + or + this = "Cyrus" and result = "brown" + or + this = "Horace" and result = "brown" + or + this = "Simon" and result = "brown" + or + this = "Asa" and result = "brown" + or + this = "Frank" and result = "brown" + or + this = "Nelson" and result = "black" + or + this = "Leonard" and result = "black" + or + this = "Harrison" and result = "black" + or + this = "Anthony" and result = "black" + or + this = "Louis" and result = "black" + or + this = "Milton" and result = "blond" + or + this = "Noah" and result = "blond" + or + this = "Cornelius" and result = "red" + or + this = "Abdul" and result = "brown" + or + this = "Warren" and result = "red" + or + this = "Harvey" and result = "blond" + or + this = "Dennis" and result = "blond" + or + this = "Wesley" and result = "brown" + or + this = "Sylvester" and result = "brown" + or + this = "Gilbert" and result = "brown" + or + this = "Sullivan" and result = "brown" + or + this = "Edmund" and result = "brown" + or + this = "Wilson" and result = "blond" + or + this = "Perry" and result = "black" + or + this = "Simba" and result = "brown" + or + this = "Nala" and result = "brown" + or + this = "Rafiki" and result = "red" + or + this = "Shenzi" and result = "gray" + or + this = "Ernest" and result = "blond" + or + this = "Gertrude" and result = "brown" + or + this = "Oscar" and result = "blond" + or + this = "Lilian" and result = "brown" + or + this = "Raymond" and result = "brown" + or + this = "Elgar" and result = "brown" + or + this = "Elmer" and result = "brown" + or + this = "Herbert" and result = "brown" + or + this = "Maude" and result = "brown" + or + this = "Mae" and result = "brown" + or + this = "Otto" and result = "black" + or + this = "Edwin" and result = "black" + or + this = "Ophelia" and result = "brown" + or + this = "Parsley" and result = "brown" + or + this = "Sage" and result = "brown" + or + this = "Rosemary" and result = "brown" + or + this = "Thyme" and result = "brown" + or + this = "Garfunkel" and result = "brown" + or + this = "King Basil" and result = "brown" + or + this = "Stephen" and result = "black" + or + this = "Stephen" and result = "gray" + } + + /** Gets the age of the person (in years). If the person is deceased, there is no result. */ + int getAge() { + this = "Ronil" and result = 21 + or + this = "Dina" and result = 53 + or + this = "Ravi" and result = 16 + or + this = "Bruce" and result = 35 + or + this = "Jo" and result = 47 + or + this = "Aida" and result = 26 + or + this = "Esme" and result = 25 + or + this = "Charlie" and result = 31 + or + this = "Fred" and result = 68 + or + this = "Meera" and result = 62 + or + this = "Maya" and result = 29 + or + this = "Chad" and result = 49 + or + this = "Tiana" and result = 18 + or + this = "Laura" and result = 2 + or + this = "George" and result = 3 + or + this = "Will" and result = 41 + or + this = "Mary" and result = 51 + or + this = "Almira" and result = 1 + or + this = "Susannah" and result = 97 + or + this = "Rhoda" and result = 39 + or + this = "Cynthia" and result = 89 + or + this = "Eunice" and result = 83 + or + this = "Olive" and result = 25 + or + this = "Virginia" and result = 52 + or + this = "Angeline" and result = 22 + or + this = "Helen" and result = 79 + or + this = "Cornelia" and result = 59 + or + this = "Harriet" and result = 57 + or + this = "Mahala" and result = 61 + or + this = "Abby" and result = 24 + or + this = "Margaret" and result = 59 + or + this = "Deb" and result = 31 + or + this = "Minerva" and result = 72 + or + this = "Severus" and result = 61 + or + this = "Lavina" and result = 33 + or + this = "Adeline" and result = 17 + or + this = "Cath" and result = 22 + or + this = "Elisa" and result = 9 + or + this = "Lucretia" and result = 56 + or + this = "Anne" and result = 11 + or + this = "Eleanor" and result = 80 + or + this = "Joanna" and result = 43 + or + this = "Adam" and result = 37 + or + this = "Agnes" and result = 47 + or + this = "Rosanna" and result = 61 + or + this = "Clara" and result = 31 + or + this = "Melissa" and result = 37 + or + this = "Amy" and result = 12 + or + this = "Isabel" and result = 6 + or + this = "Jemima" and result = 16 + or + this = "Cordelia" and result = 21 + or + this = "Melinda" and result = 55 + or + this = "Delila" and result = 66 + or + this = "Jeremiah" and result = 54 + or + this = "Elijah" and result = 42 + or + this = "Hester" and result = 68 + or + this = "Walter" and result = 66 + or + this = "Oliver" and result = 33 + or + this = "Hugh" and result = 51 + or + this = "Aaron" and result = 49 + or + this = "Reuben" and result = 58 + or + this = "Eli" and result = 70 + or + this = "Amos" and result = 65 + or + this = "Augustus" and result = 56 + or + this = "Theodore" and result = 69 + or + this = "Ira" and result = 1 + or + this = "Timothy" and result = 54 + or + this = "Cyrus" and result = 78 + or + this = "Horace" and result = 34 + or + this = "Simon" and result = 23 + or + this = "Asa" and result = 28 + or + this = "Frank" and result = 59 + or + this = "Nelson" and result = 38 + or + this = "Leonard" and result = 58 + or + this = "Harrison" and result = 7 + or + this = "Anthony" and result = 2 + or + this = "Louis" and result = 34 + or + this = "Milton" and result = 36 + or + this = "Noah" and result = 48 + or + this = "Cornelius" and result = 41 + or + this = "Abdul" and result = 67 + or + this = "Warren" and result = 47 + or + this = "Harvey" and result = 31 + or + this = "Dennis" and result = 39 + or + this = "Wesley" and result = 13 + or + this = "Sylvester" and result = 19 + or + this = "Gilbert" and result = 16 + or + this = "Sullivan" and result = 17 + or + this = "Edmund" and result = 29 + or + this = "Wilson" and result = 27 + or + this = "Perry" and result = 31 + or + this = "Matthew" and result = 55 + or + this = "Simba" and result = 8 + or + this = "Nala" and result = 7 + or + this = "Rafiki" and result = 76 + or + this = "Shenzi" and result = 67 + } + + /** Gets the height of the person (in cm). If the person is deceased, there is no result. */ + float getHeight() { + this = "Ronil" and result = 183.0 + or + this = "Dina" and result = 155.1 + or + this = "Ravi" and result = 175.2 + or + this = "Bruce" and result = 191.3 + or + this = "Jo" and result = 163.4 + or + this = "Aida" and result = 182.6 + or + this = "Esme" and result = 176.9 + or + this = "Charlie" and result = 189.7 + or + this = "Fred" and result = 179.4 + or + this = "Meera" and result = 160.1 + or + this = "Maya" and result = 153.0 + or + this = "Chad" and result = 168.5 + or + this = "Tiana" and result = 149.7 + or + this = "Laura" and result = 87.5 + or + this = "George" and result = 96.4 + or + this = "Will" and result = 167.1 + or + this = "Mary" and result = 159.8 + or + this = "Almira" and result = 62.1 + or + this = "Susannah" and result = 145.8 + or + this = "Rhoda" and result = 180.1 + or + this = "Cynthia" and result = 161.8 + or + this = "Eunice" and result = 153.2 + or + this = "Olive" and result = 179.9 + or + this = "Virginia" and result = 165.1 + or + this = "Angeline" and result = 172.3 + or + this = "Helen" and result = 163.1 + or + this = "Cornelia" and result = 160.8 + or + this = "Harriet" and result = 163.2 + or + this = "Mahala" and result = 157.7 + or + this = "Abby" and result = 174.5 + or + this = "Margaret" and result = 165.6 + or + this = "Deb" and result = 171.6 + or + this = "Minerva" and result = 168.7 + or + this = "Severus" and result = 188.8 + or + this = "Lavina" and result = 155.1 + or + this = "Adeline" and result = 165.5 + or + this = "Cath" and result = 147.8 + or + this = "Elisa" and result = 129.4 + or + this = "Lucretia" and result = 153.6 + or + this = "Anne" and result = 140.4 + or + this = "Eleanor" and result = 151.1 + or + this = "Joanna" and result = 167.2 + or + this = "Adam" and result = 155.5 + or + this = "Agnes" and result = 156.8 + or + this = "Rosanna" and result = 162.4 + or + this = "Clara" and result = 158.6 + or + this = "Melissa" and result = 182.3 + or + this = "Amy" and result = 147.1 + or + this = "Isabel" and result = 121.4 + or + this = "Jemima" and result = 149.8 + or + this = "Cordelia" and result = 151.7 + or + this = "Melinda" and result = 154.4 + or + this = "Delila" and result = 163.4 + or + this = "Jeremiah" and result = 167.5 + or + this = "Elijah" and result = 184.5 + or + this = "Hester" and result = 152.7 + or + this = "Walter" and result = 159.6 + or + this = "Oliver" and result = 192.4 + or + this = "Hugh" and result = 173.1 + or + this = "Aaron" and result = 176.6 + or + this = "Reuben" and result = 169.9 + or + this = "Eli" and result = 180.4 + or + this = "Amos" and result = 167.4 + or + this = "Augustus" and result = 156.5 + or + this = "Theodore" and result = 176.6 + or + this = "Ira" and result = 54.1 + or + this = "Timothy" and result = 172.2 + or + this = "Cyrus" and result = 157.9 + or + this = "Horace" and result = 169.3 + or + this = "Simon" and result = 157.1 + or + this = "Asa" and result = 149.4 + or + this = "Frank" and result = 167.2 + or + this = "Nelson" and result = 173.0 + or + this = "Leonard" and result = 172.0 + or + this = "Harrison" and result = 126.0 + or + this = "Anthony" and result = 98.4 + or + this = "Louis" and result = 186.8 + or + this = "Milton" and result = 157.8 + or + this = "Noah" and result = 190.5 + or + this = "Cornelius" and result = 183.1 + or + this = "Abdul" and result = 182.0 + or + this = "Warren" and result = 175.0 + or + this = "Harvey" and result = 169.3 + or + this = "Dennis" and result = 160.4 + or + this = "Wesley" and result = 139.8 + or + this = "Sylvester" and result = 188.2 + or + this = "Gilbert" and result = 177.6 + or + this = "Sullivan" and result = 168.3 + or + this = "Edmund" and result = 159.2 + or + this = "Wilson" and result = 167.6 + or + this = "Perry" and result = 189.1 + or + this = "Matthew" and result = 167.2 + or + this = "Simba" and result = 140.1 + or + this = "Nala" and result = 138.0 + or + this = "Rafiki" and result = 139.3 + or + this = "Shenzi" and result = 171.1 + } + + /** Gets the location of the person's home ("north", "south", "east", or "west"). If the person is deceased, there is no result. */ + string getLocation() { + this = "Ronil" and result = "north" + or + this = "Dina" and result = "north" + or + this = "Ravi" and result = "north" + or + this = "Bruce" and result = "south" + or + this = "Jo" and result = "west" + or + this = "Aida" and result = "east" + or + this = "Esme" and result = "east" + or + this = "Charlie" and result = "south" + or + this = "Fred" and result = "west" + or + this = "Meera" and result = "south" + or + this = "Maya" and result = "south" + or + this = "Chad" and result = "south" + or + this = "Tiana" and result = "west" + or + this = "Laura" and result = "south" + or + this = "George" and result = "south" + or + this = "Will" and result = "south" + or + this = "Mary" and result = "south" + or + this = "Almira" and result = "south" + or + this = "Susannah" and result = "north" + or + this = "Rhoda" and result = "north" + or + this = "Cynthia" and result = "north" + or + this = "Eunice" and result = "north" + or + this = "Olive" and result = "west" + or + this = "Virginia" and result = "west" + or + this = "Angeline" and result = "west" + or + this = "Helen" and result = "west" + or + this = "Cornelia" and result = "east" + or + this = "Harriet" and result = "east" + or + this = "Mahala" and result = "east" + or + this = "Abby" and result = "east" + or + this = "Margaret" and result = "east" + or + this = "Deb" and result = "east" + or + this = "Minerva" and result = "south" + or + this = "Severus" and result = "north" + or + this = "Lavina" and result = "east" + or + this = "Adeline" and result = "west" + or + this = "Cath" and result = "east" + or + this = "Elisa" and result = "east" + or + this = "Lucretia" and result = "north" + or + this = "Anne" and result = "north" + or + this = "Eleanor" and result = "south" + or + this = "Joanna" and result = "south" + or + this = "Adam" and result = "east" + or + this = "Agnes" and result = "east" + or + this = "Rosanna" and result = "east" + or + this = "Clara" and result = "east" + or + this = "Melissa" and result = "west" + or + this = "Amy" and result = "west" + or + this = "Isabel" and result = "west" + or + this = "Jemima" and result = "west" + or + this = "Cordelia" and result = "west" + or + this = "Melinda" and result = "west" + or + this = "Delila" and result = "south" + or + this = "Jeremiah" and result = "north" + or + this = "Elijah" and result = "north" + or + this = "Hester" and result = "east" + or + this = "Walter" and result = "east" + or + this = "Oliver" and result = "east" + or + this = "Hugh" and result = "south" + or + this = "Aaron" and result = "south" + or + this = "Reuben" and result = "west" + or + this = "Eli" and result = "west" + or + this = "Amos" and result = "east" + or + this = "Augustus" and result = "south" + or + this = "Theodore" and result = "west" + or + this = "Ira" and result = "south" + or + this = "Timothy" and result = "north" + or + this = "Cyrus" and result = "north" + or + this = "Horace" and result = "east" + or + this = "Simon" and result = "east" + or + this = "Asa" and result = "east" + or + this = "Frank" and result = "west" + or + this = "Nelson" and result = "west" + or + this = "Leonard" and result = "west" + or + this = "Harrison" and result = "north" + or + this = "Anthony" and result = "north" + or + this = "Louis" and result = "north" + or + this = "Milton" and result = "south" + or + this = "Noah" and result = "south" + or + this = "Cornelius" and result = "east" + or + this = "Abdul" and result = "east" + or + this = "Warren" and result = "west" + or + this = "Harvey" and result = "west" + or + this = "Dennis" and result = "west" + or + this = "Wesley" and result = "west" + or + this = "Sylvester" and result = "south" + or + this = "Gilbert" and result = "east" + or + this = "Sullivan" and result = "east" + or + this = "Edmund" and result = "north" + or + this = "Wilson" and result = "north" + or + this = "Perry" and result = "west" + or + this = "Matthew" and result = "east" + or + this = "Simba" and result = "south" + or + this = "Nala" and result = "south" + or + this = "Rafiki" and result = "north" + or + this = "Shenzi" and result = "west" + } + + /** Holds if the person is deceased. */ + predicate isDeceased() { + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Edwin" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" + } + + /** Gets a parent of the person (alive or deceased). */ + Person getAParent() { + this = "Stephen" and result = "Edmund" + or + this = "Edmund" and result = "Augustus" + or + this = "Augustus" and result = "Stephen" + or + this = "Abby" and result = "Cornelia" + or + this = "Abby" and result = "Amos" + or + this = "Abdul" and result = "Susannah" + or + this = "Adam" and result = "Amos" + or + this = "Adeline" and result = "Melinda" + or + this = "Adeline" and result = "Frank" + or + this = "Agnes" and result = "Abdul" + or + this = "Aida" and result = "Agnes" + or + this = "Almira" and result = "Sylvester" + or + this = "Amos" and result = "Eunice" + or + this = "Amy" and result = "Noah" + or + this = "Amy" and result = "Chad" + or + this = "Angeline" and result = "Reuben" + or + this = "Angeline" and result = "Lucretia" + or + this = "Anne" and result = "Rhoda" + or + this = "Anne" and result = "Louis" + or + this = "Anthony" and result = "Lavina" + or + this = "Anthony" and result = "Asa" + or + this = "Asa" and result = "Cornelia" + or + this = "Cath" and result = "Harriet" + or + this = "Charlie" and result = "Matthew" + or + this = "Clara" and result = "Ernest" + or + this = "Cornelia" and result = "Cynthia" + or + this = "Cornelius" and result = "Eli" + or + this = "Deb" and result = "Margaret" + or + this = "Dennis" and result = "Fred" + or + this = "Eli" and result = "Susannah" + or + this = "Elijah" and result = "Delila" + or + this = "Elisa" and result = "Deb" + or + this = "Elisa" and result = "Horace" + or + this = "Esme" and result = "Margaret" + or + this = "Frank" and result = "Eleanor" + or + this = "Frank" and result = "Cyrus" + or + this = "George" and result = "Maya" + or + this = "George" and result = "Wilson" + or + this = "Gilbert" and result = "Cornelius" + or + this = "Harriet" and result = "Cynthia" + or + this = "Harrison" and result = "Louis" + or + this = "Harvey" and result = "Fred" + or + this = "Helen" and result = "Susannah" + or + this = "Hester" and result = "Edwin" + or + this = "Hugh" and result = "Cyrus" + or + this = "Hugh" and result = "Helen" + or + this = "Ira" and result = "Maya" + or + this = "Ira" and result = "Wilson" + or + this = "Isabel" and result = "Perry" + or + this = "Isabel" and result = "Harvey" + or + this = "Jemima" and result = "Melinda" + or + this = "Jemima" and result = "Frank" + or + this = "Ernest" and result = "Lilian" + or + this = "Ernest" and result = "Oscar" + or + this = "Gertrude" and result = "Ophelia" + or + this = "Gertrude" and result = "Raymond" + or + this = "Lilian" and result = "Elgar" + or + this = "Lilian" and result = "Mae" + or + this = "Raymond" and result = "Elgar" + or + this = "Raymond" and result = "Mae" + or + this = "Elmer" and result = "Ophelia" + or + this = "Elmer" and result = "Raymond" + or + this = "Herbert" and result = "Ophelia" + or + this = "Herbert" and result = "Raymond" + or + this = "Maude" and result = "Ophelia" + or + this = "Maude" and result = "Raymond" + or + this = "Otto" and result = "Elgar" + or + this = "Otto" and result = "Mae" + or + this = "Edwin" and result = "Otto" + or + this = "Parsley" and result = "Simon" + or + this = "Parsley" and result = "Garfunkel" + or + this = "Sage" and result = "Simon" + or + this = "Sage" and result = "Garfunkel" + or + this = "Rosemary" and result = "Simon" + or + this = "Rosemary" and result = "Garfunkel" + or + this = "Thyme" and result = "Simon" + or + this = "Thyme" and result = "Garfunkel" + or + this = "King Basil" and result = "Ophelia" + or + this = "King Basil" and result = "Raymond" + or + this = "Jo" and result = "Theodore" + or + this = "Joanna" and result = "Shenzi" + or + this = "Laura" and result = "Maya" + or + this = "Laura" and result = "Wilson" + or + this = "Lavina" and result = "Mahala" + or + this = "Lavina" and result = "Walter" + or + this = "Leonard" and result = "Cyrus" + or + this = "Leonard" and result = "Helen" + or + this = "Lucretia" and result = "Eleanor" + or + this = "Lucretia" and result = "Cyrus" + or + this = "Mahala" and result = "Eunice" + or + this = "Margaret" and result = "Cynthia" + or + this = "Matthew" and result = "Cyrus" + or + this = "Matthew" and result = "Helen" + or + this = "Maya" and result = "Meera" + or + this = "Melinda" and result = "Rafiki" + or + this = "Melissa" and result = "Mahala" + or + this = "Melissa" and result = "Walter" + or + this = "Nala" and result = "Bruce" + or + this = "Nelson" and result = "Mahala" + or + this = "Nelson" and result = "Walter" + or + this = "Noah" and result = "Eli" + or + this = "Olive" and result = "Reuben" + or + this = "Olive" and result = "Lucretia" + or + this = "Oliver" and result = "Matthew" + or + this = "Perry" and result = "Leonard" + or + this = "Ravi" and result = "Dina" + or + this = "Simba" and result = "Will" + or + this = "Simon" and result = "Margaret" + or + this = "Sullivan" and result = "Cornelius" + or + this = "Sylvester" and result = "Timothy" + or + this = "Theodore" and result = "Susannah" + or + this = "Tiana" and result = "Jo" + or + this = "Virginia" and result = "Helen" + or + this = "Warren" and result = "Shenzi" + or + this = "Wesley" and result = "Warren" + or + this = "Wesley" and result = "Jo" + or + this = "Will" and result = "Eli" + } + + /** Holds if the person is allowed in the region. Initially, all villagers are allowed in every region. */ + predicate isAllowedIn(string region) { + region = "north" or + region = "south" or + region = "east" or + region = "west" + } +} + +/** Returns a parent of the person. */ +Person parentOf(Person p) { result = p.getAParent() } diff --git a/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql b/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql index 23943d8491f..e9e2a42bfa8 100644 --- a/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql +++ b/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql @@ -21,8 +21,8 @@ abstract private class DiagnosticError extends TDiagnosticError { abstract Location getLocation(); string getLocationMessage() { - if getLocation().getFile().fromSource() - then result = " in " + getLocation().getFile() + if this.getLocation().getFile().fromSource() + then result = " in " + this.getLocation().getFile() else result = "" } } diff --git a/csharp/ql/src/Stubs/Stubs.qll b/csharp/ql/src/Stubs/Stubs.qll index 93402a39648..766c8fb895c 100644 --- a/csharp/ql/src/Stubs/Stubs.qll +++ b/csharp/ql/src/Stubs/Stubs.qll @@ -161,7 +161,7 @@ abstract private class GeneratedType extends Type, GeneratedElement { if this instanceof Enum then result = "" else - if exists(getAnInterestingBaseType()) + if exists(this.getAnInterestingBaseType()) then result = " : " + @@ -220,15 +220,15 @@ abstract private class GeneratedType extends Type, GeneratedElement { } final Type getAGeneratedType() { - result = getAnInterestingBaseType() + result = this.getAnInterestingBaseType() or - result = getAGeneratedMember().(Callable).getReturnType() + result = this.getAGeneratedMember().(Callable).getReturnType() or - result = getAGeneratedMember().(Callable).getAParameter().getType() + result = this.getAGeneratedMember().(Callable).getAParameter().getType() or - result = getAGeneratedMember().(Property).getType() + result = this.getAGeneratedMember().(Property).getType() or - result = getAGeneratedMember().(Field).getType() + result = this.getAGeneratedMember().(Field).getType() } } @@ -331,7 +331,8 @@ private class GeneratedNamespace extends Namespace, GeneratedElement { final string getStubs(Assembly assembly) { result = - getPreamble() + getTypeStubs(assembly) + getSubNamespaceStubs(assembly) + getPostAmble() + this.getPreamble() + this.getTypeStubs(assembly) + this.getSubNamespaceStubs(assembly) + + this.getPostAmble() } /** Gets the `n`th generated child namespace, indexed from 0. */ @@ -358,7 +359,7 @@ private class GeneratedNamespace extends Namespace, GeneratedElement { this.isInAssembly(assembly) and result = concat(GeneratedNamespace child, int i | - child = getChildNamespace(i) and child.isInAssembly(assembly) + child = this.getChildNamespace(i) and child.isInAssembly(assembly) | child.getStubs(assembly) order by i ) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll index 4b86f9a7cec..bb8630a5e0c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll @@ -24,7 +24,7 @@ class IRBlockBase extends TIRBlock { final string toString() { result = getFirstInstruction(this).toString() } /** Gets the source location of the first non-`Phi` instruction in this block. */ - final Language::Location getLocation() { result = getFirstInstruction().getLocation() } + final Language::Location getLocation() { result = this.getFirstInstruction().getLocation() } /** * INTERNAL: Do not use. @@ -39,7 +39,7 @@ class IRBlockBase extends TIRBlock { ) and this = rank[result + 1](IRBlock funcBlock, int sortOverride, int sortKey1, int sortKey2 | - funcBlock.getEnclosingFunction() = getEnclosingFunction() and + funcBlock.getEnclosingFunction() = this.getEnclosingFunction() and funcBlock.getFirstInstruction().hasSortKeys(sortKey1, sortKey2) and // Ensure that the block containing `EnterFunction` always comes first. if funcBlock.getFirstInstruction() instanceof EnterFunctionInstruction @@ -59,15 +59,15 @@ class IRBlockBase extends TIRBlock { * Get the `Phi` instructions that appear at the start of this block. */ final PhiInstruction getAPhiInstruction() { - Construction::getPhiInstructionBlockStart(result) = getFirstInstruction() + Construction::getPhiInstructionBlockStart(result) = this.getFirstInstruction() } /** * Gets an instruction in this block. This includes `Phi` instructions. */ final Instruction getAnInstruction() { - result = getInstruction(_) or - result = getAPhiInstruction() + result = this.getInstruction(_) or + result = this.getAPhiInstruction() } /** @@ -78,7 +78,9 @@ class IRBlockBase extends TIRBlock { /** * Gets the last instruction in this block. */ - final Instruction getLastInstruction() { result = getInstruction(getInstructionCount() - 1) } + final Instruction getLastInstruction() { + result = this.getInstruction(this.getInstructionCount() - 1) + } /** * Gets the number of non-`Phi` instructions in this block. @@ -149,7 +151,7 @@ class IRBlock extends IRBlockBase { * Block `A` dominates block `B` if any control flow path from the entry block of the function to * block `B` must pass through block `A`. A block always dominates itself. */ - final predicate dominates(IRBlock block) { strictlyDominates(block) or this = block } + final predicate dominates(IRBlock block) { this.strictlyDominates(block) or this = block } /** * Gets a block on the dominance frontier of this block. @@ -159,8 +161,8 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock dominanceFrontier() { - dominates(result.getAPredecessor()) and - not strictlyDominates(result) + this.dominates(result.getAPredecessor()) and + not this.strictlyDominates(result) } /** @@ -189,7 +191,7 @@ class IRBlock extends IRBlockBase { * Block `A` post-dominates block `B` if any control flow path from `B` to the exit block of the * function must pass through block `A`. A block always post-dominates itself. */ - final predicate postDominates(IRBlock block) { strictlyPostDominates(block) or this = block } + final predicate postDominates(IRBlock block) { this.strictlyPostDominates(block) or this = block } /** * Gets a block on the post-dominance frontier of this block. @@ -199,16 +201,16 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock postPominanceFrontier() { - postDominates(result.getASuccessor()) and - not strictlyPostDominates(result) + this.postDominates(result.getASuccessor()) and + not this.strictlyPostDominates(result) } /** * Holds if this block is reachable from the entry block of its function. */ final predicate isReachableFromFunctionEntry() { - this = getEnclosingIRFunction().getEntryBlock() or - getAPredecessor().isReachableFromFunctionEntry() + this = this.getEnclosingIRFunction().getEntryBlock() or + this.getAPredecessor().isReachableFromFunctionEntry() } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll index 6f471d8a7e8..88a973fc5a8 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll @@ -41,7 +41,7 @@ class Instruction extends Construction::TStageInstruction { } /** Gets a textual representation of this element. */ - final string toString() { result = getOpcode().toString() + ": " + getAST().toString() } + final string toString() { result = this.getOpcode().toString() + ": " + this.getAST().toString() } /** * Gets a string showing the result, opcode, and operands of the instruction, equivalent to what @@ -50,7 +50,8 @@ class Instruction extends Construction::TStageInstruction { * `mu0_28(int) = Store r0_26, r0_27` */ final string getDumpString() { - result = getResultString() + " = " + getOperationString() + " " + getOperandsString() + result = + this.getResultString() + " = " + this.getOperationString() + " " + this.getOperandsString() } private predicate shouldGenerateDumpStrings() { @@ -66,10 +67,13 @@ class Instruction extends Construction::TStageInstruction { * VariableAddress[x] */ final string getOperationString() { - shouldGenerateDumpStrings() and - if exists(getImmediateString()) - then result = getOperationPrefix() + getOpcode().toString() + "[" + getImmediateString() + "]" - else result = getOperationPrefix() + getOpcode().toString() + this.shouldGenerateDumpStrings() and + if exists(this.getImmediateString()) + then + result = + this.getOperationPrefix() + this.getOpcode().toString() + "[" + this.getImmediateString() + + "]" + else result = this.getOperationPrefix() + this.getOpcode().toString() } /** @@ -78,17 +82,17 @@ class Instruction extends Construction::TStageInstruction { string getImmediateString() { none() } private string getOperationPrefix() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and if this instanceof SideEffectInstruction then result = "^" else result = "" } private string getResultPrefix() { - shouldGenerateDumpStrings() and - if getResultIRType() instanceof IRVoidType + this.shouldGenerateDumpStrings() and + if this.getResultIRType() instanceof IRVoidType then result = "v" else - if hasMemoryResult() - then if isResultModeled() then result = "m" else result = "mu" + if this.hasMemoryResult() + then if this.isResultModeled() then result = "m" else result = "mu" else result = "r" } @@ -97,7 +101,7 @@ class Instruction extends Construction::TStageInstruction { * used by debugging and printing code only. */ int getDisplayIndexInBlock() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and exists(IRBlock block | this = block.getInstruction(result) or @@ -111,12 +115,12 @@ class Instruction extends Construction::TStageInstruction { } private int getLineRank() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and this = rank[result](Instruction instr | instr = - getAnInstructionAtLine(getEnclosingIRFunction(), getLocation().getFile(), - getLocation().getStartLine()) + getAnInstructionAtLine(this.getEnclosingIRFunction(), this.getLocation().getFile(), + this.getLocation().getStartLine()) | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) @@ -130,8 +134,9 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1` */ string getResultId() { - shouldGenerateDumpStrings() and - result = getResultPrefix() + getAST().getLocation().getStartLine() + "_" + getLineRank() + this.shouldGenerateDumpStrings() and + result = + this.getResultPrefix() + this.getAST().getLocation().getStartLine() + "_" + this.getLineRank() } /** @@ -142,8 +147,8 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1(int*)` */ final string getResultString() { - shouldGenerateDumpStrings() and - result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")" + this.shouldGenerateDumpStrings() and + result = this.getResultId() + "(" + this.getResultLanguageType().getDumpString() + ")" } /** @@ -153,10 +158,10 @@ class Instruction extends Construction::TStageInstruction { * Example: `func:r3_4, this:r3_5` */ string getOperandsString() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and result = concat(Operand operand | - operand = getAnOperand() + operand = this.getAnOperand() | operand.getDumpString(), ", " order by operand.getDumpSortOrder() ) @@ -190,7 +195,7 @@ class Instruction extends Construction::TStageInstruction { * Gets the function that contains this instruction. */ final Language::Function getEnclosingFunction() { - result = getEnclosingIRFunction().getFunction() + result = this.getEnclosingIRFunction().getFunction() } /** @@ -208,7 +213,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets the location of the source code for this instruction. */ - final Language::Location getLocation() { result = getAST().getLocation() } + final Language::Location getLocation() { result = this.getAST().getLocation() } /** * Gets the `Expr` whose result is computed by this instruction, if any. The `Expr` may be a @@ -243,7 +248,7 @@ class Instruction extends Construction::TStageInstruction { * a result, its result type will be `IRVoidType`. */ cached - final IRType getResultIRType() { result = getResultLanguageType().getIRType() } + final IRType getResultIRType() { result = this.getResultLanguageType().getIRType() } /** * Gets the type of the result produced by this instruction. If the @@ -254,7 +259,7 @@ class Instruction extends Construction::TStageInstruction { */ final Language::Type getResultType() { exists(Language::LanguageType resultType | - resultType = getResultLanguageType() and + resultType = this.getResultLanguageType() and ( resultType.hasUnspecifiedType(result, _) or @@ -283,7 +288,7 @@ class Instruction extends Construction::TStageInstruction { * result of the `Load` instruction is a prvalue of type `int`, representing * the integer value loaded from variable `x`. */ - final predicate isGLValue() { getResultLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getResultLanguageType().hasType(_, true) } /** * Gets the size of the result produced by this instruction, in bytes. If the @@ -292,7 +297,7 @@ class Instruction extends Construction::TStageInstruction { * If `this.isGLValue()` holds for this instruction, the value of * `getResultSize()` will always be the size of a pointer. */ - final int getResultSize() { result = getResultLanguageType().getByteSize() } + final int getResultSize() { result = this.getResultLanguageType().getByteSize() } /** * Gets the opcode that specifies the operation performed by this instruction. @@ -314,14 +319,16 @@ class Instruction extends Construction::TStageInstruction { /** * Holds if this instruction produces a memory result. */ - final predicate hasMemoryResult() { exists(getResultMemoryAccess()) } + final predicate hasMemoryResult() { exists(this.getResultMemoryAccess()) } /** * Gets the kind of memory access performed by this instruction's result. * Holds only for instructions with a memory result. */ pragma[inline] - final MemoryAccessKind getResultMemoryAccess() { result = getOpcode().getWriteMemoryAccess() } + final MemoryAccessKind getResultMemoryAccess() { + result = this.getOpcode().getWriteMemoryAccess() + } /** * Holds if the memory access performed by this instruction's result will not always write to @@ -332,7 +339,7 @@ class Instruction extends Construction::TStageInstruction { * (for example, the global side effects of a function call). */ pragma[inline] - final predicate hasResultMayMemoryAccess() { getOpcode().hasMayWriteMemoryAccess() } + final predicate hasResultMayMemoryAccess() { this.getOpcode().hasMayWriteMemoryAccess() } /** * Gets the operand that holds the memory address to which this instruction stores its @@ -340,7 +347,7 @@ class Instruction extends Construction::TStageInstruction { * is `r1`. */ final AddressOperand getResultAddressOperand() { - getResultMemoryAccess().usesAddressOperand() and + this.getResultMemoryAccess().usesAddressOperand() and result.getUse() = this } @@ -349,7 +356,7 @@ class Instruction extends Construction::TStageInstruction { * result, if any. For example, in `m3 = Store r1, r2`, the result of `getResultAddressOperand()` * is the instruction that defines `r1`. */ - final Instruction getResultAddress() { result = getResultAddressOperand().getDef() } + final Instruction getResultAddress() { result = this.getResultAddressOperand().getDef() } /** * Holds if the result of this instruction is precisely modeled in SSA. Always @@ -368,7 +375,7 @@ class Instruction extends Construction::TStageInstruction { */ final predicate isResultModeled() { // Register results are always in SSA form. - not hasMemoryResult() or + not this.hasMemoryResult() or Construction::hasModeledMemoryResult(this) } @@ -412,7 +419,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct successors of this instruction. */ - final Instruction getASuccessor() { result = getSuccessor(_) } + final Instruction getASuccessor() { result = this.getSuccessor(_) } /** * Gets a predecessor of this instruction such that the predecessor reaches @@ -423,7 +430,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct predecessors of this instruction. */ - final Instruction getAPredecessor() { result = getPredecessor(_) } + final Instruction getAPredecessor() { result = this.getPredecessor(_) } } /** @@ -543,7 +550,7 @@ class IndexedInstruction extends Instruction { * at this instruction. This instruction has no predecessors. */ class EnterFunctionInstruction extends Instruction { - EnterFunctionInstruction() { getOpcode() instanceof Opcode::EnterFunction } + EnterFunctionInstruction() { this.getOpcode() instanceof Opcode::EnterFunction } } /** @@ -554,7 +561,7 @@ class EnterFunctionInstruction extends Instruction { * struct, or union, see `FieldAddressInstruction`. */ class VariableAddressInstruction extends VariableInstruction { - VariableAddressInstruction() { getOpcode() instanceof Opcode::VariableAddress } + VariableAddressInstruction() { this.getOpcode() instanceof Opcode::VariableAddress } } /** @@ -566,7 +573,7 @@ class VariableAddressInstruction extends VariableInstruction { * The result has an `IRFunctionAddress` type. */ class FunctionAddressInstruction extends FunctionInstruction { - FunctionAddressInstruction() { getOpcode() instanceof Opcode::FunctionAddress } + FunctionAddressInstruction() { this.getOpcode() instanceof Opcode::FunctionAddress } } /** @@ -577,7 +584,7 @@ class FunctionAddressInstruction extends FunctionInstruction { * initializes that parameter. */ class InitializeParameterInstruction extends VariableInstruction { - InitializeParameterInstruction() { getOpcode() instanceof Opcode::InitializeParameter } + InitializeParameterInstruction() { this.getOpcode() instanceof Opcode::InitializeParameter } /** * Gets the parameter initialized by this instruction. @@ -603,7 +610,7 @@ class InitializeParameterInstruction extends VariableInstruction { * initialized elsewhere, would not otherwise have a definition in this function. */ class InitializeNonLocalInstruction extends Instruction { - InitializeNonLocalInstruction() { getOpcode() instanceof Opcode::InitializeNonLocal } + InitializeNonLocalInstruction() { this.getOpcode() instanceof Opcode::InitializeNonLocal } } /** @@ -611,7 +618,7 @@ class InitializeNonLocalInstruction extends Instruction { * with the value of that memory on entry to the function. */ class InitializeIndirectionInstruction extends VariableInstruction { - InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection } + InitializeIndirectionInstruction() { this.getOpcode() instanceof Opcode::InitializeIndirection } /** * Gets the parameter initialized by this instruction. @@ -635,24 +642,24 @@ class InitializeIndirectionInstruction extends VariableInstruction { * An instruction that initializes the `this` pointer parameter of the enclosing function. */ class InitializeThisInstruction extends Instruction { - InitializeThisInstruction() { getOpcode() instanceof Opcode::InitializeThis } + InitializeThisInstruction() { this.getOpcode() instanceof Opcode::InitializeThis } } /** * An instruction that computes the address of a non-static field of an object. */ class FieldAddressInstruction extends FieldInstruction { - FieldAddressInstruction() { getOpcode() instanceof Opcode::FieldAddress } + FieldAddressInstruction() { this.getOpcode() instanceof Opcode::FieldAddress } /** * Gets the operand that provides the address of the object containing the field. */ - final UnaryOperand getObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the object containing the field. */ - final Instruction getObjectAddress() { result = getObjectAddressOperand().getDef() } + final Instruction getObjectAddress() { result = this.getObjectAddressOperand().getDef() } } /** @@ -661,17 +668,19 @@ class FieldAddressInstruction extends FieldInstruction { * This instruction is used for element access to C# arrays. */ class ElementsAddressInstruction extends UnaryInstruction { - ElementsAddressInstruction() { getOpcode() instanceof Opcode::ElementsAddress } + ElementsAddressInstruction() { this.getOpcode() instanceof Opcode::ElementsAddress } /** * Gets the operand that provides the address of the array object. */ - final UnaryOperand getArrayObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getArrayObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the array object. */ - final Instruction getArrayObjectAddress() { result = getArrayObjectAddressOperand().getDef() } + final Instruction getArrayObjectAddress() { + result = this.getArrayObjectAddressOperand().getDef() + } } /** @@ -685,7 +694,7 @@ class ElementsAddressInstruction extends UnaryInstruction { * taken may want to ignore any function that contains an `ErrorInstruction`. */ class ErrorInstruction extends Instruction { - ErrorInstruction() { getOpcode() instanceof Opcode::Error } + ErrorInstruction() { this.getOpcode() instanceof Opcode::Error } } /** @@ -695,7 +704,7 @@ class ErrorInstruction extends Instruction { * an initializer, or whose initializer only partially initializes the variable. */ class UninitializedInstruction extends VariableInstruction { - UninitializedInstruction() { getOpcode() instanceof Opcode::Uninitialized } + UninitializedInstruction() { this.getOpcode() instanceof Opcode::Uninitialized } /** * Gets the variable that is uninitialized. @@ -710,7 +719,7 @@ class UninitializedInstruction extends VariableInstruction { * least one instruction, even when the AST has no semantic effect. */ class NoOpInstruction extends Instruction { - NoOpInstruction() { getOpcode() instanceof Opcode::NoOp } + NoOpInstruction() { this.getOpcode() instanceof Opcode::NoOp } } /** @@ -732,32 +741,32 @@ class NoOpInstruction extends Instruction { * `void`-returning function. */ class ReturnInstruction extends Instruction { - ReturnInstruction() { getOpcode() instanceof ReturnOpcode } + ReturnInstruction() { this.getOpcode() instanceof ReturnOpcode } } /** * An instruction that returns control to the caller of the function, without returning a value. */ class ReturnVoidInstruction extends ReturnInstruction { - ReturnVoidInstruction() { getOpcode() instanceof Opcode::ReturnVoid } + ReturnVoidInstruction() { this.getOpcode() instanceof Opcode::ReturnVoid } } /** * An instruction that returns control to the caller of the function, including a return value. */ class ReturnValueInstruction extends ReturnInstruction { - ReturnValueInstruction() { getOpcode() instanceof Opcode::ReturnValue } + ReturnValueInstruction() { this.getOpcode() instanceof Opcode::ReturnValue } /** * Gets the operand that provides the value being returned by the function. */ - final LoadOperand getReturnValueOperand() { result = getAnOperand() } + final LoadOperand getReturnValueOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value being returned by the function, if an * exact definition is available. */ - final Instruction getReturnValue() { result = getReturnValueOperand().getDef() } + final Instruction getReturnValue() { result = this.getReturnValueOperand().getDef() } } /** @@ -770,28 +779,28 @@ class ReturnValueInstruction extends ReturnInstruction { * that the caller initialized the memory pointed to by the parameter before the call. */ class ReturnIndirectionInstruction extends VariableInstruction { - ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection } + ReturnIndirectionInstruction() { this.getOpcode() instanceof Opcode::ReturnIndirection } /** * Gets the operand that provides the value of the pointed-to memory. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the pointed-to memory, if an exact * definition is available. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** * Gets the operand that provides the address of the pointed-to memory. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the pointed-to memory. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } /** * Gets the parameter for which this instruction reads the final pointed-to value within the @@ -826,7 +835,7 @@ class ReturnIndirectionInstruction extends VariableInstruction { * - `StoreInstruction` - Copies a register operand to a memory result. */ class CopyInstruction extends Instruction { - CopyInstruction() { getOpcode() instanceof CopyOpcode } + CopyInstruction() { this.getOpcode() instanceof CopyOpcode } /** * Gets the operand that provides the input value of the copy. @@ -837,16 +846,16 @@ class CopyInstruction extends Instruction { * Gets the instruction whose result provides the input value of the copy, if an exact definition * is available. */ - final Instruction getSourceValue() { result = getSourceValueOperand().getDef() } + final Instruction getSourceValue() { result = this.getSourceValueOperand().getDef() } } /** * An instruction that returns a register result containing a copy of its register operand. */ class CopyValueInstruction extends CopyInstruction, UnaryInstruction { - CopyValueInstruction() { getOpcode() instanceof Opcode::CopyValue } + CopyValueInstruction() { this.getOpcode() instanceof Opcode::CopyValue } - final override UnaryOperand getSourceValueOperand() { result = getAnOperand() } + final override UnaryOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -863,47 +872,49 @@ private string getAddressOperandDescription(AddressOperand operand) { * An instruction that returns a register result containing a copy of its memory operand. */ class LoadInstruction extends CopyInstruction { - LoadInstruction() { getOpcode() instanceof Opcode::Load } + LoadInstruction() { this.getOpcode() instanceof Opcode::Load } final override string getImmediateString() { - result = getAddressOperandDescription(getSourceAddressOperand()) + result = getAddressOperandDescription(this.getSourceAddressOperand()) } /** * Gets the operand that provides the address of the value being loaded. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the value being loaded. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } - final override LoadOperand getSourceValueOperand() { result = getAnOperand() } + final override LoadOperand getSourceValueOperand() { result = this.getAnOperand() } } /** * An instruction that returns a memory result containing a copy of its register operand. */ class StoreInstruction extends CopyInstruction { - StoreInstruction() { getOpcode() instanceof Opcode::Store } + StoreInstruction() { this.getOpcode() instanceof Opcode::Store } final override string getImmediateString() { - result = getAddressOperandDescription(getDestinationAddressOperand()) + result = getAddressOperandDescription(this.getDestinationAddressOperand()) } /** * Gets the operand that provides the address of the location to which the value will be stored. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the location to which the value will * be stored, if an exact definition is available. */ - final Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + final Instruction getDestinationAddress() { + result = this.getDestinationAddressOperand().getDef() + } - final override StoreValueOperand getSourceValueOperand() { result = getAnOperand() } + final override StoreValueOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -911,27 +922,27 @@ class StoreInstruction extends CopyInstruction { * operand. */ class ConditionalBranchInstruction extends Instruction { - ConditionalBranchInstruction() { getOpcode() instanceof Opcode::ConditionalBranch } + ConditionalBranchInstruction() { this.getOpcode() instanceof Opcode::ConditionalBranch } /** * Gets the operand that provides the Boolean condition controlling the branch. */ - final ConditionOperand getConditionOperand() { result = getAnOperand() } + final ConditionOperand getConditionOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the Boolean condition controlling the branch. */ - final Instruction getCondition() { result = getConditionOperand().getDef() } + final Instruction getCondition() { result = this.getConditionOperand().getDef() } /** * Gets the instruction to which control will flow if the condition is true. */ - final Instruction getTrueSuccessor() { result = getSuccessor(EdgeKind::trueEdge()) } + final Instruction getTrueSuccessor() { result = this.getSuccessor(EdgeKind::trueEdge()) } /** * Gets the instruction to which control will flow if the condition is false. */ - final Instruction getFalseSuccessor() { result = getSuccessor(EdgeKind::falseEdge()) } + final Instruction getFalseSuccessor() { result = this.getSuccessor(EdgeKind::falseEdge()) } } /** @@ -943,14 +954,14 @@ class ConditionalBranchInstruction extends Instruction { * successors. */ class ExitFunctionInstruction extends Instruction { - ExitFunctionInstruction() { getOpcode() instanceof Opcode::ExitFunction } + ExitFunctionInstruction() { this.getOpcode() instanceof Opcode::ExitFunction } } /** * An instruction whose result is a constant value. */ class ConstantInstruction extends ConstantValueInstruction { - ConstantInstruction() { getOpcode() instanceof Opcode::Constant } + ConstantInstruction() { this.getOpcode() instanceof Opcode::Constant } } /** @@ -959,7 +970,7 @@ class ConstantInstruction extends ConstantValueInstruction { class IntegerConstantInstruction extends ConstantInstruction { IntegerConstantInstruction() { exists(IRType resultType | - resultType = getResultIRType() and + resultType = this.getResultIRType() and (resultType instanceof IRIntegerType or resultType instanceof IRBooleanType) ) } @@ -969,7 +980,7 @@ class IntegerConstantInstruction extends ConstantInstruction { * An instruction whose result is a constant value of floating-point type. */ class FloatConstantInstruction extends ConstantInstruction { - FloatConstantInstruction() { getResultIRType() instanceof IRFloatingPointType } + FloatConstantInstruction() { this.getResultIRType() instanceof IRFloatingPointType } } /** @@ -978,7 +989,9 @@ class FloatConstantInstruction extends ConstantInstruction { class StringConstantInstruction extends VariableInstruction { override IRStringLiteral var; - final override string getImmediateString() { result = Language::getStringLiteralText(getValue()) } + final override string getImmediateString() { + result = Language::getStringLiteralText(this.getValue()) + } /** * Gets the string literal whose address is returned by this instruction. @@ -990,37 +1003,37 @@ class StringConstantInstruction extends VariableInstruction { * An instruction whose result is computed from two operands. */ class BinaryInstruction extends Instruction { - BinaryInstruction() { getOpcode() instanceof BinaryOpcode } + BinaryInstruction() { this.getOpcode() instanceof BinaryOpcode } /** * Gets the left operand of this binary instruction. */ - final LeftOperand getLeftOperand() { result = getAnOperand() } + final LeftOperand getLeftOperand() { result = this.getAnOperand() } /** * Gets the right operand of this binary instruction. */ - final RightOperand getRightOperand() { result = getAnOperand() } + final RightOperand getRightOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the left operand of this binary * instruction. */ - final Instruction getLeft() { result = getLeftOperand().getDef() } + final Instruction getLeft() { result = this.getLeftOperand().getDef() } /** * Gets the instruction whose result provides the value of the right operand of this binary * instruction. */ - final Instruction getRight() { result = getRightOperand().getDef() } + final Instruction getRight() { result = this.getRightOperand().getDef() } /** * Holds if this instruction's operands are `op1` and `op2`, in either order. */ final predicate hasOperands(Operand op1, Operand op2) { - op1 = getLeftOperand() and op2 = getRightOperand() + op1 = this.getLeftOperand() and op2 = this.getRightOperand() or - op1 = getRightOperand() and op2 = getLeftOperand() + op1 = this.getRightOperand() and op2 = this.getLeftOperand() } } @@ -1028,7 +1041,7 @@ class BinaryInstruction extends Instruction { * An instruction that computes the result of an arithmetic operation. */ class ArithmeticInstruction extends Instruction { - ArithmeticInstruction() { getOpcode() instanceof ArithmeticOpcode } + ArithmeticInstruction() { this.getOpcode() instanceof ArithmeticOpcode } } /** @@ -1050,7 +1063,7 @@ class UnaryArithmeticInstruction extends ArithmeticInstruction, UnaryInstruction * performed according to IEEE-754. */ class AddInstruction extends BinaryArithmeticInstruction { - AddInstruction() { getOpcode() instanceof Opcode::Add } + AddInstruction() { this.getOpcode() instanceof Opcode::Add } } /** @@ -1061,7 +1074,7 @@ class AddInstruction extends BinaryArithmeticInstruction { * according to IEEE-754. */ class SubInstruction extends BinaryArithmeticInstruction { - SubInstruction() { getOpcode() instanceof Opcode::Sub } + SubInstruction() { this.getOpcode() instanceof Opcode::Sub } } /** @@ -1072,7 +1085,7 @@ class SubInstruction extends BinaryArithmeticInstruction { * performed according to IEEE-754. */ class MulInstruction extends BinaryArithmeticInstruction { - MulInstruction() { getOpcode() instanceof Opcode::Mul } + MulInstruction() { this.getOpcode() instanceof Opcode::Mul } } /** @@ -1083,7 +1096,7 @@ class MulInstruction extends BinaryArithmeticInstruction { * to IEEE-754. */ class DivInstruction extends BinaryArithmeticInstruction { - DivInstruction() { getOpcode() instanceof Opcode::Div } + DivInstruction() { this.getOpcode() instanceof Opcode::Div } } /** @@ -1093,7 +1106,7 @@ class DivInstruction extends BinaryArithmeticInstruction { * division by zero or integer overflow is undefined. */ class RemInstruction extends BinaryArithmeticInstruction { - RemInstruction() { getOpcode() instanceof Opcode::Rem } + RemInstruction() { this.getOpcode() instanceof Opcode::Rem } } /** @@ -1104,14 +1117,14 @@ class RemInstruction extends BinaryArithmeticInstruction { * is performed according to IEEE-754. */ class NegateInstruction extends UnaryArithmeticInstruction { - NegateInstruction() { getOpcode() instanceof Opcode::Negate } + NegateInstruction() { this.getOpcode() instanceof Opcode::Negate } } /** * An instruction that computes the result of a bitwise operation. */ class BitwiseInstruction extends Instruction { - BitwiseInstruction() { getOpcode() instanceof BitwiseOpcode } + BitwiseInstruction() { this.getOpcode() instanceof BitwiseOpcode } } /** @@ -1130,7 +1143,7 @@ class UnaryBitwiseInstruction extends BitwiseInstruction, UnaryInstruction { } * Both operands must have the same integer type, which will also be the result type. */ class BitAndInstruction extends BinaryBitwiseInstruction { - BitAndInstruction() { getOpcode() instanceof Opcode::BitAnd } + BitAndInstruction() { this.getOpcode() instanceof Opcode::BitAnd } } /** @@ -1139,7 +1152,7 @@ class BitAndInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitOrInstruction extends BinaryBitwiseInstruction { - BitOrInstruction() { getOpcode() instanceof Opcode::BitOr } + BitOrInstruction() { this.getOpcode() instanceof Opcode::BitOr } } /** @@ -1148,7 +1161,7 @@ class BitOrInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitXorInstruction extends BinaryBitwiseInstruction { - BitXorInstruction() { getOpcode() instanceof Opcode::BitXor } + BitXorInstruction() { this.getOpcode() instanceof Opcode::BitXor } } /** @@ -1159,7 +1172,7 @@ class BitXorInstruction extends BinaryBitwiseInstruction { * rightmost bits are zero-filled. */ class ShiftLeftInstruction extends BinaryBitwiseInstruction { - ShiftLeftInstruction() { getOpcode() instanceof Opcode::ShiftLeft } + ShiftLeftInstruction() { this.getOpcode() instanceof Opcode::ShiftLeft } } /** @@ -1172,7 +1185,7 @@ class ShiftLeftInstruction extends BinaryBitwiseInstruction { * of the left operand. */ class ShiftRightInstruction extends BinaryBitwiseInstruction { - ShiftRightInstruction() { getOpcode() instanceof Opcode::ShiftRight } + ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } /** @@ -1183,7 +1196,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { int elementSize; PointerArithmeticInstruction() { - getOpcode() instanceof PointerArithmeticOpcode and + this.getOpcode() instanceof PointerArithmeticOpcode and elementSize = Raw::getInstructionElementSize(this) } @@ -1206,7 +1219,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { * An instruction that adds or subtracts an integer offset from a pointer. */ class PointerOffsetInstruction extends PointerArithmeticInstruction { - PointerOffsetInstruction() { getOpcode() instanceof PointerOffsetOpcode } + PointerOffsetInstruction() { this.getOpcode() instanceof PointerOffsetOpcode } } /** @@ -1217,7 +1230,7 @@ class PointerOffsetInstruction extends PointerArithmeticInstruction { * overflow is undefined. */ class PointerAddInstruction extends PointerOffsetInstruction { - PointerAddInstruction() { getOpcode() instanceof Opcode::PointerAdd } + PointerAddInstruction() { this.getOpcode() instanceof Opcode::PointerAdd } } /** @@ -1228,7 +1241,7 @@ class PointerAddInstruction extends PointerOffsetInstruction { * pointer underflow is undefined. */ class PointerSubInstruction extends PointerOffsetInstruction { - PointerSubInstruction() { getOpcode() instanceof Opcode::PointerSub } + PointerSubInstruction() { this.getOpcode() instanceof Opcode::PointerSub } } /** @@ -1241,31 +1254,31 @@ class PointerSubInstruction extends PointerOffsetInstruction { * undefined. */ class PointerDiffInstruction extends PointerArithmeticInstruction { - PointerDiffInstruction() { getOpcode() instanceof Opcode::PointerDiff } + PointerDiffInstruction() { this.getOpcode() instanceof Opcode::PointerDiff } } /** * An instruction whose result is computed from a single operand. */ class UnaryInstruction extends Instruction { - UnaryInstruction() { getOpcode() instanceof UnaryOpcode } + UnaryInstruction() { this.getOpcode() instanceof UnaryOpcode } /** * Gets the sole operand of this instruction. */ - final UnaryOperand getUnaryOperand() { result = getAnOperand() } + final UnaryOperand getUnaryOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the sole operand of this instruction. */ - final Instruction getUnary() { result = getUnaryOperand().getDef() } + final Instruction getUnary() { result = this.getUnaryOperand().getDef() } } /** * An instruction that converts the value of its operand to a value of a different type. */ class ConvertInstruction extends UnaryInstruction { - ConvertInstruction() { getOpcode() instanceof Opcode::Convert } + ConvertInstruction() { this.getOpcode() instanceof Opcode::Convert } } /** @@ -1279,7 +1292,7 @@ class ConvertInstruction extends UnaryInstruction { * `as` expression. */ class CheckedConvertOrNullInstruction extends UnaryInstruction { - CheckedConvertOrNullInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrNull } + CheckedConvertOrNullInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrNull } } /** @@ -1293,7 +1306,7 @@ class CheckedConvertOrNullInstruction extends UnaryInstruction { * expression. */ class CheckedConvertOrThrowInstruction extends UnaryInstruction { - CheckedConvertOrThrowInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrThrow } + CheckedConvertOrThrowInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrThrow } } /** @@ -1306,7 +1319,7 @@ class CheckedConvertOrThrowInstruction extends UnaryInstruction { * the most-derived object. */ class CompleteObjectAddressInstruction extends UnaryInstruction { - CompleteObjectAddressInstruction() { getOpcode() instanceof Opcode::CompleteObjectAddress } + CompleteObjectAddressInstruction() { this.getOpcode() instanceof Opcode::CompleteObjectAddress } } /** @@ -1351,7 +1364,7 @@ class InheritanceConversionInstruction extends UnaryInstruction { * An instruction that converts from the address of a derived class to the address of a base class. */ class ConvertToBaseInstruction extends InheritanceConversionInstruction { - ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode } + ConvertToBaseInstruction() { this.getOpcode() instanceof ConvertToBaseOpcode } } /** @@ -1361,7 +1374,9 @@ class ConvertToBaseInstruction extends InheritanceConversionInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase } + ConvertToNonVirtualBaseInstruction() { + this.getOpcode() instanceof Opcode::ConvertToNonVirtualBase + } } /** @@ -1371,7 +1386,7 @@ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase } + ConvertToVirtualBaseInstruction() { this.getOpcode() instanceof Opcode::ConvertToVirtualBase } } /** @@ -1381,7 +1396,7 @@ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { - ConvertToDerivedInstruction() { getOpcode() instanceof Opcode::ConvertToDerived } + ConvertToDerivedInstruction() { this.getOpcode() instanceof Opcode::ConvertToDerived } } /** @@ -1390,7 +1405,7 @@ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { * The operand must have an integer type, which will also be the result type. */ class BitComplementInstruction extends UnaryBitwiseInstruction { - BitComplementInstruction() { getOpcode() instanceof Opcode::BitComplement } + BitComplementInstruction() { this.getOpcode() instanceof Opcode::BitComplement } } /** @@ -1399,14 +1414,14 @@ class BitComplementInstruction extends UnaryBitwiseInstruction { * The operand must have a Boolean type, which will also be the result type. */ class LogicalNotInstruction extends UnaryInstruction { - LogicalNotInstruction() { getOpcode() instanceof Opcode::LogicalNot } + LogicalNotInstruction() { this.getOpcode() instanceof Opcode::LogicalNot } } /** * An instruction that compares two numeric operands. */ class CompareInstruction extends BinaryInstruction { - CompareInstruction() { getOpcode() instanceof CompareOpcode } + CompareInstruction() { this.getOpcode() instanceof CompareOpcode } } /** @@ -1417,7 +1432,7 @@ class CompareInstruction extends BinaryInstruction { * unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareEQInstruction extends CompareInstruction { - CompareEQInstruction() { getOpcode() instanceof Opcode::CompareEQ } + CompareEQInstruction() { this.getOpcode() instanceof Opcode::CompareEQ } } /** @@ -1428,14 +1443,14 @@ class CompareEQInstruction extends CompareInstruction { * `left == right`. Floating-point comparison is performed according to IEEE-754. */ class CompareNEInstruction extends CompareInstruction { - CompareNEInstruction() { getOpcode() instanceof Opcode::CompareNE } + CompareNEInstruction() { this.getOpcode() instanceof Opcode::CompareNE } } /** * An instruction that does a relative comparison of two values, such as `<` or `>=`. */ class RelationalInstruction extends CompareInstruction { - RelationalInstruction() { getOpcode() instanceof RelationalOpcode } + RelationalInstruction() { this.getOpcode() instanceof RelationalOpcode } /** * Gets the operand on the "greater" (or "greater-or-equal") side @@ -1467,11 +1482,11 @@ class RelationalInstruction extends CompareInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLTInstruction extends RelationalInstruction { - CompareLTInstruction() { getOpcode() instanceof Opcode::CompareLT } + CompareLTInstruction() { this.getOpcode() instanceof Opcode::CompareLT } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { any() } } @@ -1484,11 +1499,11 @@ class CompareLTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGTInstruction extends RelationalInstruction { - CompareGTInstruction() { getOpcode() instanceof Opcode::CompareGT } + CompareGTInstruction() { this.getOpcode() instanceof Opcode::CompareGT } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { any() } } @@ -1502,11 +1517,11 @@ class CompareGTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLEInstruction extends RelationalInstruction { - CompareLEInstruction() { getOpcode() instanceof Opcode::CompareLE } + CompareLEInstruction() { this.getOpcode() instanceof Opcode::CompareLE } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { none() } } @@ -1520,11 +1535,11 @@ class CompareLEInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGEInstruction extends RelationalInstruction { - CompareGEInstruction() { getOpcode() instanceof Opcode::CompareGE } + CompareGEInstruction() { this.getOpcode() instanceof Opcode::CompareGE } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { none() } } @@ -1543,78 +1558,78 @@ class CompareGEInstruction extends RelationalInstruction { * of any case edge. */ class SwitchInstruction extends Instruction { - SwitchInstruction() { getOpcode() instanceof Opcode::Switch } + SwitchInstruction() { this.getOpcode() instanceof Opcode::Switch } /** Gets the operand that provides the integer value controlling the switch. */ - final ConditionOperand getExpressionOperand() { result = getAnOperand() } + final ConditionOperand getExpressionOperand() { result = this.getAnOperand() } /** Gets the instruction whose result provides the integer value controlling the switch. */ - final Instruction getExpression() { result = getExpressionOperand().getDef() } + final Instruction getExpression() { result = this.getExpressionOperand().getDef() } /** Gets the successor instructions along the case edges of the switch. */ - final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = getSuccessor(edge)) } + final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = this.getSuccessor(edge)) } /** Gets the successor instruction along the default edge of the switch, if any. */ - final Instruction getDefaultSuccessor() { result = getSuccessor(EdgeKind::defaultEdge()) } + final Instruction getDefaultSuccessor() { result = this.getSuccessor(EdgeKind::defaultEdge()) } } /** * An instruction that calls a function. */ class CallInstruction extends Instruction { - CallInstruction() { getOpcode() instanceof Opcode::Call } + CallInstruction() { this.getOpcode() instanceof Opcode::Call } final override string getImmediateString() { - result = getStaticCallTarget().toString() + result = this.getStaticCallTarget().toString() or - not exists(getStaticCallTarget()) and result = "?" + not exists(this.getStaticCallTarget()) and result = "?" } /** * Gets the operand the specifies the target function of the call. */ - final CallTargetOperand getCallTargetOperand() { result = getAnOperand() } + final CallTargetOperand getCallTargetOperand() { result = this.getAnOperand() } /** * Gets the `Instruction` that computes the target function of the call. This is usually a * `FunctionAddress` instruction, but can also be an arbitrary instruction that produces a * function pointer. */ - final Instruction getCallTarget() { result = getCallTargetOperand().getDef() } + final Instruction getCallTarget() { result = this.getCallTargetOperand().getDef() } /** * Gets all of the argument operands of the call, including the `this` pointer, if any. */ - final ArgumentOperand getAnArgumentOperand() { result = getAnOperand() } + final ArgumentOperand getAnArgumentOperand() { result = this.getAnOperand() } /** * Gets the `Function` that the call targets, if this is statically known. */ final Language::Function getStaticCallTarget() { - result = getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() + result = this.getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() } /** * Gets all of the arguments of the call, including the `this` pointer, if any. */ - final Instruction getAnArgument() { result = getAnArgumentOperand().getDef() } + final Instruction getAnArgument() { result = this.getAnArgumentOperand().getDef() } /** * Gets the `this` pointer argument operand of the call, if any. */ - final ThisArgumentOperand getThisArgumentOperand() { result = getAnOperand() } + final ThisArgumentOperand getThisArgumentOperand() { result = this.getAnOperand() } /** * Gets the `this` pointer argument of the call, if any. */ - final Instruction getThisArgument() { result = getThisArgumentOperand().getDef() } + final Instruction getThisArgument() { result = this.getThisArgumentOperand().getDef() } /** * Gets the argument operand at the specified index. */ pragma[noinline] final PositionalArgumentOperand getPositionalArgumentOperand(int index) { - result = getAnOperand() and + result = this.getAnOperand() and result.getIndex() = index } @@ -1623,7 +1638,7 @@ class CallInstruction extends Instruction { */ pragma[noinline] final Instruction getPositionalArgument(int index) { - result = getPositionalArgumentOperand(index).getDef() + result = this.getPositionalArgumentOperand(index).getDef() } /** @@ -1631,16 +1646,16 @@ class CallInstruction extends Instruction { */ pragma[noinline] final ArgumentOperand getArgumentOperand(int index) { - index >= 0 and result = getPositionalArgumentOperand(index) + index >= 0 and result = this.getPositionalArgumentOperand(index) or - index = -1 and result = getThisArgumentOperand() + index = -1 and result = this.getThisArgumentOperand() } /** * Gets the argument at the specified index, or `this` if `index` is `-1`. */ pragma[noinline] - final Instruction getArgument(int index) { result = getArgumentOperand(index).getDef() } + final Instruction getArgument(int index) { result = this.getArgumentOperand(index).getDef() } /** * Gets the number of arguments of the call, including the `this` pointer, if any. @@ -1665,7 +1680,7 @@ class CallInstruction extends Instruction { * An instruction representing a side effect of a function call. */ class SideEffectInstruction extends Instruction { - SideEffectInstruction() { getOpcode() instanceof SideEffectOpcode } + SideEffectInstruction() { this.getOpcode() instanceof SideEffectOpcode } /** * Gets the instruction whose execution causes this side effect. @@ -1680,7 +1695,7 @@ class SideEffectInstruction extends Instruction { * accessed by that call. */ class CallSideEffectInstruction extends SideEffectInstruction { - CallSideEffectInstruction() { getOpcode() instanceof Opcode::CallSideEffect } + CallSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallSideEffect } } /** @@ -1691,7 +1706,7 @@ class CallSideEffectInstruction extends SideEffectInstruction { * call target cannot write to escaped memory. */ class CallReadSideEffectInstruction extends SideEffectInstruction { - CallReadSideEffectInstruction() { getOpcode() instanceof Opcode::CallReadSideEffect } + CallReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallReadSideEffect } } /** @@ -1699,33 +1714,33 @@ class CallReadSideEffectInstruction extends SideEffectInstruction { * specific parameter. */ class ReadSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - ReadSideEffectInstruction() { getOpcode() instanceof ReadSideEffectOpcode } + ReadSideEffectInstruction() { this.getOpcode() instanceof ReadSideEffectOpcode } /** Gets the operand for the value that will be read from this instruction, if known. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** Gets the value that will be read from this instruction, if known. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** Gets the operand for the address from which this instruction may read. */ - final AddressOperand getArgumentOperand() { result = getAnOperand() } + final AddressOperand getArgumentOperand() { result = this.getAnOperand() } /** Gets the address from which this instruction may read. */ - final Instruction getArgumentDef() { result = getArgumentOperand().getDef() } + final Instruction getArgumentDef() { result = this.getArgumentOperand().getDef() } } /** * An instruction representing the read of an indirect parameter within a function call. */ class IndirectReadSideEffectInstruction extends ReadSideEffectInstruction { - IndirectReadSideEffectInstruction() { getOpcode() instanceof Opcode::IndirectReadSideEffect } + IndirectReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::IndirectReadSideEffect } } /** * An instruction representing the read of an indirect buffer parameter within a function call. */ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { - BufferReadSideEffectInstruction() { getOpcode() instanceof Opcode::BufferReadSideEffect } + BufferReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::BufferReadSideEffect } } /** @@ -1733,18 +1748,18 @@ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { */ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { SizedBufferReadSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferReadSideEffect + this.getOpcode() instanceof Opcode::SizedBufferReadSideEffect } /** * Gets the operand that holds the number of bytes read from the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes read from the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1752,17 +1767,17 @@ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { * specific parameter. */ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - WriteSideEffectInstruction() { getOpcode() instanceof WriteSideEffectOpcode } + WriteSideEffectInstruction() { this.getOpcode() instanceof WriteSideEffectOpcode } /** * Get the operand that holds the address of the memory to be written. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the memory to be written. */ - Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + Instruction getDestinationAddress() { result = this.getDestinationAddressOperand().getDef() } } /** @@ -1770,7 +1785,7 @@ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstructi */ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMustWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMustWriteSideEffect } } @@ -1780,7 +1795,7 @@ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction */ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { BufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::BufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::BufferMustWriteSideEffect } } @@ -1790,18 +1805,18 @@ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1812,7 +1827,7 @@ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstructi */ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMayWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMayWriteSideEffect } } @@ -1822,7 +1837,9 @@ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { * Unlike `BufferWriteSideEffectInstruction`, the buffer might not be completely overwritten. */ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { - BufferMayWriteSideEffectInstruction() { getOpcode() instanceof Opcode::BufferMayWriteSideEffect } + BufferMayWriteSideEffectInstruction() { + this.getOpcode() instanceof Opcode::BufferMayWriteSideEffect + } } /** @@ -1832,18 +1849,18 @@ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1852,80 +1869,80 @@ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstructio */ class InitializeDynamicAllocationInstruction extends SideEffectInstruction { InitializeDynamicAllocationInstruction() { - getOpcode() instanceof Opcode::InitializeDynamicAllocation + this.getOpcode() instanceof Opcode::InitializeDynamicAllocation } /** * Gets the operand that represents the address of the allocation this instruction is initializing. */ - final AddressOperand getAllocationAddressOperand() { result = getAnOperand() } + final AddressOperand getAllocationAddressOperand() { result = this.getAnOperand() } /** * Gets the address for the allocation this instruction is initializing. */ - final Instruction getAllocationAddress() { result = getAllocationAddressOperand().getDef() } + final Instruction getAllocationAddress() { result = this.getAllocationAddressOperand().getDef() } } /** * An instruction representing a GNU or MSVC inline assembly statement. */ class InlineAsmInstruction extends Instruction { - InlineAsmInstruction() { getOpcode() instanceof Opcode::InlineAsm } + InlineAsmInstruction() { this.getOpcode() instanceof Opcode::InlineAsm } } /** * An instruction that throws an exception. */ class ThrowInstruction extends Instruction { - ThrowInstruction() { getOpcode() instanceof ThrowOpcode } + ThrowInstruction() { this.getOpcode() instanceof ThrowOpcode } } /** * An instruction that throws a new exception. */ class ThrowValueInstruction extends ThrowInstruction { - ThrowValueInstruction() { getOpcode() instanceof Opcode::ThrowValue } + ThrowValueInstruction() { this.getOpcode() instanceof Opcode::ThrowValue } /** * Gets the address operand of the exception thrown by this instruction. */ - final AddressOperand getExceptionAddressOperand() { result = getAnOperand() } + final AddressOperand getExceptionAddressOperand() { result = this.getAnOperand() } /** * Gets the address of the exception thrown by this instruction. */ - final Instruction getExceptionAddress() { result = getExceptionAddressOperand().getDef() } + final Instruction getExceptionAddress() { result = this.getExceptionAddressOperand().getDef() } /** * Gets the operand for the exception thrown by this instruction. */ - final LoadOperand getExceptionOperand() { result = getAnOperand() } + final LoadOperand getExceptionOperand() { result = this.getAnOperand() } /** * Gets the exception thrown by this instruction. */ - final Instruction getException() { result = getExceptionOperand().getDef() } + final Instruction getException() { result = this.getExceptionOperand().getDef() } } /** * An instruction that re-throws the current exception. */ class ReThrowInstruction extends ThrowInstruction { - ReThrowInstruction() { getOpcode() instanceof Opcode::ReThrow } + ReThrowInstruction() { this.getOpcode() instanceof Opcode::ReThrow } } /** * An instruction that exits the current function by propagating an exception. */ class UnwindInstruction extends Instruction { - UnwindInstruction() { getOpcode() instanceof Opcode::Unwind } + UnwindInstruction() { this.getOpcode() instanceof Opcode::Unwind } } /** * An instruction that starts a `catch` handler. */ class CatchInstruction extends Instruction { - CatchInstruction() { getOpcode() instanceof CatchOpcode } + CatchInstruction() { this.getOpcode() instanceof CatchOpcode } } /** @@ -1935,7 +1952,7 @@ class CatchByTypeInstruction extends CatchInstruction { Language::LanguageType exceptionType; CatchByTypeInstruction() { - getOpcode() instanceof Opcode::CatchByType and + this.getOpcode() instanceof Opcode::CatchByType and exceptionType = Raw::getInstructionExceptionType(this) } @@ -1951,21 +1968,21 @@ class CatchByTypeInstruction extends CatchInstruction { * An instruction that catches any exception. */ class CatchAnyInstruction extends CatchInstruction { - CatchAnyInstruction() { getOpcode() instanceof Opcode::CatchAny } + CatchAnyInstruction() { this.getOpcode() instanceof Opcode::CatchAny } } /** * An instruction that initializes all escaped memory. */ class AliasedDefinitionInstruction extends Instruction { - AliasedDefinitionInstruction() { getOpcode() instanceof Opcode::AliasedDefinition } + AliasedDefinitionInstruction() { this.getOpcode() instanceof Opcode::AliasedDefinition } } /** * An instruction that consumes all escaped memory on exit from the function. */ class AliasedUseInstruction extends Instruction { - AliasedUseInstruction() { getOpcode() instanceof Opcode::AliasedUse } + AliasedUseInstruction() { this.getOpcode() instanceof Opcode::AliasedUse } } /** @@ -1979,7 +1996,7 @@ class AliasedUseInstruction extends Instruction { * runtime. */ class PhiInstruction extends Instruction { - PhiInstruction() { getOpcode() instanceof Opcode::Phi } + PhiInstruction() { this.getOpcode() instanceof Opcode::Phi } /** * Gets all of the instruction's `PhiInputOperand`s, representing the values that flow from each predecessor block. @@ -2047,29 +2064,29 @@ class PhiInstruction extends Instruction { * https://link.springer.com/content/pdf/10.1007%2F3-540-61053-7_66.pdf. */ class ChiInstruction extends Instruction { - ChiInstruction() { getOpcode() instanceof Opcode::Chi } + ChiInstruction() { this.getOpcode() instanceof Opcode::Chi } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final ChiTotalOperand getTotalOperand() { result = getAnOperand() } + final ChiTotalOperand getTotalOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final Instruction getTotal() { result = getTotalOperand().getDef() } + final Instruction getTotal() { result = this.getTotalOperand().getDef() } /** * Gets the operand that represents the new value written by the memory write. */ - final ChiPartialOperand getPartialOperand() { result = getAnOperand() } + final ChiPartialOperand getPartialOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the new value written by the memory write. */ - final Instruction getPartial() { result = getPartialOperand().getDef() } + final Instruction getPartial() { result = this.getPartialOperand().getDef() } /** * Gets the bit range `[startBit, endBit)` updated by the partial operand of this `ChiInstruction`, relative to the start address of the total operand. @@ -2093,7 +2110,7 @@ class ChiInstruction extends Instruction { * or `Switch` instruction where that particular edge is infeasible. */ class UnreachedInstruction extends Instruction { - UnreachedInstruction() { getOpcode() instanceof Opcode::Unreached } + UnreachedInstruction() { this.getOpcode() instanceof Opcode::Unreached } } /** @@ -2106,7 +2123,7 @@ class BuiltInOperationInstruction extends Instruction { Language::BuiltInOperation operation; BuiltInOperationInstruction() { - getOpcode() instanceof BuiltInOperationOpcode and + this.getOpcode() instanceof BuiltInOperationOpcode and operation = Raw::getInstructionBuiltInOperation(this) } @@ -2122,9 +2139,9 @@ class BuiltInOperationInstruction extends Instruction { * actual operation is specified by the `getBuiltInOperation()` predicate. */ class BuiltInInstruction extends BuiltInOperationInstruction { - BuiltInInstruction() { getOpcode() instanceof Opcode::BuiltIn } + BuiltInInstruction() { this.getOpcode() instanceof Opcode::BuiltIn } - final override string getImmediateString() { result = getBuiltInOperation().toString() } + final override string getImmediateString() { result = this.getBuiltInOperation().toString() } } /** @@ -2135,7 +2152,7 @@ class BuiltInInstruction extends BuiltInOperationInstruction { * to the `...` parameter. */ class VarArgsStartInstruction extends UnaryInstruction { - VarArgsStartInstruction() { getOpcode() instanceof Opcode::VarArgsStart } + VarArgsStartInstruction() { this.getOpcode() instanceof Opcode::VarArgsStart } } /** @@ -2145,7 +2162,7 @@ class VarArgsStartInstruction extends UnaryInstruction { * a result. */ class VarArgsEndInstruction extends UnaryInstruction { - VarArgsEndInstruction() { getOpcode() instanceof Opcode::VarArgsEnd } + VarArgsEndInstruction() { this.getOpcode() instanceof Opcode::VarArgsEnd } } /** @@ -2155,7 +2172,7 @@ class VarArgsEndInstruction extends UnaryInstruction { * argument. */ class VarArgInstruction extends UnaryInstruction { - VarArgInstruction() { getOpcode() instanceof Opcode::VarArg } + VarArgInstruction() { this.getOpcode() instanceof Opcode::VarArg } } /** @@ -2166,7 +2183,7 @@ class VarArgInstruction extends UnaryInstruction { * argument of the `...` parameter. */ class NextVarArgInstruction extends UnaryInstruction { - NextVarArgInstruction() { getOpcode() instanceof Opcode::NextVarArg } + NextVarArgInstruction() { this.getOpcode() instanceof Opcode::NextVarArg } } /** @@ -2180,5 +2197,5 @@ class NextVarArgInstruction extends UnaryInstruction { * The result is the address of the newly allocated object. */ class NewObjInstruction extends Instruction { - NewObjInstruction() { getOpcode() instanceof Opcode::NewObj } + NewObjInstruction() { this.getOpcode() instanceof Opcode::NewObj } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll b/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll index d7cf89ca9aa..85d217bd361 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll @@ -46,12 +46,12 @@ class Operand extends TStageOperand { /** * Gets the location of the source code for this operand. */ - final Language::Location getLocation() { result = getUse().getLocation() } + final Language::Location getLocation() { result = this.getUse().getLocation() } /** * Gets the function that contains this operand. */ - final IRFunction getEnclosingIRFunction() { result = getUse().getEnclosingIRFunction() } + final IRFunction getEnclosingIRFunction() { result = this.getUse().getEnclosingIRFunction() } /** * Gets the `Instruction` that consumes this operand. @@ -74,7 +74,7 @@ class Operand extends TStageOperand { */ final Instruction getDef() { result = this.getAnyDef() and - getDefinitionOverlap() instanceof MustExactlyOverlap + this.getDefinitionOverlap() instanceof MustExactlyOverlap } /** @@ -82,7 +82,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` that consumes this operand. */ - deprecated final Instruction getUseInstruction() { result = getUse() } + deprecated final Instruction getUseInstruction() { result = this.getUse() } /** * DEPRECATED: use `getAnyDef` or `getDef`. The exact replacement for this @@ -91,7 +91,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` whose result is the value of the operand. */ - deprecated final Instruction getDefinitionInstruction() { result = getAnyDef() } + deprecated final Instruction getDefinitionInstruction() { result = this.getAnyDef() } /** * Gets the overlap relationship between the operand's definition and its use. @@ -101,7 +101,9 @@ class Operand extends TStageOperand { /** * Holds if the result of the definition instruction does not exactly overlap this use. */ - final predicate isDefinitionInexact() { not getDefinitionOverlap() instanceof MustExactlyOverlap } + final predicate isDefinitionInexact() { + not this.getDefinitionOverlap() instanceof MustExactlyOverlap + } /** * Gets a prefix to use when dumping the operand in an operand list. @@ -121,7 +123,7 @@ class Operand extends TStageOperand { * For example: `this:r3_5` */ final string getDumpString() { - result = getDumpLabel() + getInexactSpecifier() + getDefinitionId() + result = this.getDumpLabel() + this.getInexactSpecifier() + this.getDefinitionId() } /** @@ -129,9 +131,9 @@ class Operand extends TStageOperand { * definition is not modeled in SSA. */ private string getDefinitionId() { - result = getAnyDef().getResultId() + result = this.getAnyDef().getResultId() or - not exists(getAnyDef()) and result = "m?" + not exists(this.getAnyDef()) and result = "m?" } /** @@ -140,7 +142,7 @@ class Operand extends TStageOperand { * the empty string. */ private string getInexactSpecifier() { - if isDefinitionInexact() then result = "~" else result = "" + if this.isDefinitionInexact() then result = "~" else result = "" } /** @@ -155,7 +157,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - Language::LanguageType getLanguageType() { result = getAnyDef().getResultLanguageType() } + Language::LanguageType getLanguageType() { result = this.getAnyDef().getResultLanguageType() } /** * Gets the language-neutral type of the value consumed by this operand. This is usually the same @@ -164,7 +166,7 @@ class Operand extends TStageOperand { * from the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the value consumed by this operand. This is usually the same as the @@ -173,7 +175,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final Language::Type getType() { getLanguageType().hasType(result, _) } + final Language::Type getType() { this.getLanguageType().hasType(result, _) } /** * Holds if the value consumed by this operand is a glvalue. If this @@ -182,13 +184,13 @@ class Operand extends TStageOperand { * not hold, the value of the operand represents a value whose type is * given by `getType()`. */ - final predicate isGLValue() { getLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getLanguageType().hasType(_, true) } /** * Gets the size of the value consumed by this operand, in bytes. If the operand does not have * a known constant size, this predicate does not hold. */ - final int getSize() { result = getLanguageType().getByteSize() } + final int getSize() { result = this.getLanguageType().getByteSize() } } /** @@ -205,7 +207,7 @@ class MemoryOperand extends Operand { /** * Gets the kind of memory access performed by the operand. */ - MemoryAccessKind getMemoryAccess() { result = getUse().getOpcode().getReadMemoryAccess() } + MemoryAccessKind getMemoryAccess() { result = this.getUse().getOpcode().getReadMemoryAccess() } /** * Holds if the memory access performed by this operand will not always read from every bit in the @@ -215,7 +217,7 @@ class MemoryOperand extends Operand { * conservative estimate of the memory that might actually be accessed at runtime (for example, * the global side effects of a function call). */ - predicate hasMayReadMemoryAccess() { getUse().getOpcode().hasMayReadMemoryAccess() } + predicate hasMayReadMemoryAccess() { this.getUse().getOpcode().hasMayReadMemoryAccess() } /** * Returns the operand that holds the memory address from which the current operand loads its @@ -223,8 +225,8 @@ class MemoryOperand extends Operand { * is `r1`. */ final AddressOperand getAddressOperand() { - getMemoryAccess().usesAddressOperand() and - result.getUse() = getUse() + this.getMemoryAccess().usesAddressOperand() and + result.getUse() = this.getUse() } } @@ -294,7 +296,7 @@ class NonPhiMemoryOperand extends NonPhiOperand, MemoryOperand, TNonPhiMemoryOpe result = unique(Instruction defInstr | hasDefinition(defInstr, _)) } - final override Overlap getDefinitionOverlap() { hasDefinition(_, result) } + final override Overlap getDefinitionOverlap() { this.hasDefinition(_, result) } pragma[noinline] private predicate hasDefinition(Instruction defInstr, Overlap overlap) { @@ -449,13 +451,17 @@ class PhiInputOperand extends MemoryOperand, TPhiOperand { final override Overlap getDefinitionOverlap() { result = overlap } - final override int getDumpSortOrder() { result = 11 + getPredecessorBlock().getDisplayIndex() } - - final override string getDumpLabel() { - result = "from " + getPredecessorBlock().getDisplayIndex().toString() + ":" + final override int getDumpSortOrder() { + result = 11 + this.getPredecessorBlock().getDisplayIndex() } - final override string getDumpId() { result = getPredecessorBlock().getDisplayIndex().toString() } + final override string getDumpLabel() { + result = "from " + this.getPredecessorBlock().getDisplayIndex().toString() + ":" + } + + final override string getDumpId() { + result = this.getPredecessorBlock().getDisplayIndex().toString() + } /** * Gets the predecessor block from which this value comes. diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll index a172800b377..99833c70d0b 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll @@ -139,13 +139,13 @@ class TranslatedLogicalOrExpr extends TranslatedBinaryLogicalOperation { override LogicalOrExpr expr; override Instruction getChildTrueSuccessor(ConditionBase child) { - child = getAnOperand() and + child = this.getAnOperand() and result = this.getConditionContext().getChildTrueSuccessor(this) } override Instruction getChildFalseSuccessor(ConditionBase child) { child = this.getLeftOperand() and - result = getRightOperand().getFirstInstruction() + result = this.getRightOperand().getFirstInstruction() or child = this.getRightOperand() and result = this.getConditionContext().getChildFalseSuccessor(this) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll index 86cbdbb4360..9b4fbbba723 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll @@ -48,7 +48,7 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration, override LocalVariable getDeclVar() { result = var } - override Type getVarType() { result = getVariableType(getDeclVar()) } + override Type getVarType() { result = getVariableType(this.getDeclVar()) } override Type getTargetType() { result = getVariableType(var) } @@ -58,7 +58,7 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration, or this.hasUninitializedInstruction() and tag = InitializerStoreTag() ) and - result = getIRUserVariable(getFunction(), getDeclVar()) + result = getIRUserVariable(this.getFunction(), this.getDeclVar()) } override TranslatedInitialization getInitialization() { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll index 04e05dc9814..ea1ad7931cb 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll @@ -456,7 +456,7 @@ abstract class TranslatedElement extends TTranslatedElement { * there is no enclosing `try`. */ Instruction getExceptionSuccessorInstruction() { - result = getParent().getExceptionSuccessorInstruction() + result = this.getParent().getExceptionSuccessorInstruction() } /** @@ -558,7 +558,7 @@ abstract class TranslatedElement extends TTranslatedElement { * Gets the temporary variable generated by this element with tag `tag`. */ final IRTempVariable getTempVariable(TempVariableTag tag) { - result.getAST() = getAST() and + result.getAST() = this.getAST() and result.getTag() = tag and this.hasTempVariable(tag, _) } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 72c408a3f2a..362ed3e0d2b 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -98,7 +98,7 @@ abstract class TranslatedCoreExpr extends TranslatedExpr { } final CSharpType getResultCSharpType() { - if isResultLValue() = true + if this.isResultLValue() = true then result = getTypeForGLValue(expr.getType()) else result = getTypeForPRValue(expr.getType()) } @@ -138,18 +138,18 @@ class TranslatedConditionValue extends TranslatedCoreExpr, ConditionContext, tag = ConditionValueFalseConstantTag() ) and opcode instanceof Opcode::Constant and - resultType = getResultCSharpType() + resultType = this.getResultCSharpType() or ( tag = ConditionValueTrueStoreTag() or tag = ConditionValueFalseStoreTag() ) and opcode instanceof Opcode::Store and - resultType = getResultCSharpType() + resultType = this.getResultCSharpType() or tag = ConditionValueResultLoadTag() and opcode instanceof Opcode::Load and - resultType = getResultCSharpType() + resultType = this.getResultCSharpType() } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { @@ -258,7 +258,7 @@ class TranslatedLoad extends TranslatedExpr, TTranslatedLoad { override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { tag = LoadTag() and opcode instanceof Opcode::Load and - if producesExprResult() + if this.producesExprResult() then resultType = getTypeForPRValue(expr.getType()) else resultType = getTypeForGLValue(expr.getType()) } @@ -542,7 +542,7 @@ class TranslatedArrayAccess extends TranslatedNonConstantExpr { } final override TranslatedElement getChild(int id) { - id = -1 and result = getBaseOperand() + id = -1 and result = this.getBaseOperand() or result = this.getOffsetOperand(id) } @@ -559,7 +559,7 @@ class TranslatedArrayAccess extends TranslatedNonConstantExpr { or // The successor of the last `PointerAdd` instruction is // the successor of the `TranslatedArrayAccess`. - tag = PointerAddTag(getRank() - 1) and + tag = PointerAddTag(this.getRank() - 1) and result = this.getParent().getChildSuccessor(this) or // The successor of an `ElementsAddress` instruction is @@ -582,27 +582,29 @@ class TranslatedArrayAccess extends TranslatedNonConstantExpr { result = this.getInstruction(PointerAddTag(child.getAST().getIndex())) } - override Instruction getResult() { result = this.getInstruction(PointerAddTag(getRank() - 1)) } + override Instruction getResult() { + result = this.getInstruction(PointerAddTag(this.getRank() - 1)) + } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { exists(int index | - inBounds(index) and + this.inBounds(index) and tag = PointerAddTag(index) and opcode instanceof Opcode::PointerAdd and - resultType = getTypeForPRValue(getArrayOfDim(getRank() - index, expr.getType())) + resultType = getTypeForPRValue(getArrayOfDim(this.getRank() - index, expr.getType())) ) or exists(int index | - inBounds(index) and + this.inBounds(index) and tag = ElementsAddressTag(index) and opcode instanceof Opcode::ElementsAddress and - resultType = getTypeForPRValue(getArrayOfDim(getRank() - index, expr.getType())) + resultType = getTypeForPRValue(getArrayOfDim(this.getRank() - index, expr.getType())) ) } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { exists(int index | - inBounds(index) and + this.inBounds(index) and tag = PointerAddTag(index) and ( operandTag instanceof LeftOperandTag and @@ -632,7 +634,7 @@ class TranslatedArrayAccess extends TranslatedNonConstantExpr { override int getInstructionElementSize(InstructionTag tag) { exists(int index | - inBounds(index) and + this.inBounds(index) and tag = PointerAddTag(index) and result = Language::getTypeSize(expr.getQualifier().getType().(ArrayType).getElementType()) ) @@ -989,9 +991,9 @@ abstract class TranslatedSingleInstructionExpr extends TranslatedNonConstantExpr abstract Opcode getOpcode(); final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { - opcode = getOpcode() and + opcode = this.getOpcode() and tag = OnlyInstructionTag() and - resultType = getResultCSharpType() + resultType = this.getResultCSharpType() } final override Instruction getResult() { result = this.getInstruction(OnlyInstructionTag()) } @@ -1189,7 +1191,7 @@ class TranslatedBinaryOperation extends TranslatedSingleInstructionExpr { override int getInstructionElementSize(InstructionTag tag) { tag = OnlyInstructionTag() and exists(Opcode opcode | - opcode = getOpcode() and + opcode = this.getOpcode() and ( opcode instanceof Opcode::PointerAdd or opcode instanceof Opcode::PointerSub or @@ -1200,7 +1202,9 @@ class TranslatedBinaryOperation extends TranslatedSingleInstructionExpr { } private TranslatedExpr getPointerOperand() { - if swapOperandsOnOp() then result = this.getRightOperand() else result = this.getLeftOperand() + if this.swapOperandsOnOp() + then result = this.getRightOperand() + else result = this.getLeftOperand() } private predicate swapOperandsOnOp() { @@ -1425,7 +1429,7 @@ class TranslatedAssignOperation extends TranslatedAssignment { resultType = getTypeForPRValue(this.getLeftOperand().getResultType()) or tag = AssignOperationOpTag() and - opcode = getOpcode() and + opcode = this.getOpcode() and resultType = getTypeForPRValue(this.getConvertedLeftOperandType()) or tag = AssignmentStoreTag() and @@ -1452,7 +1456,7 @@ class TranslatedAssignOperation extends TranslatedAssignment { opcode instanceof Opcode::PointerSub ) ) and - result = Language::getTypeSize(getResultType().(PointerType).getReferentType()) + result = Language::getTypeSize(this.getResultType().(PointerType).getReferentType()) } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { @@ -1799,7 +1803,7 @@ class TranslatedIsExpr extends TranslatedNonConstantExpr { result = this.getInstruction(GeneratedConstantTag()) ) or - hasVar() and + this.hasVar() and tag = GeneratedBranchTag() and operandTag instanceof ConditionOperandTag and result = this.getInstruction(GeneratedNEQTag()) @@ -1848,7 +1852,7 @@ class TranslatedLambdaExpr extends TranslatedNonConstantExpr, InitializationCont } override Instruction getChildSuccessor(TranslatedElement child) { - child = getInitialization() and + child = this.getInitialization() and result = this.getInstruction(LoadTag()) } @@ -1922,7 +1926,7 @@ class TranslatedDelegateCall extends TranslatedNonConstantExpr { override Instruction getChildSuccessor(TranslatedElement child) { child = this.getInvokeCall() and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { @@ -1973,7 +1977,7 @@ abstract class TranslatedCreation extends TranslatedCoreExpr, TTranslatedCreatio else result = this.getInstruction(NewObjTag()) } - override Instruction getReceiver() { result = getInstruction(NewObjTag()) } + override Instruction getReceiver() { result = this.getInstruction(NewObjTag()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { kind instanceof GotoEdge and @@ -1998,11 +2002,11 @@ abstract class TranslatedCreation extends TranslatedCoreExpr, TTranslatedCreatio child = this.getConstructorCall() and if exists(this.getInitializerExpr()) then result = this.getInitializerExpr().getFirstInstruction() - else result = getLoadOrChildSuccessor() + else result = this.getLoadOrChildSuccessor() ) or child = this.getInitializerExpr() and - result = getLoadOrChildSuccessor() + result = this.getLoadOrChildSuccessor() } private Instruction getLoadOrChildSuccessor() { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll index 65488a1b95d..94b48b0985d 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll @@ -68,20 +68,20 @@ class TranslatedFunction extends TranslatedElement, TTranslatedFunction { or ( tag = AliasedDefinitionTag() and - if exists(getThisType()) + if exists(this.getThisType()) then result = this.getInstruction(InitializeThisTag()) else - if exists(getParameter(0)) + if exists(this.getParameter(0)) then result = this.getParameter(0).getFirstInstruction() else result = this.getBodyOrReturn() ) or ( tag = InitializeThisTag() and - if exists(getParameter(0)) + if exists(this.getParameter(0)) then result = this.getParameter(0).getFirstInstruction() else - if exists(getConstructorInitializer()) + if exists(this.getConstructorInitializer()) then result = this.getConstructorInitializer().getFirstInstruction() else result = this.getBodyOrReturn() ) @@ -106,7 +106,7 @@ class TranslatedFunction extends TranslatedElement, TTranslatedFunction { if exists(callable.getParameter(paramIndex + 1)) then result = this.getParameter(paramIndex + 1).getFirstInstruction() else - if exists(getConstructorInitializer()) + if exists(this.getConstructorInitializer()) then result = this.getConstructorInitializer().getFirstInstruction() else result = this.getBodyOrReturn() ) @@ -136,12 +136,12 @@ class TranslatedFunction extends TranslatedElement, TTranslatedFunction { or tag = InitializeThisTag() and opcode instanceof Opcode::InitializeThis and - resultType = getTypeForGLValue(getThisType()) + resultType = getTypeForGLValue(this.getThisType()) or tag = ReturnValueAddressTag() and opcode instanceof Opcode::VariableAddress and - not getReturnType() instanceof VoidType and - resultType = getTypeForGLValue(getReturnType()) + not this.getReturnType() instanceof VoidType and + resultType = getTypeForGLValue(this.getReturnType()) or ( tag = ReturnTag() and @@ -201,7 +201,7 @@ class TranslatedFunction extends TranslatedElement, TTranslatedFunction { final override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = ReturnValueTempVar() and type = getTypeForPRValue(this.getReturnType()) and - not getReturnType() instanceof VoidType + not this.getReturnType() instanceof VoidType } /** @@ -320,7 +320,7 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter { tag = InitializerStoreTag() or tag = InitializerVariableAddressTag() ) and - result = getIRUserVariable(getFunction(), param) + result = getIRUserVariable(this.getFunction(), param) } final override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll index cbe0e7c1d2a..77e41c15e72 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll @@ -139,7 +139,7 @@ class TranslatedDirectInitialization extends TranslatedInitialization { opcode instanceof Opcode::Store and resultType = getTypeForPRValue(this.getContext().getTargetType()) or - needsConversion() and + this.needsConversion() and tag = AssignmentConvertRightTag() and // For now only use `Opcode::Convert` to // crudely represent conversions. Could @@ -153,9 +153,9 @@ class TranslatedDirectInitialization extends TranslatedInitialization { result = this.getParent().getChildSuccessor(this) and kind instanceof GotoEdge or - needsConversion() and + this.needsConversion() and tag = AssignmentConvertRightTag() and - result = getInstruction(InitializerStoreTag()) and + result = this.getInstruction(InitializerStoreTag()) and kind instanceof GotoEdge } @@ -203,7 +203,7 @@ abstract class TranslatedElementInitialization extends TranslatedElement { ArrayInitializer initList; final override string toString() { - result = initList.toString() + "[" + getElementIndex().toString() + "]" + result = initList.toString() + "[" + this.getElementIndex().toString() + "]" } final override Language::AST getAST() { result = initList } @@ -211,54 +211,54 @@ abstract class TranslatedElementInitialization extends TranslatedElement { final override Callable getFunction() { result = initList.getEnclosingCallable() } final override Instruction getFirstInstruction() { - result = this.getInstruction(getElementIndexTag()) + result = this.getInstruction(this.getElementIndexTag()) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { - tag = getElementIndexTag() and + tag = this.getElementIndexTag() and opcode instanceof Opcode::Constant and resultType = getIntType() or - tag = getElementAddressTag() and + tag = this.getElementAddressTag() and opcode instanceof Opcode::PointerAdd and - resultType = getTypeForGLValue(getElementType()) + resultType = getTypeForGLValue(this.getElementType()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { - tag = getElementIndexTag() and - result = this.getInstruction(getElementAddressTag()) and + tag = this.getElementIndexTag() and + result = this.getInstruction(this.getElementAddressTag()) and kind instanceof GotoEdge } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { - tag = getElementAddressTag() and + tag = this.getElementAddressTag() and ( operandTag instanceof LeftOperandTag and result = this.getParent().(InitializationContext).getTargetAddress() or operandTag instanceof RightOperandTag and - result = this.getInstruction(getElementIndexTag()) + result = this.getInstruction(this.getElementIndexTag()) ) } override int getInstructionElementSize(InstructionTag tag) { - tag = getElementAddressTag() and - result = Language::getTypeSize(getElementType()) + tag = this.getElementAddressTag() and + result = Language::getTypeSize(this.getElementType()) } override string getInstructionConstantValue(InstructionTag tag) { - tag = getElementIndexTag() and - result = getElementIndex().toString() + tag = this.getElementIndexTag() and + result = this.getElementIndex().toString() } abstract int getElementIndex(); final InstructionTag getElementAddressTag() { - result = InitializerElementAddressTag(getElementIndex()) + result = InitializerElementAddressTag(this.getElementIndex()) } final InstructionTag getElementIndexTag() { - result = InitializerElementIndexTag(getElementIndex()) + result = InitializerElementIndexTag(this.getElementIndex()) } final ArrayInitializer getInitList() { result = initList } @@ -278,14 +278,16 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ this = TTranslatedExplicitElementInitialization(initList, elementIndex) } - override Instruction getTargetAddress() { result = this.getInstruction(getElementAddressTag()) } + override Instruction getTargetAddress() { + result = this.getInstruction(this.getElementAddressTag()) + } - override Type getTargetType() { result = getElementType() } + override Type getTargetType() { result = this.getElementType() } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { result = TranslatedElementInitialization.super.getInstructionSuccessor(tag, kind) or - tag = getElementAddressTag() and + tag = this.getElementAddressTag() and result = this.getInitialization().getFirstInstruction() and kind instanceof GotoEdge } @@ -340,7 +342,7 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons override string toString() { result = "constructor init: " + call.toString() } override Instruction getFirstInstruction() { - if needsConversion() + if this.needsConversion() then result = this.getInstruction(OnlyInstructionTag()) else result = this.getConstructorCall().getFirstInstruction() } @@ -361,13 +363,13 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons override Instruction getReceiver() { if this.needsConversion() then result = this.getInstruction(OnlyInstructionTag()) - else result = getTranslatedFunction(getFunction()).getInitializeThisInstruction() + else result = getTranslatedFunction(this.getFunction()).getInitializeThisInstruction() } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { tag = OnlyInstructionTag() and operandTag instanceof UnaryOperandTag and - result = getTranslatedFunction(getFunction()).getInitializeThisInstruction() + result = getTranslatedFunction(this.getFunction()).getInitializeThisInstruction() } predicate needsConversion() { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll index 81de9a6b7c9..2f91484094a 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll @@ -79,7 +79,7 @@ class TranslatedDeclStmt extends TranslatedStmt { override Instruction getChildSuccessor(TranslatedElement child) { exists(int index | child = this.getLocalDeclaration(index) and - if index = (getChildCount() - 1) + if index = (this.getChildCount() - 1) then result = this.getParent().getChildSuccessor(this) else result = this.getLocalDeclaration(index + 1).getFirstInstruction() ) @@ -276,14 +276,14 @@ class TranslatedBlock extends TranslatedStmt { override TranslatedElement getChild(int id) { result = this.getStmt(id) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { - isEmpty() and + this.isEmpty() and opcode instanceof Opcode::NoOp and tag = OnlyInstructionTag() and resultType = getVoidType() } override Instruction getFirstInstruction() { - if isEmpty() + if this.isEmpty() then result = this.getInstruction(OnlyInstructionTag()) else result = this.getStmt(0).getFirstInstruction() } @@ -303,7 +303,7 @@ class TranslatedBlock extends TranslatedStmt { override Instruction getChildSuccessor(TranslatedElement child) { exists(int index | child = this.getStmt(index) and - if index = (getStmtCount() - 1) + if index = (this.getStmtCount() - 1) then result = this.getParent().getChildSuccessor(this) else result = this.getStmt(index + 1).getFirstInstruction() ) @@ -347,7 +347,7 @@ class TranslatedCatchByTypeClause extends TranslatedClause { } override TranslatedElement getChild(int id) { - id = 0 and result = getParameter() + id = 0 and result = this.getParameter() or result = super.getChild(id) } @@ -355,14 +355,14 @@ class TranslatedCatchByTypeClause extends TranslatedClause { override Instruction getChildSuccessor(TranslatedElement child) { result = super.getChildSuccessor(child) or - child = getParameter() and result = this.getBlock().getFirstInstruction() + child = this.getParameter() and result = this.getBlock().getFirstInstruction() } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = CatchTag() and ( kind instanceof GotoEdge and - result = getParameter().getFirstInstruction() + result = this.getParameter().getFirstInstruction() or kind instanceof ExceptionEdge and result = this.getParent().(TranslatedTryStmt).getNextHandler(this) @@ -559,8 +559,8 @@ abstract class TranslatedLoop extends TranslatedStmt, ConditionContext { final TranslatedStmt getBody() { result = getTranslatedStmt(stmt.getBody()) } final Instruction getFirstConditionInstruction() { - if hasCondition() - then result = getCondition().getFirstInstruction() + if this.hasCondition() + then result = this.getCondition().getFirstInstruction() else result = this.getBody().getFirstInstruction() } @@ -611,13 +611,13 @@ class TranslatedForStmt extends TranslatedLoop { override ForStmt stmt; override TranslatedElement getChild(int id) { - initializerIndex(id) and result = this.getDeclAndInit(id) + this.initializerIndex(id) and result = this.getDeclAndInit(id) or - result = this.getUpdate(updateIndex(id)) + result = this.getUpdate(this.updateIndex(id)) or - id = initializersNo() + updatesNo() and result = this.getCondition() + id = this.initializersNo() + this.updatesNo() and result = this.getCondition() or - id = initializersNo() + updatesNo() + 1 and result = this.getBody() + id = this.initializersNo() + this.updatesNo() + 1 and result = this.getBody() } private TranslatedElement getDeclAndInit(int index) { @@ -636,11 +636,11 @@ class TranslatedForStmt extends TranslatedLoop { private int updatesNo() { result = count(stmt.getAnUpdate()) } - private predicate initializerIndex(int index) { index in [0 .. initializersNo() - 1] } + private predicate initializerIndex(int index) { index in [0 .. this.initializersNo() - 1] } private int updateIndex(int index) { - result in [0 .. updatesNo() - 1] and - index = initializersNo() + result + result in [0 .. this.updatesNo() - 1] and + index = this.initializersNo() + result } override Instruction getFirstInstruction() { @@ -652,11 +652,11 @@ class TranslatedForStmt extends TranslatedLoop { override Instruction getChildSuccessor(TranslatedElement child) { exists(int index | child = this.getDeclAndInit(index) and - index < initializersNo() - 1 and + index < this.initializersNo() - 1 and result = this.getDeclAndInit(index + 1).getFirstInstruction() ) or - child = this.getDeclAndInit(initializersNo() - 1) and + child = this.getDeclAndInit(this.initializersNo() - 1) and result = this.getFirstConditionInstruction() or ( @@ -671,7 +671,7 @@ class TranslatedForStmt extends TranslatedLoop { result = this.getUpdate(index + 1).getFirstInstruction() ) or - child = this.getUpdate(updatesNo() - 1) and + child = this.getUpdate(this.updatesNo() - 1) and result = this.getFirstConditionInstruction() } } @@ -693,7 +693,7 @@ abstract class TranslatedSpecificJump extends TranslatedStmt { override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = OnlyInstructionTag() and kind instanceof GotoEdge and - result = getTargetInstruction() + result = this.getTargetInstruction() } override Instruction getChildSuccessor(TranslatedElement child) { none() } @@ -832,7 +832,7 @@ class TranslatedSwitchStmt extends TranslatedStmt { not exists(stmt.getDefaultCase()) and tag = SwitchBranchTag() and kind instanceof DefaultEdge and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } private EdgeKind getCaseEdge(CaseStmt caseStmt) { @@ -862,19 +862,21 @@ class TranslatedEnumeratorForeach extends TranslatedLoop { override ForeachStmt stmt; override TranslatedElement getChild(int id) { - id = 0 and result = getTempEnumDecl() + id = 0 and result = this.getTempEnumDecl() or - id = 1 and result = getTry() + id = 1 and result = this.getTry() } - override Instruction getFirstInstruction() { result = getTempEnumDecl().getFirstInstruction() } + override Instruction getFirstInstruction() { + result = this.getTempEnumDecl().getFirstInstruction() + } override Instruction getChildSuccessor(TranslatedElement child) { - child = getTempEnumDecl() and - result = getTry().getFirstInstruction() + child = this.getTempEnumDecl() and + result = this.getTry().getFirstInstruction() or - child = getTry() and - result = getParent().getChildSuccessor(this) + child = this.getTry() and + result = this.getParent().getChildSuccessor(this) } private TranslatedElement getTry() { result = ForeachElements::getTry(stmt) } @@ -909,9 +911,9 @@ class TranslatedFixedStmt extends TranslatedStmt { override FixedStmt stmt; override TranslatedElement getChild(int id) { - result = getDecl(id) + result = this.getDecl(id) or - id = noDecls() and result = this.getBody() + id = this.noDecls() and result = this.getBody() } override Instruction getFirstInstruction() { result = this.getDecl(0).getFirstInstruction() } @@ -947,24 +949,26 @@ class TranslatedLockStmt extends TranslatedStmt { override LockStmt stmt; override TranslatedElement getChild(int id) { - id = 0 and result = getLockedVarDecl() + id = 0 and result = this.getLockedVarDecl() or - id = 1 and result = getLockWasTakenDecl() + id = 1 and result = this.getLockWasTakenDecl() or - id = 2 and result = getTry() + id = 2 and result = this.getTry() } - override Instruction getFirstInstruction() { result = getLockedVarDecl().getFirstInstruction() } + override Instruction getFirstInstruction() { + result = this.getLockedVarDecl().getFirstInstruction() + } override Instruction getChildSuccessor(TranslatedElement child) { - child = getLockedVarDecl() and - result = getLockWasTakenDecl().getFirstInstruction() + child = this.getLockedVarDecl() and + result = this.getLockWasTakenDecl().getFirstInstruction() or - child = getLockWasTakenDecl() and - result = getTry().getFirstInstruction() + child = this.getLockWasTakenDecl() and + result = this.getTry().getFirstInstruction() or - child = getTry() and - result = getParent().getChildSuccessor(this) + child = this.getTry() and + result = this.getParent().getChildSuccessor(this) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { @@ -1017,13 +1021,13 @@ class TranslatedUsingBlockStmt extends TranslatedStmt { override UsingBlockStmt stmt; override TranslatedElement getChild(int id) { - result = getDecl(id) + result = this.getDecl(id) or - id = getNumberOfDecls() and result = this.getBody() + id = this.getNumberOfDecls() and result = this.getBody() } override Instruction getFirstInstruction() { - if getNumberOfDecls() > 0 + if this.getNumberOfDecls() > 0 then result = this.getDecl(0).getFirstInstruction() else result = this.getBody().getFirstInstruction() } @@ -1060,7 +1064,7 @@ class TranslatedUsingBlockStmt extends TranslatedStmt { class TranslatedUsingDeclStmt extends TranslatedStmt { override UsingDeclStmt stmt; - override TranslatedElement getChild(int id) { result = getDecl(id) } + override TranslatedElement getChild(int id) { result = this.getDecl(id) } override Instruction getFirstInstruction() { result = this.getDecl(0).getFirstInstruction() } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll index 4b86f9a7cec..bb8630a5e0c 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll @@ -24,7 +24,7 @@ class IRBlockBase extends TIRBlock { final string toString() { result = getFirstInstruction(this).toString() } /** Gets the source location of the first non-`Phi` instruction in this block. */ - final Language::Location getLocation() { result = getFirstInstruction().getLocation() } + final Language::Location getLocation() { result = this.getFirstInstruction().getLocation() } /** * INTERNAL: Do not use. @@ -39,7 +39,7 @@ class IRBlockBase extends TIRBlock { ) and this = rank[result + 1](IRBlock funcBlock, int sortOverride, int sortKey1, int sortKey2 | - funcBlock.getEnclosingFunction() = getEnclosingFunction() and + funcBlock.getEnclosingFunction() = this.getEnclosingFunction() and funcBlock.getFirstInstruction().hasSortKeys(sortKey1, sortKey2) and // Ensure that the block containing `EnterFunction` always comes first. if funcBlock.getFirstInstruction() instanceof EnterFunctionInstruction @@ -59,15 +59,15 @@ class IRBlockBase extends TIRBlock { * Get the `Phi` instructions that appear at the start of this block. */ final PhiInstruction getAPhiInstruction() { - Construction::getPhiInstructionBlockStart(result) = getFirstInstruction() + Construction::getPhiInstructionBlockStart(result) = this.getFirstInstruction() } /** * Gets an instruction in this block. This includes `Phi` instructions. */ final Instruction getAnInstruction() { - result = getInstruction(_) or - result = getAPhiInstruction() + result = this.getInstruction(_) or + result = this.getAPhiInstruction() } /** @@ -78,7 +78,9 @@ class IRBlockBase extends TIRBlock { /** * Gets the last instruction in this block. */ - final Instruction getLastInstruction() { result = getInstruction(getInstructionCount() - 1) } + final Instruction getLastInstruction() { + result = this.getInstruction(this.getInstructionCount() - 1) + } /** * Gets the number of non-`Phi` instructions in this block. @@ -149,7 +151,7 @@ class IRBlock extends IRBlockBase { * Block `A` dominates block `B` if any control flow path from the entry block of the function to * block `B` must pass through block `A`. A block always dominates itself. */ - final predicate dominates(IRBlock block) { strictlyDominates(block) or this = block } + final predicate dominates(IRBlock block) { this.strictlyDominates(block) or this = block } /** * Gets a block on the dominance frontier of this block. @@ -159,8 +161,8 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock dominanceFrontier() { - dominates(result.getAPredecessor()) and - not strictlyDominates(result) + this.dominates(result.getAPredecessor()) and + not this.strictlyDominates(result) } /** @@ -189,7 +191,7 @@ class IRBlock extends IRBlockBase { * Block `A` post-dominates block `B` if any control flow path from `B` to the exit block of the * function must pass through block `A`. A block always post-dominates itself. */ - final predicate postDominates(IRBlock block) { strictlyPostDominates(block) or this = block } + final predicate postDominates(IRBlock block) { this.strictlyPostDominates(block) or this = block } /** * Gets a block on the post-dominance frontier of this block. @@ -199,16 +201,16 @@ class IRBlock extends IRBlockBase { */ pragma[noinline] final IRBlock postPominanceFrontier() { - postDominates(result.getASuccessor()) and - not strictlyPostDominates(result) + this.postDominates(result.getASuccessor()) and + not this.strictlyPostDominates(result) } /** * Holds if this block is reachable from the entry block of its function. */ final predicate isReachableFromFunctionEntry() { - this = getEnclosingIRFunction().getEntryBlock() or - getAPredecessor().isReachableFromFunctionEntry() + this = this.getEnclosingIRFunction().getEntryBlock() or + this.getAPredecessor().isReachableFromFunctionEntry() } } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll index 6f471d8a7e8..88a973fc5a8 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll @@ -41,7 +41,7 @@ class Instruction extends Construction::TStageInstruction { } /** Gets a textual representation of this element. */ - final string toString() { result = getOpcode().toString() + ": " + getAST().toString() } + final string toString() { result = this.getOpcode().toString() + ": " + this.getAST().toString() } /** * Gets a string showing the result, opcode, and operands of the instruction, equivalent to what @@ -50,7 +50,8 @@ class Instruction extends Construction::TStageInstruction { * `mu0_28(int) = Store r0_26, r0_27` */ final string getDumpString() { - result = getResultString() + " = " + getOperationString() + " " + getOperandsString() + result = + this.getResultString() + " = " + this.getOperationString() + " " + this.getOperandsString() } private predicate shouldGenerateDumpStrings() { @@ -66,10 +67,13 @@ class Instruction extends Construction::TStageInstruction { * VariableAddress[x] */ final string getOperationString() { - shouldGenerateDumpStrings() and - if exists(getImmediateString()) - then result = getOperationPrefix() + getOpcode().toString() + "[" + getImmediateString() + "]" - else result = getOperationPrefix() + getOpcode().toString() + this.shouldGenerateDumpStrings() and + if exists(this.getImmediateString()) + then + result = + this.getOperationPrefix() + this.getOpcode().toString() + "[" + this.getImmediateString() + + "]" + else result = this.getOperationPrefix() + this.getOpcode().toString() } /** @@ -78,17 +82,17 @@ class Instruction extends Construction::TStageInstruction { string getImmediateString() { none() } private string getOperationPrefix() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and if this instanceof SideEffectInstruction then result = "^" else result = "" } private string getResultPrefix() { - shouldGenerateDumpStrings() and - if getResultIRType() instanceof IRVoidType + this.shouldGenerateDumpStrings() and + if this.getResultIRType() instanceof IRVoidType then result = "v" else - if hasMemoryResult() - then if isResultModeled() then result = "m" else result = "mu" + if this.hasMemoryResult() + then if this.isResultModeled() then result = "m" else result = "mu" else result = "r" } @@ -97,7 +101,7 @@ class Instruction extends Construction::TStageInstruction { * used by debugging and printing code only. */ int getDisplayIndexInBlock() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and exists(IRBlock block | this = block.getInstruction(result) or @@ -111,12 +115,12 @@ class Instruction extends Construction::TStageInstruction { } private int getLineRank() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and this = rank[result](Instruction instr | instr = - getAnInstructionAtLine(getEnclosingIRFunction(), getLocation().getFile(), - getLocation().getStartLine()) + getAnInstructionAtLine(this.getEnclosingIRFunction(), this.getLocation().getFile(), + this.getLocation().getStartLine()) | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) @@ -130,8 +134,9 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1` */ string getResultId() { - shouldGenerateDumpStrings() and - result = getResultPrefix() + getAST().getLocation().getStartLine() + "_" + getLineRank() + this.shouldGenerateDumpStrings() and + result = + this.getResultPrefix() + this.getAST().getLocation().getStartLine() + "_" + this.getLineRank() } /** @@ -142,8 +147,8 @@ class Instruction extends Construction::TStageInstruction { * Example: `r1_1(int*)` */ final string getResultString() { - shouldGenerateDumpStrings() and - result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")" + this.shouldGenerateDumpStrings() and + result = this.getResultId() + "(" + this.getResultLanguageType().getDumpString() + ")" } /** @@ -153,10 +158,10 @@ class Instruction extends Construction::TStageInstruction { * Example: `func:r3_4, this:r3_5` */ string getOperandsString() { - shouldGenerateDumpStrings() and + this.shouldGenerateDumpStrings() and result = concat(Operand operand | - operand = getAnOperand() + operand = this.getAnOperand() | operand.getDumpString(), ", " order by operand.getDumpSortOrder() ) @@ -190,7 +195,7 @@ class Instruction extends Construction::TStageInstruction { * Gets the function that contains this instruction. */ final Language::Function getEnclosingFunction() { - result = getEnclosingIRFunction().getFunction() + result = this.getEnclosingIRFunction().getFunction() } /** @@ -208,7 +213,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets the location of the source code for this instruction. */ - final Language::Location getLocation() { result = getAST().getLocation() } + final Language::Location getLocation() { result = this.getAST().getLocation() } /** * Gets the `Expr` whose result is computed by this instruction, if any. The `Expr` may be a @@ -243,7 +248,7 @@ class Instruction extends Construction::TStageInstruction { * a result, its result type will be `IRVoidType`. */ cached - final IRType getResultIRType() { result = getResultLanguageType().getIRType() } + final IRType getResultIRType() { result = this.getResultLanguageType().getIRType() } /** * Gets the type of the result produced by this instruction. If the @@ -254,7 +259,7 @@ class Instruction extends Construction::TStageInstruction { */ final Language::Type getResultType() { exists(Language::LanguageType resultType | - resultType = getResultLanguageType() and + resultType = this.getResultLanguageType() and ( resultType.hasUnspecifiedType(result, _) or @@ -283,7 +288,7 @@ class Instruction extends Construction::TStageInstruction { * result of the `Load` instruction is a prvalue of type `int`, representing * the integer value loaded from variable `x`. */ - final predicate isGLValue() { getResultLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getResultLanguageType().hasType(_, true) } /** * Gets the size of the result produced by this instruction, in bytes. If the @@ -292,7 +297,7 @@ class Instruction extends Construction::TStageInstruction { * If `this.isGLValue()` holds for this instruction, the value of * `getResultSize()` will always be the size of a pointer. */ - final int getResultSize() { result = getResultLanguageType().getByteSize() } + final int getResultSize() { result = this.getResultLanguageType().getByteSize() } /** * Gets the opcode that specifies the operation performed by this instruction. @@ -314,14 +319,16 @@ class Instruction extends Construction::TStageInstruction { /** * Holds if this instruction produces a memory result. */ - final predicate hasMemoryResult() { exists(getResultMemoryAccess()) } + final predicate hasMemoryResult() { exists(this.getResultMemoryAccess()) } /** * Gets the kind of memory access performed by this instruction's result. * Holds only for instructions with a memory result. */ pragma[inline] - final MemoryAccessKind getResultMemoryAccess() { result = getOpcode().getWriteMemoryAccess() } + final MemoryAccessKind getResultMemoryAccess() { + result = this.getOpcode().getWriteMemoryAccess() + } /** * Holds if the memory access performed by this instruction's result will not always write to @@ -332,7 +339,7 @@ class Instruction extends Construction::TStageInstruction { * (for example, the global side effects of a function call). */ pragma[inline] - final predicate hasResultMayMemoryAccess() { getOpcode().hasMayWriteMemoryAccess() } + final predicate hasResultMayMemoryAccess() { this.getOpcode().hasMayWriteMemoryAccess() } /** * Gets the operand that holds the memory address to which this instruction stores its @@ -340,7 +347,7 @@ class Instruction extends Construction::TStageInstruction { * is `r1`. */ final AddressOperand getResultAddressOperand() { - getResultMemoryAccess().usesAddressOperand() and + this.getResultMemoryAccess().usesAddressOperand() and result.getUse() = this } @@ -349,7 +356,7 @@ class Instruction extends Construction::TStageInstruction { * result, if any. For example, in `m3 = Store r1, r2`, the result of `getResultAddressOperand()` * is the instruction that defines `r1`. */ - final Instruction getResultAddress() { result = getResultAddressOperand().getDef() } + final Instruction getResultAddress() { result = this.getResultAddressOperand().getDef() } /** * Holds if the result of this instruction is precisely modeled in SSA. Always @@ -368,7 +375,7 @@ class Instruction extends Construction::TStageInstruction { */ final predicate isResultModeled() { // Register results are always in SSA form. - not hasMemoryResult() or + not this.hasMemoryResult() or Construction::hasModeledMemoryResult(this) } @@ -412,7 +419,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct successors of this instruction. */ - final Instruction getASuccessor() { result = getSuccessor(_) } + final Instruction getASuccessor() { result = this.getSuccessor(_) } /** * Gets a predecessor of this instruction such that the predecessor reaches @@ -423,7 +430,7 @@ class Instruction extends Construction::TStageInstruction { /** * Gets all direct predecessors of this instruction. */ - final Instruction getAPredecessor() { result = getPredecessor(_) } + final Instruction getAPredecessor() { result = this.getPredecessor(_) } } /** @@ -543,7 +550,7 @@ class IndexedInstruction extends Instruction { * at this instruction. This instruction has no predecessors. */ class EnterFunctionInstruction extends Instruction { - EnterFunctionInstruction() { getOpcode() instanceof Opcode::EnterFunction } + EnterFunctionInstruction() { this.getOpcode() instanceof Opcode::EnterFunction } } /** @@ -554,7 +561,7 @@ class EnterFunctionInstruction extends Instruction { * struct, or union, see `FieldAddressInstruction`. */ class VariableAddressInstruction extends VariableInstruction { - VariableAddressInstruction() { getOpcode() instanceof Opcode::VariableAddress } + VariableAddressInstruction() { this.getOpcode() instanceof Opcode::VariableAddress } } /** @@ -566,7 +573,7 @@ class VariableAddressInstruction extends VariableInstruction { * The result has an `IRFunctionAddress` type. */ class FunctionAddressInstruction extends FunctionInstruction { - FunctionAddressInstruction() { getOpcode() instanceof Opcode::FunctionAddress } + FunctionAddressInstruction() { this.getOpcode() instanceof Opcode::FunctionAddress } } /** @@ -577,7 +584,7 @@ class FunctionAddressInstruction extends FunctionInstruction { * initializes that parameter. */ class InitializeParameterInstruction extends VariableInstruction { - InitializeParameterInstruction() { getOpcode() instanceof Opcode::InitializeParameter } + InitializeParameterInstruction() { this.getOpcode() instanceof Opcode::InitializeParameter } /** * Gets the parameter initialized by this instruction. @@ -603,7 +610,7 @@ class InitializeParameterInstruction extends VariableInstruction { * initialized elsewhere, would not otherwise have a definition in this function. */ class InitializeNonLocalInstruction extends Instruction { - InitializeNonLocalInstruction() { getOpcode() instanceof Opcode::InitializeNonLocal } + InitializeNonLocalInstruction() { this.getOpcode() instanceof Opcode::InitializeNonLocal } } /** @@ -611,7 +618,7 @@ class InitializeNonLocalInstruction extends Instruction { * with the value of that memory on entry to the function. */ class InitializeIndirectionInstruction extends VariableInstruction { - InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection } + InitializeIndirectionInstruction() { this.getOpcode() instanceof Opcode::InitializeIndirection } /** * Gets the parameter initialized by this instruction. @@ -635,24 +642,24 @@ class InitializeIndirectionInstruction extends VariableInstruction { * An instruction that initializes the `this` pointer parameter of the enclosing function. */ class InitializeThisInstruction extends Instruction { - InitializeThisInstruction() { getOpcode() instanceof Opcode::InitializeThis } + InitializeThisInstruction() { this.getOpcode() instanceof Opcode::InitializeThis } } /** * An instruction that computes the address of a non-static field of an object. */ class FieldAddressInstruction extends FieldInstruction { - FieldAddressInstruction() { getOpcode() instanceof Opcode::FieldAddress } + FieldAddressInstruction() { this.getOpcode() instanceof Opcode::FieldAddress } /** * Gets the operand that provides the address of the object containing the field. */ - final UnaryOperand getObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the object containing the field. */ - final Instruction getObjectAddress() { result = getObjectAddressOperand().getDef() } + final Instruction getObjectAddress() { result = this.getObjectAddressOperand().getDef() } } /** @@ -661,17 +668,19 @@ class FieldAddressInstruction extends FieldInstruction { * This instruction is used for element access to C# arrays. */ class ElementsAddressInstruction extends UnaryInstruction { - ElementsAddressInstruction() { getOpcode() instanceof Opcode::ElementsAddress } + ElementsAddressInstruction() { this.getOpcode() instanceof Opcode::ElementsAddress } /** * Gets the operand that provides the address of the array object. */ - final UnaryOperand getArrayObjectAddressOperand() { result = getAnOperand() } + final UnaryOperand getArrayObjectAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the array object. */ - final Instruction getArrayObjectAddress() { result = getArrayObjectAddressOperand().getDef() } + final Instruction getArrayObjectAddress() { + result = this.getArrayObjectAddressOperand().getDef() + } } /** @@ -685,7 +694,7 @@ class ElementsAddressInstruction extends UnaryInstruction { * taken may want to ignore any function that contains an `ErrorInstruction`. */ class ErrorInstruction extends Instruction { - ErrorInstruction() { getOpcode() instanceof Opcode::Error } + ErrorInstruction() { this.getOpcode() instanceof Opcode::Error } } /** @@ -695,7 +704,7 @@ class ErrorInstruction extends Instruction { * an initializer, or whose initializer only partially initializes the variable. */ class UninitializedInstruction extends VariableInstruction { - UninitializedInstruction() { getOpcode() instanceof Opcode::Uninitialized } + UninitializedInstruction() { this.getOpcode() instanceof Opcode::Uninitialized } /** * Gets the variable that is uninitialized. @@ -710,7 +719,7 @@ class UninitializedInstruction extends VariableInstruction { * least one instruction, even when the AST has no semantic effect. */ class NoOpInstruction extends Instruction { - NoOpInstruction() { getOpcode() instanceof Opcode::NoOp } + NoOpInstruction() { this.getOpcode() instanceof Opcode::NoOp } } /** @@ -732,32 +741,32 @@ class NoOpInstruction extends Instruction { * `void`-returning function. */ class ReturnInstruction extends Instruction { - ReturnInstruction() { getOpcode() instanceof ReturnOpcode } + ReturnInstruction() { this.getOpcode() instanceof ReturnOpcode } } /** * An instruction that returns control to the caller of the function, without returning a value. */ class ReturnVoidInstruction extends ReturnInstruction { - ReturnVoidInstruction() { getOpcode() instanceof Opcode::ReturnVoid } + ReturnVoidInstruction() { this.getOpcode() instanceof Opcode::ReturnVoid } } /** * An instruction that returns control to the caller of the function, including a return value. */ class ReturnValueInstruction extends ReturnInstruction { - ReturnValueInstruction() { getOpcode() instanceof Opcode::ReturnValue } + ReturnValueInstruction() { this.getOpcode() instanceof Opcode::ReturnValue } /** * Gets the operand that provides the value being returned by the function. */ - final LoadOperand getReturnValueOperand() { result = getAnOperand() } + final LoadOperand getReturnValueOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value being returned by the function, if an * exact definition is available. */ - final Instruction getReturnValue() { result = getReturnValueOperand().getDef() } + final Instruction getReturnValue() { result = this.getReturnValueOperand().getDef() } } /** @@ -770,28 +779,28 @@ class ReturnValueInstruction extends ReturnInstruction { * that the caller initialized the memory pointed to by the parameter before the call. */ class ReturnIndirectionInstruction extends VariableInstruction { - ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection } + ReturnIndirectionInstruction() { this.getOpcode() instanceof Opcode::ReturnIndirection } /** * Gets the operand that provides the value of the pointed-to memory. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the pointed-to memory, if an exact * definition is available. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** * Gets the operand that provides the address of the pointed-to memory. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the pointed-to memory. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } /** * Gets the parameter for which this instruction reads the final pointed-to value within the @@ -826,7 +835,7 @@ class ReturnIndirectionInstruction extends VariableInstruction { * - `StoreInstruction` - Copies a register operand to a memory result. */ class CopyInstruction extends Instruction { - CopyInstruction() { getOpcode() instanceof CopyOpcode } + CopyInstruction() { this.getOpcode() instanceof CopyOpcode } /** * Gets the operand that provides the input value of the copy. @@ -837,16 +846,16 @@ class CopyInstruction extends Instruction { * Gets the instruction whose result provides the input value of the copy, if an exact definition * is available. */ - final Instruction getSourceValue() { result = getSourceValueOperand().getDef() } + final Instruction getSourceValue() { result = this.getSourceValueOperand().getDef() } } /** * An instruction that returns a register result containing a copy of its register operand. */ class CopyValueInstruction extends CopyInstruction, UnaryInstruction { - CopyValueInstruction() { getOpcode() instanceof Opcode::CopyValue } + CopyValueInstruction() { this.getOpcode() instanceof Opcode::CopyValue } - final override UnaryOperand getSourceValueOperand() { result = getAnOperand() } + final override UnaryOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -863,47 +872,49 @@ private string getAddressOperandDescription(AddressOperand operand) { * An instruction that returns a register result containing a copy of its memory operand. */ class LoadInstruction extends CopyInstruction { - LoadInstruction() { getOpcode() instanceof Opcode::Load } + LoadInstruction() { this.getOpcode() instanceof Opcode::Load } final override string getImmediateString() { - result = getAddressOperandDescription(getSourceAddressOperand()) + result = getAddressOperandDescription(this.getSourceAddressOperand()) } /** * Gets the operand that provides the address of the value being loaded. */ - final AddressOperand getSourceAddressOperand() { result = getAnOperand() } + final AddressOperand getSourceAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the value being loaded. */ - final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() } + final Instruction getSourceAddress() { result = this.getSourceAddressOperand().getDef() } - final override LoadOperand getSourceValueOperand() { result = getAnOperand() } + final override LoadOperand getSourceValueOperand() { result = this.getAnOperand() } } /** * An instruction that returns a memory result containing a copy of its register operand. */ class StoreInstruction extends CopyInstruction { - StoreInstruction() { getOpcode() instanceof Opcode::Store } + StoreInstruction() { this.getOpcode() instanceof Opcode::Store } final override string getImmediateString() { - result = getAddressOperandDescription(getDestinationAddressOperand()) + result = getAddressOperandDescription(this.getDestinationAddressOperand()) } /** * Gets the operand that provides the address of the location to which the value will be stored. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the location to which the value will * be stored, if an exact definition is available. */ - final Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + final Instruction getDestinationAddress() { + result = this.getDestinationAddressOperand().getDef() + } - final override StoreValueOperand getSourceValueOperand() { result = getAnOperand() } + final override StoreValueOperand getSourceValueOperand() { result = this.getAnOperand() } } /** @@ -911,27 +922,27 @@ class StoreInstruction extends CopyInstruction { * operand. */ class ConditionalBranchInstruction extends Instruction { - ConditionalBranchInstruction() { getOpcode() instanceof Opcode::ConditionalBranch } + ConditionalBranchInstruction() { this.getOpcode() instanceof Opcode::ConditionalBranch } /** * Gets the operand that provides the Boolean condition controlling the branch. */ - final ConditionOperand getConditionOperand() { result = getAnOperand() } + final ConditionOperand getConditionOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the Boolean condition controlling the branch. */ - final Instruction getCondition() { result = getConditionOperand().getDef() } + final Instruction getCondition() { result = this.getConditionOperand().getDef() } /** * Gets the instruction to which control will flow if the condition is true. */ - final Instruction getTrueSuccessor() { result = getSuccessor(EdgeKind::trueEdge()) } + final Instruction getTrueSuccessor() { result = this.getSuccessor(EdgeKind::trueEdge()) } /** * Gets the instruction to which control will flow if the condition is false. */ - final Instruction getFalseSuccessor() { result = getSuccessor(EdgeKind::falseEdge()) } + final Instruction getFalseSuccessor() { result = this.getSuccessor(EdgeKind::falseEdge()) } } /** @@ -943,14 +954,14 @@ class ConditionalBranchInstruction extends Instruction { * successors. */ class ExitFunctionInstruction extends Instruction { - ExitFunctionInstruction() { getOpcode() instanceof Opcode::ExitFunction } + ExitFunctionInstruction() { this.getOpcode() instanceof Opcode::ExitFunction } } /** * An instruction whose result is a constant value. */ class ConstantInstruction extends ConstantValueInstruction { - ConstantInstruction() { getOpcode() instanceof Opcode::Constant } + ConstantInstruction() { this.getOpcode() instanceof Opcode::Constant } } /** @@ -959,7 +970,7 @@ class ConstantInstruction extends ConstantValueInstruction { class IntegerConstantInstruction extends ConstantInstruction { IntegerConstantInstruction() { exists(IRType resultType | - resultType = getResultIRType() and + resultType = this.getResultIRType() and (resultType instanceof IRIntegerType or resultType instanceof IRBooleanType) ) } @@ -969,7 +980,7 @@ class IntegerConstantInstruction extends ConstantInstruction { * An instruction whose result is a constant value of floating-point type. */ class FloatConstantInstruction extends ConstantInstruction { - FloatConstantInstruction() { getResultIRType() instanceof IRFloatingPointType } + FloatConstantInstruction() { this.getResultIRType() instanceof IRFloatingPointType } } /** @@ -978,7 +989,9 @@ class FloatConstantInstruction extends ConstantInstruction { class StringConstantInstruction extends VariableInstruction { override IRStringLiteral var; - final override string getImmediateString() { result = Language::getStringLiteralText(getValue()) } + final override string getImmediateString() { + result = Language::getStringLiteralText(this.getValue()) + } /** * Gets the string literal whose address is returned by this instruction. @@ -990,37 +1003,37 @@ class StringConstantInstruction extends VariableInstruction { * An instruction whose result is computed from two operands. */ class BinaryInstruction extends Instruction { - BinaryInstruction() { getOpcode() instanceof BinaryOpcode } + BinaryInstruction() { this.getOpcode() instanceof BinaryOpcode } /** * Gets the left operand of this binary instruction. */ - final LeftOperand getLeftOperand() { result = getAnOperand() } + final LeftOperand getLeftOperand() { result = this.getAnOperand() } /** * Gets the right operand of this binary instruction. */ - final RightOperand getRightOperand() { result = getAnOperand() } + final RightOperand getRightOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the value of the left operand of this binary * instruction. */ - final Instruction getLeft() { result = getLeftOperand().getDef() } + final Instruction getLeft() { result = this.getLeftOperand().getDef() } /** * Gets the instruction whose result provides the value of the right operand of this binary * instruction. */ - final Instruction getRight() { result = getRightOperand().getDef() } + final Instruction getRight() { result = this.getRightOperand().getDef() } /** * Holds if this instruction's operands are `op1` and `op2`, in either order. */ final predicate hasOperands(Operand op1, Operand op2) { - op1 = getLeftOperand() and op2 = getRightOperand() + op1 = this.getLeftOperand() and op2 = this.getRightOperand() or - op1 = getRightOperand() and op2 = getLeftOperand() + op1 = this.getRightOperand() and op2 = this.getLeftOperand() } } @@ -1028,7 +1041,7 @@ class BinaryInstruction extends Instruction { * An instruction that computes the result of an arithmetic operation. */ class ArithmeticInstruction extends Instruction { - ArithmeticInstruction() { getOpcode() instanceof ArithmeticOpcode } + ArithmeticInstruction() { this.getOpcode() instanceof ArithmeticOpcode } } /** @@ -1050,7 +1063,7 @@ class UnaryArithmeticInstruction extends ArithmeticInstruction, UnaryInstruction * performed according to IEEE-754. */ class AddInstruction extends BinaryArithmeticInstruction { - AddInstruction() { getOpcode() instanceof Opcode::Add } + AddInstruction() { this.getOpcode() instanceof Opcode::Add } } /** @@ -1061,7 +1074,7 @@ class AddInstruction extends BinaryArithmeticInstruction { * according to IEEE-754. */ class SubInstruction extends BinaryArithmeticInstruction { - SubInstruction() { getOpcode() instanceof Opcode::Sub } + SubInstruction() { this.getOpcode() instanceof Opcode::Sub } } /** @@ -1072,7 +1085,7 @@ class SubInstruction extends BinaryArithmeticInstruction { * performed according to IEEE-754. */ class MulInstruction extends BinaryArithmeticInstruction { - MulInstruction() { getOpcode() instanceof Opcode::Mul } + MulInstruction() { this.getOpcode() instanceof Opcode::Mul } } /** @@ -1083,7 +1096,7 @@ class MulInstruction extends BinaryArithmeticInstruction { * to IEEE-754. */ class DivInstruction extends BinaryArithmeticInstruction { - DivInstruction() { getOpcode() instanceof Opcode::Div } + DivInstruction() { this.getOpcode() instanceof Opcode::Div } } /** @@ -1093,7 +1106,7 @@ class DivInstruction extends BinaryArithmeticInstruction { * division by zero or integer overflow is undefined. */ class RemInstruction extends BinaryArithmeticInstruction { - RemInstruction() { getOpcode() instanceof Opcode::Rem } + RemInstruction() { this.getOpcode() instanceof Opcode::Rem } } /** @@ -1104,14 +1117,14 @@ class RemInstruction extends BinaryArithmeticInstruction { * is performed according to IEEE-754. */ class NegateInstruction extends UnaryArithmeticInstruction { - NegateInstruction() { getOpcode() instanceof Opcode::Negate } + NegateInstruction() { this.getOpcode() instanceof Opcode::Negate } } /** * An instruction that computes the result of a bitwise operation. */ class BitwiseInstruction extends Instruction { - BitwiseInstruction() { getOpcode() instanceof BitwiseOpcode } + BitwiseInstruction() { this.getOpcode() instanceof BitwiseOpcode } } /** @@ -1130,7 +1143,7 @@ class UnaryBitwiseInstruction extends BitwiseInstruction, UnaryInstruction { } * Both operands must have the same integer type, which will also be the result type. */ class BitAndInstruction extends BinaryBitwiseInstruction { - BitAndInstruction() { getOpcode() instanceof Opcode::BitAnd } + BitAndInstruction() { this.getOpcode() instanceof Opcode::BitAnd } } /** @@ -1139,7 +1152,7 @@ class BitAndInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitOrInstruction extends BinaryBitwiseInstruction { - BitOrInstruction() { getOpcode() instanceof Opcode::BitOr } + BitOrInstruction() { this.getOpcode() instanceof Opcode::BitOr } } /** @@ -1148,7 +1161,7 @@ class BitOrInstruction extends BinaryBitwiseInstruction { * Both operands must have the same integer type, which will also be the result type. */ class BitXorInstruction extends BinaryBitwiseInstruction { - BitXorInstruction() { getOpcode() instanceof Opcode::BitXor } + BitXorInstruction() { this.getOpcode() instanceof Opcode::BitXor } } /** @@ -1159,7 +1172,7 @@ class BitXorInstruction extends BinaryBitwiseInstruction { * rightmost bits are zero-filled. */ class ShiftLeftInstruction extends BinaryBitwiseInstruction { - ShiftLeftInstruction() { getOpcode() instanceof Opcode::ShiftLeft } + ShiftLeftInstruction() { this.getOpcode() instanceof Opcode::ShiftLeft } } /** @@ -1172,7 +1185,7 @@ class ShiftLeftInstruction extends BinaryBitwiseInstruction { * of the left operand. */ class ShiftRightInstruction extends BinaryBitwiseInstruction { - ShiftRightInstruction() { getOpcode() instanceof Opcode::ShiftRight } + ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } /** @@ -1183,7 +1196,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { int elementSize; PointerArithmeticInstruction() { - getOpcode() instanceof PointerArithmeticOpcode and + this.getOpcode() instanceof PointerArithmeticOpcode and elementSize = Raw::getInstructionElementSize(this) } @@ -1206,7 +1219,7 @@ class PointerArithmeticInstruction extends BinaryInstruction { * An instruction that adds or subtracts an integer offset from a pointer. */ class PointerOffsetInstruction extends PointerArithmeticInstruction { - PointerOffsetInstruction() { getOpcode() instanceof PointerOffsetOpcode } + PointerOffsetInstruction() { this.getOpcode() instanceof PointerOffsetOpcode } } /** @@ -1217,7 +1230,7 @@ class PointerOffsetInstruction extends PointerArithmeticInstruction { * overflow is undefined. */ class PointerAddInstruction extends PointerOffsetInstruction { - PointerAddInstruction() { getOpcode() instanceof Opcode::PointerAdd } + PointerAddInstruction() { this.getOpcode() instanceof Opcode::PointerAdd } } /** @@ -1228,7 +1241,7 @@ class PointerAddInstruction extends PointerOffsetInstruction { * pointer underflow is undefined. */ class PointerSubInstruction extends PointerOffsetInstruction { - PointerSubInstruction() { getOpcode() instanceof Opcode::PointerSub } + PointerSubInstruction() { this.getOpcode() instanceof Opcode::PointerSub } } /** @@ -1241,31 +1254,31 @@ class PointerSubInstruction extends PointerOffsetInstruction { * undefined. */ class PointerDiffInstruction extends PointerArithmeticInstruction { - PointerDiffInstruction() { getOpcode() instanceof Opcode::PointerDiff } + PointerDiffInstruction() { this.getOpcode() instanceof Opcode::PointerDiff } } /** * An instruction whose result is computed from a single operand. */ class UnaryInstruction extends Instruction { - UnaryInstruction() { getOpcode() instanceof UnaryOpcode } + UnaryInstruction() { this.getOpcode() instanceof UnaryOpcode } /** * Gets the sole operand of this instruction. */ - final UnaryOperand getUnaryOperand() { result = getAnOperand() } + final UnaryOperand getUnaryOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the sole operand of this instruction. */ - final Instruction getUnary() { result = getUnaryOperand().getDef() } + final Instruction getUnary() { result = this.getUnaryOperand().getDef() } } /** * An instruction that converts the value of its operand to a value of a different type. */ class ConvertInstruction extends UnaryInstruction { - ConvertInstruction() { getOpcode() instanceof Opcode::Convert } + ConvertInstruction() { this.getOpcode() instanceof Opcode::Convert } } /** @@ -1279,7 +1292,7 @@ class ConvertInstruction extends UnaryInstruction { * `as` expression. */ class CheckedConvertOrNullInstruction extends UnaryInstruction { - CheckedConvertOrNullInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrNull } + CheckedConvertOrNullInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrNull } } /** @@ -1293,7 +1306,7 @@ class CheckedConvertOrNullInstruction extends UnaryInstruction { * expression. */ class CheckedConvertOrThrowInstruction extends UnaryInstruction { - CheckedConvertOrThrowInstruction() { getOpcode() instanceof Opcode::CheckedConvertOrThrow } + CheckedConvertOrThrowInstruction() { this.getOpcode() instanceof Opcode::CheckedConvertOrThrow } } /** @@ -1306,7 +1319,7 @@ class CheckedConvertOrThrowInstruction extends UnaryInstruction { * the most-derived object. */ class CompleteObjectAddressInstruction extends UnaryInstruction { - CompleteObjectAddressInstruction() { getOpcode() instanceof Opcode::CompleteObjectAddress } + CompleteObjectAddressInstruction() { this.getOpcode() instanceof Opcode::CompleteObjectAddress } } /** @@ -1351,7 +1364,7 @@ class InheritanceConversionInstruction extends UnaryInstruction { * An instruction that converts from the address of a derived class to the address of a base class. */ class ConvertToBaseInstruction extends InheritanceConversionInstruction { - ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode } + ConvertToBaseInstruction() { this.getOpcode() instanceof ConvertToBaseOpcode } } /** @@ -1361,7 +1374,9 @@ class ConvertToBaseInstruction extends InheritanceConversionInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase } + ConvertToNonVirtualBaseInstruction() { + this.getOpcode() instanceof Opcode::ConvertToNonVirtualBase + } } /** @@ -1371,7 +1386,7 @@ class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { - ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase } + ConvertToVirtualBaseInstruction() { this.getOpcode() instanceof Opcode::ConvertToVirtualBase } } /** @@ -1381,7 +1396,7 @@ class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction { * If the operand holds a null address, the result is a null address. */ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { - ConvertToDerivedInstruction() { getOpcode() instanceof Opcode::ConvertToDerived } + ConvertToDerivedInstruction() { this.getOpcode() instanceof Opcode::ConvertToDerived } } /** @@ -1390,7 +1405,7 @@ class ConvertToDerivedInstruction extends InheritanceConversionInstruction { * The operand must have an integer type, which will also be the result type. */ class BitComplementInstruction extends UnaryBitwiseInstruction { - BitComplementInstruction() { getOpcode() instanceof Opcode::BitComplement } + BitComplementInstruction() { this.getOpcode() instanceof Opcode::BitComplement } } /** @@ -1399,14 +1414,14 @@ class BitComplementInstruction extends UnaryBitwiseInstruction { * The operand must have a Boolean type, which will also be the result type. */ class LogicalNotInstruction extends UnaryInstruction { - LogicalNotInstruction() { getOpcode() instanceof Opcode::LogicalNot } + LogicalNotInstruction() { this.getOpcode() instanceof Opcode::LogicalNot } } /** * An instruction that compares two numeric operands. */ class CompareInstruction extends BinaryInstruction { - CompareInstruction() { getOpcode() instanceof CompareOpcode } + CompareInstruction() { this.getOpcode() instanceof CompareOpcode } } /** @@ -1417,7 +1432,7 @@ class CompareInstruction extends BinaryInstruction { * unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareEQInstruction extends CompareInstruction { - CompareEQInstruction() { getOpcode() instanceof Opcode::CompareEQ } + CompareEQInstruction() { this.getOpcode() instanceof Opcode::CompareEQ } } /** @@ -1428,14 +1443,14 @@ class CompareEQInstruction extends CompareInstruction { * `left == right`. Floating-point comparison is performed according to IEEE-754. */ class CompareNEInstruction extends CompareInstruction { - CompareNEInstruction() { getOpcode() instanceof Opcode::CompareNE } + CompareNEInstruction() { this.getOpcode() instanceof Opcode::CompareNE } } /** * An instruction that does a relative comparison of two values, such as `<` or `>=`. */ class RelationalInstruction extends CompareInstruction { - RelationalInstruction() { getOpcode() instanceof RelationalOpcode } + RelationalInstruction() { this.getOpcode() instanceof RelationalOpcode } /** * Gets the operand on the "greater" (or "greater-or-equal") side @@ -1467,11 +1482,11 @@ class RelationalInstruction extends CompareInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLTInstruction extends RelationalInstruction { - CompareLTInstruction() { getOpcode() instanceof Opcode::CompareLT } + CompareLTInstruction() { this.getOpcode() instanceof Opcode::CompareLT } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { any() } } @@ -1484,11 +1499,11 @@ class CompareLTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGTInstruction extends RelationalInstruction { - CompareGTInstruction() { getOpcode() instanceof Opcode::CompareGT } + CompareGTInstruction() { this.getOpcode() instanceof Opcode::CompareGT } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { any() } } @@ -1502,11 +1517,11 @@ class CompareGTInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareLEInstruction extends RelationalInstruction { - CompareLEInstruction() { getOpcode() instanceof Opcode::CompareLE } + CompareLEInstruction() { this.getOpcode() instanceof Opcode::CompareLE } - override Instruction getLesser() { result = getLeft() } + override Instruction getLesser() { result = this.getLeft() } - override Instruction getGreater() { result = getRight() } + override Instruction getGreater() { result = this.getRight() } override predicate isStrict() { none() } } @@ -1520,11 +1535,11 @@ class CompareLEInstruction extends RelationalInstruction { * are unordered. Floating-point comparison is performed according to IEEE-754. */ class CompareGEInstruction extends RelationalInstruction { - CompareGEInstruction() { getOpcode() instanceof Opcode::CompareGE } + CompareGEInstruction() { this.getOpcode() instanceof Opcode::CompareGE } - override Instruction getLesser() { result = getRight() } + override Instruction getLesser() { result = this.getRight() } - override Instruction getGreater() { result = getLeft() } + override Instruction getGreater() { result = this.getLeft() } override predicate isStrict() { none() } } @@ -1543,78 +1558,78 @@ class CompareGEInstruction extends RelationalInstruction { * of any case edge. */ class SwitchInstruction extends Instruction { - SwitchInstruction() { getOpcode() instanceof Opcode::Switch } + SwitchInstruction() { this.getOpcode() instanceof Opcode::Switch } /** Gets the operand that provides the integer value controlling the switch. */ - final ConditionOperand getExpressionOperand() { result = getAnOperand() } + final ConditionOperand getExpressionOperand() { result = this.getAnOperand() } /** Gets the instruction whose result provides the integer value controlling the switch. */ - final Instruction getExpression() { result = getExpressionOperand().getDef() } + final Instruction getExpression() { result = this.getExpressionOperand().getDef() } /** Gets the successor instructions along the case edges of the switch. */ - final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = getSuccessor(edge)) } + final Instruction getACaseSuccessor() { exists(CaseEdge edge | result = this.getSuccessor(edge)) } /** Gets the successor instruction along the default edge of the switch, if any. */ - final Instruction getDefaultSuccessor() { result = getSuccessor(EdgeKind::defaultEdge()) } + final Instruction getDefaultSuccessor() { result = this.getSuccessor(EdgeKind::defaultEdge()) } } /** * An instruction that calls a function. */ class CallInstruction extends Instruction { - CallInstruction() { getOpcode() instanceof Opcode::Call } + CallInstruction() { this.getOpcode() instanceof Opcode::Call } final override string getImmediateString() { - result = getStaticCallTarget().toString() + result = this.getStaticCallTarget().toString() or - not exists(getStaticCallTarget()) and result = "?" + not exists(this.getStaticCallTarget()) and result = "?" } /** * Gets the operand the specifies the target function of the call. */ - final CallTargetOperand getCallTargetOperand() { result = getAnOperand() } + final CallTargetOperand getCallTargetOperand() { result = this.getAnOperand() } /** * Gets the `Instruction` that computes the target function of the call. This is usually a * `FunctionAddress` instruction, but can also be an arbitrary instruction that produces a * function pointer. */ - final Instruction getCallTarget() { result = getCallTargetOperand().getDef() } + final Instruction getCallTarget() { result = this.getCallTargetOperand().getDef() } /** * Gets all of the argument operands of the call, including the `this` pointer, if any. */ - final ArgumentOperand getAnArgumentOperand() { result = getAnOperand() } + final ArgumentOperand getAnArgumentOperand() { result = this.getAnOperand() } /** * Gets the `Function` that the call targets, if this is statically known. */ final Language::Function getStaticCallTarget() { - result = getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() + result = this.getCallTarget().(FunctionAddressInstruction).getFunctionSymbol() } /** * Gets all of the arguments of the call, including the `this` pointer, if any. */ - final Instruction getAnArgument() { result = getAnArgumentOperand().getDef() } + final Instruction getAnArgument() { result = this.getAnArgumentOperand().getDef() } /** * Gets the `this` pointer argument operand of the call, if any. */ - final ThisArgumentOperand getThisArgumentOperand() { result = getAnOperand() } + final ThisArgumentOperand getThisArgumentOperand() { result = this.getAnOperand() } /** * Gets the `this` pointer argument of the call, if any. */ - final Instruction getThisArgument() { result = getThisArgumentOperand().getDef() } + final Instruction getThisArgument() { result = this.getThisArgumentOperand().getDef() } /** * Gets the argument operand at the specified index. */ pragma[noinline] final PositionalArgumentOperand getPositionalArgumentOperand(int index) { - result = getAnOperand() and + result = this.getAnOperand() and result.getIndex() = index } @@ -1623,7 +1638,7 @@ class CallInstruction extends Instruction { */ pragma[noinline] final Instruction getPositionalArgument(int index) { - result = getPositionalArgumentOperand(index).getDef() + result = this.getPositionalArgumentOperand(index).getDef() } /** @@ -1631,16 +1646,16 @@ class CallInstruction extends Instruction { */ pragma[noinline] final ArgumentOperand getArgumentOperand(int index) { - index >= 0 and result = getPositionalArgumentOperand(index) + index >= 0 and result = this.getPositionalArgumentOperand(index) or - index = -1 and result = getThisArgumentOperand() + index = -1 and result = this.getThisArgumentOperand() } /** * Gets the argument at the specified index, or `this` if `index` is `-1`. */ pragma[noinline] - final Instruction getArgument(int index) { result = getArgumentOperand(index).getDef() } + final Instruction getArgument(int index) { result = this.getArgumentOperand(index).getDef() } /** * Gets the number of arguments of the call, including the `this` pointer, if any. @@ -1665,7 +1680,7 @@ class CallInstruction extends Instruction { * An instruction representing a side effect of a function call. */ class SideEffectInstruction extends Instruction { - SideEffectInstruction() { getOpcode() instanceof SideEffectOpcode } + SideEffectInstruction() { this.getOpcode() instanceof SideEffectOpcode } /** * Gets the instruction whose execution causes this side effect. @@ -1680,7 +1695,7 @@ class SideEffectInstruction extends Instruction { * accessed by that call. */ class CallSideEffectInstruction extends SideEffectInstruction { - CallSideEffectInstruction() { getOpcode() instanceof Opcode::CallSideEffect } + CallSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallSideEffect } } /** @@ -1691,7 +1706,7 @@ class CallSideEffectInstruction extends SideEffectInstruction { * call target cannot write to escaped memory. */ class CallReadSideEffectInstruction extends SideEffectInstruction { - CallReadSideEffectInstruction() { getOpcode() instanceof Opcode::CallReadSideEffect } + CallReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::CallReadSideEffect } } /** @@ -1699,33 +1714,33 @@ class CallReadSideEffectInstruction extends SideEffectInstruction { * specific parameter. */ class ReadSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - ReadSideEffectInstruction() { getOpcode() instanceof ReadSideEffectOpcode } + ReadSideEffectInstruction() { this.getOpcode() instanceof ReadSideEffectOpcode } /** Gets the operand for the value that will be read from this instruction, if known. */ - final SideEffectOperand getSideEffectOperand() { result = getAnOperand() } + final SideEffectOperand getSideEffectOperand() { result = this.getAnOperand() } /** Gets the value that will be read from this instruction, if known. */ - final Instruction getSideEffect() { result = getSideEffectOperand().getDef() } + final Instruction getSideEffect() { result = this.getSideEffectOperand().getDef() } /** Gets the operand for the address from which this instruction may read. */ - final AddressOperand getArgumentOperand() { result = getAnOperand() } + final AddressOperand getArgumentOperand() { result = this.getAnOperand() } /** Gets the address from which this instruction may read. */ - final Instruction getArgumentDef() { result = getArgumentOperand().getDef() } + final Instruction getArgumentDef() { result = this.getArgumentOperand().getDef() } } /** * An instruction representing the read of an indirect parameter within a function call. */ class IndirectReadSideEffectInstruction extends ReadSideEffectInstruction { - IndirectReadSideEffectInstruction() { getOpcode() instanceof Opcode::IndirectReadSideEffect } + IndirectReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::IndirectReadSideEffect } } /** * An instruction representing the read of an indirect buffer parameter within a function call. */ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { - BufferReadSideEffectInstruction() { getOpcode() instanceof Opcode::BufferReadSideEffect } + BufferReadSideEffectInstruction() { this.getOpcode() instanceof Opcode::BufferReadSideEffect } } /** @@ -1733,18 +1748,18 @@ class BufferReadSideEffectInstruction extends ReadSideEffectInstruction { */ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { SizedBufferReadSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferReadSideEffect + this.getOpcode() instanceof Opcode::SizedBufferReadSideEffect } /** * Gets the operand that holds the number of bytes read from the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes read from the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1752,17 +1767,17 @@ class SizedBufferReadSideEffectInstruction extends ReadSideEffectInstruction { * specific parameter. */ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstruction { - WriteSideEffectInstruction() { getOpcode() instanceof WriteSideEffectOpcode } + WriteSideEffectInstruction() { this.getOpcode() instanceof WriteSideEffectOpcode } /** * Get the operand that holds the address of the memory to be written. */ - final AddressOperand getDestinationAddressOperand() { result = getAnOperand() } + final AddressOperand getDestinationAddressOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the address of the memory to be written. */ - Instruction getDestinationAddress() { result = getDestinationAddressOperand().getDef() } + Instruction getDestinationAddress() { result = this.getDestinationAddressOperand().getDef() } } /** @@ -1770,7 +1785,7 @@ class WriteSideEffectInstruction extends SideEffectInstruction, IndexedInstructi */ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMustWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMustWriteSideEffect } } @@ -1780,7 +1795,7 @@ class IndirectMustWriteSideEffectInstruction extends WriteSideEffectInstruction */ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { BufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::BufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::BufferMustWriteSideEffect } } @@ -1790,18 +1805,18 @@ class BufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMustWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMustWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1812,7 +1827,7 @@ class SizedBufferMustWriteSideEffectInstruction extends WriteSideEffectInstructi */ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { IndirectMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::IndirectMayWriteSideEffect + this.getOpcode() instanceof Opcode::IndirectMayWriteSideEffect } } @@ -1822,7 +1837,9 @@ class IndirectMayWriteSideEffectInstruction extends WriteSideEffectInstruction { * Unlike `BufferWriteSideEffectInstruction`, the buffer might not be completely overwritten. */ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { - BufferMayWriteSideEffectInstruction() { getOpcode() instanceof Opcode::BufferMayWriteSideEffect } + BufferMayWriteSideEffectInstruction() { + this.getOpcode() instanceof Opcode::BufferMayWriteSideEffect + } } /** @@ -1832,18 +1849,18 @@ class BufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { */ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstruction { SizedBufferMayWriteSideEffectInstruction() { - getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect + this.getOpcode() instanceof Opcode::SizedBufferMayWriteSideEffect } /** * Gets the operand that holds the number of bytes written to the buffer. */ - final BufferSizeOperand getBufferSizeOperand() { result = getAnOperand() } + final BufferSizeOperand getBufferSizeOperand() { result = this.getAnOperand() } /** * Gets the instruction whose result provides the number of bytes written to the buffer. */ - final Instruction getBufferSize() { result = getBufferSizeOperand().getDef() } + final Instruction getBufferSize() { result = this.getBufferSizeOperand().getDef() } } /** @@ -1852,80 +1869,80 @@ class SizedBufferMayWriteSideEffectInstruction extends WriteSideEffectInstructio */ class InitializeDynamicAllocationInstruction extends SideEffectInstruction { InitializeDynamicAllocationInstruction() { - getOpcode() instanceof Opcode::InitializeDynamicAllocation + this.getOpcode() instanceof Opcode::InitializeDynamicAllocation } /** * Gets the operand that represents the address of the allocation this instruction is initializing. */ - final AddressOperand getAllocationAddressOperand() { result = getAnOperand() } + final AddressOperand getAllocationAddressOperand() { result = this.getAnOperand() } /** * Gets the address for the allocation this instruction is initializing. */ - final Instruction getAllocationAddress() { result = getAllocationAddressOperand().getDef() } + final Instruction getAllocationAddress() { result = this.getAllocationAddressOperand().getDef() } } /** * An instruction representing a GNU or MSVC inline assembly statement. */ class InlineAsmInstruction extends Instruction { - InlineAsmInstruction() { getOpcode() instanceof Opcode::InlineAsm } + InlineAsmInstruction() { this.getOpcode() instanceof Opcode::InlineAsm } } /** * An instruction that throws an exception. */ class ThrowInstruction extends Instruction { - ThrowInstruction() { getOpcode() instanceof ThrowOpcode } + ThrowInstruction() { this.getOpcode() instanceof ThrowOpcode } } /** * An instruction that throws a new exception. */ class ThrowValueInstruction extends ThrowInstruction { - ThrowValueInstruction() { getOpcode() instanceof Opcode::ThrowValue } + ThrowValueInstruction() { this.getOpcode() instanceof Opcode::ThrowValue } /** * Gets the address operand of the exception thrown by this instruction. */ - final AddressOperand getExceptionAddressOperand() { result = getAnOperand() } + final AddressOperand getExceptionAddressOperand() { result = this.getAnOperand() } /** * Gets the address of the exception thrown by this instruction. */ - final Instruction getExceptionAddress() { result = getExceptionAddressOperand().getDef() } + final Instruction getExceptionAddress() { result = this.getExceptionAddressOperand().getDef() } /** * Gets the operand for the exception thrown by this instruction. */ - final LoadOperand getExceptionOperand() { result = getAnOperand() } + final LoadOperand getExceptionOperand() { result = this.getAnOperand() } /** * Gets the exception thrown by this instruction. */ - final Instruction getException() { result = getExceptionOperand().getDef() } + final Instruction getException() { result = this.getExceptionOperand().getDef() } } /** * An instruction that re-throws the current exception. */ class ReThrowInstruction extends ThrowInstruction { - ReThrowInstruction() { getOpcode() instanceof Opcode::ReThrow } + ReThrowInstruction() { this.getOpcode() instanceof Opcode::ReThrow } } /** * An instruction that exits the current function by propagating an exception. */ class UnwindInstruction extends Instruction { - UnwindInstruction() { getOpcode() instanceof Opcode::Unwind } + UnwindInstruction() { this.getOpcode() instanceof Opcode::Unwind } } /** * An instruction that starts a `catch` handler. */ class CatchInstruction extends Instruction { - CatchInstruction() { getOpcode() instanceof CatchOpcode } + CatchInstruction() { this.getOpcode() instanceof CatchOpcode } } /** @@ -1935,7 +1952,7 @@ class CatchByTypeInstruction extends CatchInstruction { Language::LanguageType exceptionType; CatchByTypeInstruction() { - getOpcode() instanceof Opcode::CatchByType and + this.getOpcode() instanceof Opcode::CatchByType and exceptionType = Raw::getInstructionExceptionType(this) } @@ -1951,21 +1968,21 @@ class CatchByTypeInstruction extends CatchInstruction { * An instruction that catches any exception. */ class CatchAnyInstruction extends CatchInstruction { - CatchAnyInstruction() { getOpcode() instanceof Opcode::CatchAny } + CatchAnyInstruction() { this.getOpcode() instanceof Opcode::CatchAny } } /** * An instruction that initializes all escaped memory. */ class AliasedDefinitionInstruction extends Instruction { - AliasedDefinitionInstruction() { getOpcode() instanceof Opcode::AliasedDefinition } + AliasedDefinitionInstruction() { this.getOpcode() instanceof Opcode::AliasedDefinition } } /** * An instruction that consumes all escaped memory on exit from the function. */ class AliasedUseInstruction extends Instruction { - AliasedUseInstruction() { getOpcode() instanceof Opcode::AliasedUse } + AliasedUseInstruction() { this.getOpcode() instanceof Opcode::AliasedUse } } /** @@ -1979,7 +1996,7 @@ class AliasedUseInstruction extends Instruction { * runtime. */ class PhiInstruction extends Instruction { - PhiInstruction() { getOpcode() instanceof Opcode::Phi } + PhiInstruction() { this.getOpcode() instanceof Opcode::Phi } /** * Gets all of the instruction's `PhiInputOperand`s, representing the values that flow from each predecessor block. @@ -2047,29 +2064,29 @@ class PhiInstruction extends Instruction { * https://link.springer.com/content/pdf/10.1007%2F3-540-61053-7_66.pdf. */ class ChiInstruction extends Instruction { - ChiInstruction() { getOpcode() instanceof Opcode::Chi } + ChiInstruction() { this.getOpcode() instanceof Opcode::Chi } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final ChiTotalOperand getTotalOperand() { result = getAnOperand() } + final ChiTotalOperand getTotalOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the previous state of all memory that might be aliased by the * memory write. */ - final Instruction getTotal() { result = getTotalOperand().getDef() } + final Instruction getTotal() { result = this.getTotalOperand().getDef() } /** * Gets the operand that represents the new value written by the memory write. */ - final ChiPartialOperand getPartialOperand() { result = getAnOperand() } + final ChiPartialOperand getPartialOperand() { result = this.getAnOperand() } /** * Gets the operand that represents the new value written by the memory write. */ - final Instruction getPartial() { result = getPartialOperand().getDef() } + final Instruction getPartial() { result = this.getPartialOperand().getDef() } /** * Gets the bit range `[startBit, endBit)` updated by the partial operand of this `ChiInstruction`, relative to the start address of the total operand. @@ -2093,7 +2110,7 @@ class ChiInstruction extends Instruction { * or `Switch` instruction where that particular edge is infeasible. */ class UnreachedInstruction extends Instruction { - UnreachedInstruction() { getOpcode() instanceof Opcode::Unreached } + UnreachedInstruction() { this.getOpcode() instanceof Opcode::Unreached } } /** @@ -2106,7 +2123,7 @@ class BuiltInOperationInstruction extends Instruction { Language::BuiltInOperation operation; BuiltInOperationInstruction() { - getOpcode() instanceof BuiltInOperationOpcode and + this.getOpcode() instanceof BuiltInOperationOpcode and operation = Raw::getInstructionBuiltInOperation(this) } @@ -2122,9 +2139,9 @@ class BuiltInOperationInstruction extends Instruction { * actual operation is specified by the `getBuiltInOperation()` predicate. */ class BuiltInInstruction extends BuiltInOperationInstruction { - BuiltInInstruction() { getOpcode() instanceof Opcode::BuiltIn } + BuiltInInstruction() { this.getOpcode() instanceof Opcode::BuiltIn } - final override string getImmediateString() { result = getBuiltInOperation().toString() } + final override string getImmediateString() { result = this.getBuiltInOperation().toString() } } /** @@ -2135,7 +2152,7 @@ class BuiltInInstruction extends BuiltInOperationInstruction { * to the `...` parameter. */ class VarArgsStartInstruction extends UnaryInstruction { - VarArgsStartInstruction() { getOpcode() instanceof Opcode::VarArgsStart } + VarArgsStartInstruction() { this.getOpcode() instanceof Opcode::VarArgsStart } } /** @@ -2145,7 +2162,7 @@ class VarArgsStartInstruction extends UnaryInstruction { * a result. */ class VarArgsEndInstruction extends UnaryInstruction { - VarArgsEndInstruction() { getOpcode() instanceof Opcode::VarArgsEnd } + VarArgsEndInstruction() { this.getOpcode() instanceof Opcode::VarArgsEnd } } /** @@ -2155,7 +2172,7 @@ class VarArgsEndInstruction extends UnaryInstruction { * argument. */ class VarArgInstruction extends UnaryInstruction { - VarArgInstruction() { getOpcode() instanceof Opcode::VarArg } + VarArgInstruction() { this.getOpcode() instanceof Opcode::VarArg } } /** @@ -2166,7 +2183,7 @@ class VarArgInstruction extends UnaryInstruction { * argument of the `...` parameter. */ class NextVarArgInstruction extends UnaryInstruction { - NextVarArgInstruction() { getOpcode() instanceof Opcode::NextVarArg } + NextVarArgInstruction() { this.getOpcode() instanceof Opcode::NextVarArg } } /** @@ -2180,5 +2197,5 @@ class NextVarArgInstruction extends UnaryInstruction { * The result is the address of the newly allocated object. */ class NewObjInstruction extends Instruction { - NewObjInstruction() { getOpcode() instanceof Opcode::NewObj } + NewObjInstruction() { this.getOpcode() instanceof Opcode::NewObj } } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll index d7cf89ca9aa..85d217bd361 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll @@ -46,12 +46,12 @@ class Operand extends TStageOperand { /** * Gets the location of the source code for this operand. */ - final Language::Location getLocation() { result = getUse().getLocation() } + final Language::Location getLocation() { result = this.getUse().getLocation() } /** * Gets the function that contains this operand. */ - final IRFunction getEnclosingIRFunction() { result = getUse().getEnclosingIRFunction() } + final IRFunction getEnclosingIRFunction() { result = this.getUse().getEnclosingIRFunction() } /** * Gets the `Instruction` that consumes this operand. @@ -74,7 +74,7 @@ class Operand extends TStageOperand { */ final Instruction getDef() { result = this.getAnyDef() and - getDefinitionOverlap() instanceof MustExactlyOverlap + this.getDefinitionOverlap() instanceof MustExactlyOverlap } /** @@ -82,7 +82,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` that consumes this operand. */ - deprecated final Instruction getUseInstruction() { result = getUse() } + deprecated final Instruction getUseInstruction() { result = this.getUse() } /** * DEPRECATED: use `getAnyDef` or `getDef`. The exact replacement for this @@ -91,7 +91,7 @@ class Operand extends TStageOperand { * * Gets the `Instruction` whose result is the value of the operand. */ - deprecated final Instruction getDefinitionInstruction() { result = getAnyDef() } + deprecated final Instruction getDefinitionInstruction() { result = this.getAnyDef() } /** * Gets the overlap relationship between the operand's definition and its use. @@ -101,7 +101,9 @@ class Operand extends TStageOperand { /** * Holds if the result of the definition instruction does not exactly overlap this use. */ - final predicate isDefinitionInexact() { not getDefinitionOverlap() instanceof MustExactlyOverlap } + final predicate isDefinitionInexact() { + not this.getDefinitionOverlap() instanceof MustExactlyOverlap + } /** * Gets a prefix to use when dumping the operand in an operand list. @@ -121,7 +123,7 @@ class Operand extends TStageOperand { * For example: `this:r3_5` */ final string getDumpString() { - result = getDumpLabel() + getInexactSpecifier() + getDefinitionId() + result = this.getDumpLabel() + this.getInexactSpecifier() + this.getDefinitionId() } /** @@ -129,9 +131,9 @@ class Operand extends TStageOperand { * definition is not modeled in SSA. */ private string getDefinitionId() { - result = getAnyDef().getResultId() + result = this.getAnyDef().getResultId() or - not exists(getAnyDef()) and result = "m?" + not exists(this.getAnyDef()) and result = "m?" } /** @@ -140,7 +142,7 @@ class Operand extends TStageOperand { * the empty string. */ private string getInexactSpecifier() { - if isDefinitionInexact() then result = "~" else result = "" + if this.isDefinitionInexact() then result = "~" else result = "" } /** @@ -155,7 +157,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - Language::LanguageType getLanguageType() { result = getAnyDef().getResultLanguageType() } + Language::LanguageType getLanguageType() { result = this.getAnyDef().getResultLanguageType() } /** * Gets the language-neutral type of the value consumed by this operand. This is usually the same @@ -164,7 +166,7 @@ class Operand extends TStageOperand { * from the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the value consumed by this operand. This is usually the same as the @@ -173,7 +175,7 @@ class Operand extends TStageOperand { * the definition type, such as in the case of a partial read or a read from a pointer that * has been cast to a different type. */ - final Language::Type getType() { getLanguageType().hasType(result, _) } + final Language::Type getType() { this.getLanguageType().hasType(result, _) } /** * Holds if the value consumed by this operand is a glvalue. If this @@ -182,13 +184,13 @@ class Operand extends TStageOperand { * not hold, the value of the operand represents a value whose type is * given by `getType()`. */ - final predicate isGLValue() { getLanguageType().hasType(_, true) } + final predicate isGLValue() { this.getLanguageType().hasType(_, true) } /** * Gets the size of the value consumed by this operand, in bytes. If the operand does not have * a known constant size, this predicate does not hold. */ - final int getSize() { result = getLanguageType().getByteSize() } + final int getSize() { result = this.getLanguageType().getByteSize() } } /** @@ -205,7 +207,7 @@ class MemoryOperand extends Operand { /** * Gets the kind of memory access performed by the operand. */ - MemoryAccessKind getMemoryAccess() { result = getUse().getOpcode().getReadMemoryAccess() } + MemoryAccessKind getMemoryAccess() { result = this.getUse().getOpcode().getReadMemoryAccess() } /** * Holds if the memory access performed by this operand will not always read from every bit in the @@ -215,7 +217,7 @@ class MemoryOperand extends Operand { * conservative estimate of the memory that might actually be accessed at runtime (for example, * the global side effects of a function call). */ - predicate hasMayReadMemoryAccess() { getUse().getOpcode().hasMayReadMemoryAccess() } + predicate hasMayReadMemoryAccess() { this.getUse().getOpcode().hasMayReadMemoryAccess() } /** * Returns the operand that holds the memory address from which the current operand loads its @@ -223,8 +225,8 @@ class MemoryOperand extends Operand { * is `r1`. */ final AddressOperand getAddressOperand() { - getMemoryAccess().usesAddressOperand() and - result.getUse() = getUse() + this.getMemoryAccess().usesAddressOperand() and + result.getUse() = this.getUse() } } @@ -294,7 +296,7 @@ class NonPhiMemoryOperand extends NonPhiOperand, MemoryOperand, TNonPhiMemoryOpe result = unique(Instruction defInstr | hasDefinition(defInstr, _)) } - final override Overlap getDefinitionOverlap() { hasDefinition(_, result) } + final override Overlap getDefinitionOverlap() { this.hasDefinition(_, result) } pragma[noinline] private predicate hasDefinition(Instruction defInstr, Overlap overlap) { @@ -449,13 +451,17 @@ class PhiInputOperand extends MemoryOperand, TPhiOperand { final override Overlap getDefinitionOverlap() { result = overlap } - final override int getDumpSortOrder() { result = 11 + getPredecessorBlock().getDisplayIndex() } - - final override string getDumpLabel() { - result = "from " + getPredecessorBlock().getDisplayIndex().toString() + ":" + final override int getDumpSortOrder() { + result = 11 + this.getPredecessorBlock().getDisplayIndex() } - final override string getDumpId() { result = getPredecessorBlock().getDisplayIndex().toString() } + final override string getDumpLabel() { + result = "from " + this.getPredecessorBlock().getDisplayIndex().toString() + ":" + } + + final override string getDumpId() { + result = this.getPredecessorBlock().getDisplayIndex().toString() + } /** * Gets the predecessor block from which this value comes. diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasAnalysisImports.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasAnalysisImports.qll index e0bf271dcc7..b0eb5ec98cb 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasAnalysisImports.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasAnalysisImports.qll @@ -36,7 +36,7 @@ module AliasModels { * Holds if this is the input value of the parameter with index `index`. * DEPRECATED: Use `isParameter(index)` instead. */ - deprecated final predicate isInParameter(ParameterIndex index) { isParameter(index) } + deprecated final predicate isInParameter(ParameterIndex index) { this.isParameter(index) } /** * Holds if this is the input value pointed to by a pointer parameter to a function, or the input @@ -63,7 +63,7 @@ module AliasModels { * DEPRECATED: Use `isParameterDeref(index)` instead. */ deprecated final predicate isInParameterPointer(ParameterIndex index) { - isParameterDeref(index) + this.isParameterDeref(index) } /** @@ -86,7 +86,7 @@ module AliasModels { * function. * DEPRECATED: Use `isQualifierObject()` instead. */ - deprecated final predicate isInQualifier() { isQualifierObject() } + deprecated final predicate isInQualifier() { this.isQualifierObject() } /** * Holds if this is the input value of the `this` pointer of an instance member function. @@ -184,7 +184,7 @@ module AliasModels { * DEPRECATED: Use `isParameterDeref(index)` instead. */ deprecated final predicate isOutParameterPointer(ParameterIndex index) { - isParameterDeref(index) + this.isParameterDeref(index) } /** @@ -207,7 +207,7 @@ module AliasModels { * function. * DEPRECATED: Use `isQualifierObject()` instead. */ - deprecated final predicate isOutQualifier() { isQualifierObject() } + deprecated final predicate isOutQualifier() { this.isQualifierObject() } /** * Holds if this is the value returned by a function. @@ -232,7 +232,7 @@ module AliasModels { * Holds if this is the value returned by a function. * DEPRECATED: Use `isReturnValue()` instead. */ - deprecated final predicate isOutReturnValue() { isReturnValue() } + deprecated final predicate isOutReturnValue() { this.isReturnValue() } /** * Holds if this is the output value pointed to by the return value of a function, if the function @@ -260,7 +260,7 @@ module AliasModels { * function returns a reference. * DEPRECATED: Use `isReturnValueDeref()` instead. */ - deprecated final predicate isOutReturnPointer() { isReturnValueDeref() } + deprecated final predicate isOutReturnPointer() { this.isReturnValueDeref() } /** * Holds if `i >= 0` and `isParameterDeref(i)` holds for this is the value, or diff --git a/csharp/ql/src/experimental/ir/internal/IRGuards.qll b/csharp/ql/src/experimental/ir/internal/IRGuards.qll index d01dcbed1e1..40780a3920e 100644 --- a/csharp/ql/src/experimental/ir/internal/IRGuards.qll +++ b/csharp/ql/src/experimental/ir/internal/IRGuards.qll @@ -147,7 +147,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardCondition { override predicate ensuresLt(Expr left, Expr right, int k, BasicBlock block, boolean isLessThan) { exists(boolean testIsTrue | - comparesLt(left, right, k, isLessThan, testIsTrue) and this.controls(block, testIsTrue) + this.comparesLt(left, right, k, isLessThan, testIsTrue) and this.controls(block, testIsTrue) ) } @@ -161,7 +161,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardCondition { override predicate ensuresEq(Expr left, Expr right, int k, BasicBlock block, boolean areEqual) { exists(boolean testIsTrue | - comparesEq(left, right, k, areEqual, testIsTrue) and this.controls(block, testIsTrue) + this.comparesEq(left, right, k, areEqual, testIsTrue) and this.controls(block, testIsTrue) ) } } @@ -326,9 +326,9 @@ class IRGuardCondition extends Instruction { cached predicate controlsEdge(IRBlock pred, IRBlock succ, boolean testIsTrue) { pred.getASuccessor() = succ and - controls(pred, testIsTrue) + this.controls(pred, testIsTrue) or - hasBranchEdge(succ, testIsTrue) and + this.hasBranchEdge(succ, testIsTrue) and branch.getCondition() = this and branch.getBlock() = pred } diff --git a/csharp/ql/src/experimental/ir/internal/IntegerInterval.qll b/csharp/ql/src/experimental/ir/internal/IntegerInterval.qll index cd12b9b627a..4f8f4b4e672 100644 --- a/csharp/ql/src/experimental/ir/internal/IntegerInterval.qll +++ b/csharp/ql/src/experimental/ir/internal/IntegerInterval.qll @@ -18,10 +18,11 @@ Overlap getOverlap(IntValue defStart, IntValue defEnd, IntValue useStart, IntVal else if isLE(defStart, useStart) and isGE(defEnd, useEnd) then result instanceof MustTotallyOverlap - else - if isLE(defEnd, useStart) or isGE(defStart, useEnd) - then none() - else result instanceof MayPartiallyOverlap + else ( + not isLE(defEnd, useStart) and + not isGE(defStart, useEnd) and + result instanceof MayPartiallyOverlap + ) } /** diff --git a/csharp/ql/src/experimental/ir/rangeanalysis/RangeUtils.qll b/csharp/ql/src/experimental/ir/rangeanalysis/RangeUtils.qll index 4a7f1d69840..b7fdfc3546f 100644 --- a/csharp/ql/src/experimental/ir/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/src/experimental/ir/rangeanalysis/RangeUtils.qll @@ -52,10 +52,7 @@ IntValue getArrayDim(Variable arr) { arr.getInitializer() = ac and if exists(ac.getLengthArgument(0)) then result = ac.getLengthArgument(0).getValue().toInt() - else - if exists(ac.getInitializer()) - then result = ac.getInitializer().getNumberOfElements() - else none() + else result = ac.getInitializer().getNumberOfElements() ) } diff --git a/csharp/ql/test/library-tests/assignables/AssignableDefinition.ql b/csharp/ql/test/library-tests/assignables/AssignableDefinition.ql index 6f24ecaa0e9..ad5facdab45 100644 --- a/csharp/ql/test/library-tests/assignables/AssignableDefinition.ql +++ b/csharp/ql/test/library-tests/assignables/AssignableDefinition.ql @@ -6,14 +6,14 @@ newtype TTargetAccessOption = class TargetAccessOption extends TTargetAccessOption { string toString() { - result = som().toString() + result = this.som().toString() or - exists(non()) and result = "" + exists(this.non()) and result = "" } Location getLocation() { - result = som().getLocation() or - result = non().getLocation() + result = this.som().getLocation() or + result = this.non().getLocation() } private AssignableAccess som() { this = TTargetAccessSome(result) } @@ -31,14 +31,14 @@ newtype TSourceOption = class SourceOption extends TSourceOption { string toString() { - result = som().toString() + result = this.som().toString() or - exists(non()) and result = "" + exists(this.non()) and result = "" } Location getLocation() { - result = som().getLocation() or - result = non().getLocation() + result = this.som().getLocation() or + result = this.non().getLocation() } private Expr som() { this = TSourceSome(result) } diff --git a/csharp/ql/test/library-tests/cil/consistency/Handles.ql b/csharp/ql/test/library-tests/cil/consistency/Handles.ql index a64ea94eb98..e67e4b29416 100644 --- a/csharp/ql/test/library-tests/cil/consistency/Handles.ql +++ b/csharp/ql/test/library-tests/cil/consistency/Handles.ql @@ -5,7 +5,7 @@ import dotnet class MetadataEntity extends DotNet::NamedElement, @metadata_entity { int getHandle() { metadata_handle(this, _, result) } - predicate hasHandle() { exists(getHandle()) } + predicate hasHandle() { exists(this.getHandle()) } Assembly getAssembly() { metadata_handle(this, result, _) } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll index f43a550af57..494780d2e1b 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll @@ -937,7 +937,7 @@ class CallContextSpecificCall extends CallContextCall, TSpecificCall { } override predicate relevantFor(DataFlowCallable callable) { - recordDataFlowCallSite(getCall(), callable) + recordDataFlowCallSite(this.getCall(), callable) } override predicate matchesCall(DataFlowCall call) { call = this.getCall() } @@ -1257,7 +1257,7 @@ abstract class AccessPathFront extends TAccessPathFront { TypedContent getHead() { this = TFrontHead(result) } - predicate isClearedAt(Node n) { clearsContentCached(n, getHead().getContent()) } + predicate isClearedAt(Node n) { clearsContentCached(n, this.getHead().getContent()) } } class AccessPathFrontNil extends AccessPathFront, TFrontNil { diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll index 558ecd1b88b..e450c11b5ab 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll @@ -28,7 +28,7 @@ class SsaReadPositionBlock extends SsaReadPosition, TSsaReadPositionBlock { /** Gets the basic block corresponding to this position. */ BasicBlock getBlock() { this = TSsaReadPositionBlock(result) } - override predicate hasReadOfVar(SsaVariable v) { getBlock() = getAReadBasicBlock(v) } + override predicate hasReadOfVar(SsaVariable v) { this.getBlock() = getAReadBasicBlock(v) } override string toString() { result = "block" } } @@ -49,8 +49,8 @@ class SsaReadPositionPhiInputEdge extends SsaReadPosition, TSsaReadPositionPhiIn /** Holds if `inp` is an input to `phi` along this edge. */ predicate phiInput(SsaPhiNode phi, SsaVariable inp) { - phi.hasInputFromBlock(inp, getOrigBlock()) and - getPhiBlock() = phi.getBasicBlock() + phi.hasInputFromBlock(inp, this.getOrigBlock()) and + this.getPhiBlock() = phi.getBasicBlock() } override string toString() { result = "edge" } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll b/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll index 6b70770b70e..b7596ebab49 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll @@ -37,7 +37,7 @@ predicate isGigaSpacesEventMethod(Method eventMethod) { class GigaSpacesSpaceIdGetterMethod extends Method { GigaSpacesSpaceIdGetterMethod() { getAnAnnotation().getType().hasQualifiedName("com.gigaspaces.annotation.pojo", "SpaceId") and - getName().prefix(3) = "get" + getName().matches("get%") } } @@ -48,7 +48,7 @@ class GigaSpacesSpaceIdSetterMethod extends Method { GigaSpacesSpaceIdSetterMethod() { exists(GigaSpacesSpaceIdGetterMethod getterMethod | getterMethod.getDeclaringType() = getDeclaringType() and - getName().prefix(3) = "set" + getName().matches("set%") | getterMethod.getName().suffix(3) = getName().suffix(3) ) @@ -62,6 +62,6 @@ class GigaSpacesSpaceIdSetterMethod extends Method { class GigaSpacesSpaceRoutingMethod extends Method { GigaSpacesSpaceRoutingMethod() { getAnAnnotation().getType().hasQualifiedName("com.gigaspaces.annotation.pojo", "SpaceRouting") and - getName().prefix(3) = "get" + getName().matches("get%") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll b/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll index c95c9f4c90f..8a6ee13ec57 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll @@ -24,11 +24,5 @@ predicate jOOQSqlMethod(Method m) { } private class SqlSinkCsv extends SinkModelCsv { - override predicate row(string row) { - row = - [ - //"package;type;overrides;name;signature;ext;spec;kind" - "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql" - ] - } + override predicate row(string row) { row = "org.jooq;PlainSQL;false;;;Annotated;Argument[0];sql" } } diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll index 32ee55723b2..17fedacdefe 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll @@ -37,7 +37,7 @@ class SpringProfileExpr extends string { * A Spring profile expression that begins with "!", indicating a negated expression. */ class NotSpringProfileExpr extends SpringProfileExpr { - NotSpringProfileExpr() { this.prefix(1) = "!" } + NotSpringProfileExpr() { this.matches("!%") } /** * Gets the profile described in this profile expression. diff --git a/java/ql/lib/semmle/code/java/security/InformationLeak.qll b/java/ql/lib/semmle/code/java/security/InformationLeak.qll index f68ddd5b121..3ea674521a0 100644 --- a/java/ql/lib/semmle/code/java/security/InformationLeak.qll +++ b/java/ql/lib/semmle/code/java/security/InformationLeak.qll @@ -9,9 +9,7 @@ import semmle.code.java.security.XSS private class DefaultInformationLeakSinkModel extends SinkModelCsv { override predicate row(string row) { row = - [ - "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak" - ] + "javax.servlet.http;HttpServletResponse;false;sendError;(int,String);;Argument[1];information-leak" } } diff --git a/java/ql/lib/semmle/code/xml/MavenPom.qll b/java/ql/lib/semmle/code/xml/MavenPom.qll index fe6985ba811..921f9be0bff 100644 --- a/java/ql/lib/semmle/code/xml/MavenPom.qll +++ b/java/ql/lib/semmle/code/xml/MavenPom.qll @@ -129,7 +129,7 @@ class Pom extends ProtoPom { * occurs by considering the properties defined by this project or an ancestor project. */ string resolvePlaceholder(string name) { - if name.prefix(8) = "project." + if name.matches("project.%") then exists(PomElement p | p = getProjectProperty() and diff --git a/java/ql/lib/semmle/code/xml/XML.qll b/java/ql/lib/semmle/code/xml/XML.qll index 4c762f4bf65..76f3b3cb022 100755 --- a/java/ql/lib/semmle/code/xml/XML.qll +++ b/java/ql/lib/semmle/code/xml/XML.qll @@ -108,7 +108,7 @@ class XMLParent extends @xmlparent { } /** Gets the text value contained in this XML parent. */ - string getTextValue() { result = allCharactersString() } + string getTextValue() { result = this.allCharactersString() } /** Gets a printable representation of this XML parent. */ string toString() { result = this.getName() } @@ -119,7 +119,7 @@ class XMLFile extends XMLParent, File { XMLFile() { xmlEncoding(this, _) } /** Gets a printable representation of this XML file. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } /** Gets the name of this XML file. */ override string getName() { result = File.super.getAbsolutePath() } @@ -129,14 +129,14 @@ class XMLFile extends XMLParent, File { * * Gets the path of this XML file. */ - deprecated string getPath() { result = getAbsolutePath() } + deprecated string getPath() { result = this.getAbsolutePath() } /** * DEPRECATED: Use `getParentContainer().getAbsolutePath()` instead. * * Gets the path of the folder that contains this XML file. */ - deprecated string getFolder() { result = getParentContainer().getAbsolutePath() } + deprecated string getFolder() { result = this.getParentContainer().getAbsolutePath() } /** Gets the encoding of this XML file. */ string getEncoding() { xmlEncoding(this, result) } @@ -200,7 +200,7 @@ class XMLDTD extends XMLLocatable, @xmldtd { */ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { /** Holds if this XML element has the given `name`. */ - predicate hasName(string name) { name = getName() } + predicate hasName(string name) { name = this.getName() } /** Gets the name of this XML element. */ override string getName() { xmlElements(this, result, _, _, _) } @@ -239,7 +239,7 @@ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { string getAttributeValue(string name) { result = this.getAttribute(name).getValue() } /** Gets a printable representation of this XML element. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** diff --git a/java/ql/lib/tutorial.qll b/java/ql/lib/tutorial.qll new file mode 100644 index 00000000000..8cb1797a532 --- /dev/null +++ b/java/ql/lib/tutorial.qll @@ -0,0 +1,1207 @@ +/** + * This library is used in the QL detective tutorials. + * + * Note: Data is usually stored in a separate database and the QL libraries only contain predicates, + * but for this tutorial both the data and the predicates are stored in the library. + */ +class Person extends string { + Person() { + this = "Ronil" or + this = "Dina" or + this = "Ravi" or + this = "Bruce" or + this = "Jo" or + this = "Aida" or + this = "Esme" or + this = "Charlie" or + this = "Fred" or + this = "Meera" or + this = "Maya" or + this = "Chad" or + this = "Tiana" or + this = "Laura" or + this = "George" or + this = "Will" or + this = "Mary" or + this = "Almira" or + this = "Susannah" or + this = "Rhoda" or + this = "Cynthia" or + this = "Eunice" or + this = "Olive" or + this = "Virginia" or + this = "Angeline" or + this = "Helen" or + this = "Cornelia" or + this = "Harriet" or + this = "Mahala" or + this = "Abby" or + this = "Margaret" or + this = "Deb" or + this = "Minerva" or + this = "Severus" or + this = "Lavina" or + this = "Adeline" or + this = "Cath" or + this = "Elisa" or + this = "Lucretia" or + this = "Anne" or + this = "Eleanor" or + this = "Joanna" or + this = "Adam" or + this = "Agnes" or + this = "Rosanna" or + this = "Clara" or + this = "Melissa" or + this = "Amy" or + this = "Isabel" or + this = "Jemima" or + this = "Cordelia" or + this = "Melinda" or + this = "Delila" or + this = "Jeremiah" or + this = "Elijah" or + this = "Hester" or + this = "Walter" or + this = "Oliver" or + this = "Hugh" or + this = "Aaron" or + this = "Reuben" or + this = "Eli" or + this = "Amos" or + this = "Augustus" or + this = "Theodore" or + this = "Ira" or + this = "Timothy" or + this = "Cyrus" or + this = "Horace" or + this = "Simon" or + this = "Asa" or + this = "Frank" or + this = "Nelson" or + this = "Leonard" or + this = "Harrison" or + this = "Anthony" or + this = "Louis" or + this = "Milton" or + this = "Noah" or + this = "Cornelius" or + this = "Abdul" or + this = "Warren" or + this = "Harvey" or + this = "Dennis" or + this = "Wesley" or + this = "Sylvester" or + this = "Gilbert" or + this = "Sullivan" or + this = "Edmund" or + this = "Wilson" or + this = "Perry" or + this = "Matthew" or + this = "Simba" or + this = "Nala" or + this = "Rafiki" or + this = "Shenzi" or + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Edwin" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" or + this = "Stephen" + } + + /** Gets the hair color of the person. If the person is bald, there is no result. */ + string getHairColor() { + this = "Ronil" and result = "black" + or + this = "Dina" and result = "black" + or + this = "Ravi" and result = "black" + or + this = "Bruce" and result = "brown" + or + this = "Jo" and result = "red" + or + this = "Aida" and result = "blond" + or + this = "Esme" and result = "blond" + or + this = "Fred" and result = "gray" + or + this = "Meera" and result = "brown" + or + this = "Maya" and result = "brown" + or + this = "Chad" and result = "brown" + or + this = "Tiana" and result = "black" + or + this = "Laura" and result = "blond" + or + this = "George" and result = "blond" + or + this = "Will" and result = "blond" + or + this = "Mary" and result = "blond" + or + this = "Almira" and result = "black" + or + this = "Susannah" and result = "blond" + or + this = "Rhoda" and result = "blond" + or + this = "Cynthia" and result = "gray" + or + this = "Eunice" and result = "white" + or + this = "Olive" and result = "brown" + or + this = "Virginia" and result = "brown" + or + this = "Angeline" and result = "red" + or + this = "Helen" and result = "white" + or + this = "Cornelia" and result = "gray" + or + this = "Harriet" and result = "white" + or + this = "Mahala" and result = "black" + or + this = "Abby" and result = "red" + or + this = "Margaret" and result = "brown" + or + this = "Deb" and result = "brown" + or + this = "Minerva" and result = "brown" + or + this = "Severus" and result = "black" + or + this = "Lavina" and result = "brown" + or + this = "Adeline" and result = "brown" + or + this = "Cath" and result = "brown" + or + this = "Elisa" and result = "brown" + or + this = "Lucretia" and result = "gray" + or + this = "Anne" and result = "black" + or + this = "Eleanor" and result = "brown" + or + this = "Joanna" and result = "brown" + or + this = "Adam" and result = "black" + or + this = "Agnes" and result = "black" + or + this = "Rosanna" and result = "gray" + or + this = "Clara" and result = "blond" + or + this = "Melissa" and result = "brown" + or + this = "Amy" and result = "brown" + or + this = "Isabel" and result = "black" + or + this = "Jemima" and result = "red" + or + this = "Cordelia" and result = "red" + or + this = "Melinda" and result = "gray" + or + this = "Delila" and result = "white" + or + this = "Jeremiah" and result = "gray" + or + this = "Hester" and result = "black" + or + this = "Walter" and result = "black" + or + this = "Aaron" and result = "gray" + or + this = "Reuben" and result = "gray" + or + this = "Eli" and result = "gray" + or + this = "Amos" and result = "white" + or + this = "Augustus" and result = "white" + or + this = "Theodore" and result = "white" + or + this = "Timothy" and result = "brown" + or + this = "Cyrus" and result = "brown" + or + this = "Horace" and result = "brown" + or + this = "Simon" and result = "brown" + or + this = "Asa" and result = "brown" + or + this = "Frank" and result = "brown" + or + this = "Nelson" and result = "black" + or + this = "Leonard" and result = "black" + or + this = "Harrison" and result = "black" + or + this = "Anthony" and result = "black" + or + this = "Louis" and result = "black" + or + this = "Milton" and result = "blond" + or + this = "Noah" and result = "blond" + or + this = "Cornelius" and result = "red" + or + this = "Abdul" and result = "brown" + or + this = "Warren" and result = "red" + or + this = "Harvey" and result = "blond" + or + this = "Dennis" and result = "blond" + or + this = "Wesley" and result = "brown" + or + this = "Sylvester" and result = "brown" + or + this = "Gilbert" and result = "brown" + or + this = "Sullivan" and result = "brown" + or + this = "Edmund" and result = "brown" + or + this = "Wilson" and result = "blond" + or + this = "Perry" and result = "black" + or + this = "Simba" and result = "brown" + or + this = "Nala" and result = "brown" + or + this = "Rafiki" and result = "red" + or + this = "Shenzi" and result = "gray" + or + this = "Ernest" and result = "blond" + or + this = "Gertrude" and result = "brown" + or + this = "Oscar" and result = "blond" + or + this = "Lilian" and result = "brown" + or + this = "Raymond" and result = "brown" + or + this = "Elgar" and result = "brown" + or + this = "Elmer" and result = "brown" + or + this = "Herbert" and result = "brown" + or + this = "Maude" and result = "brown" + or + this = "Mae" and result = "brown" + or + this = "Otto" and result = "black" + or + this = "Edwin" and result = "black" + or + this = "Ophelia" and result = "brown" + or + this = "Parsley" and result = "brown" + or + this = "Sage" and result = "brown" + or + this = "Rosemary" and result = "brown" + or + this = "Thyme" and result = "brown" + or + this = "Garfunkel" and result = "brown" + or + this = "King Basil" and result = "brown" + or + this = "Stephen" and result = "black" + or + this = "Stephen" and result = "gray" + } + + /** Gets the age of the person (in years). If the person is deceased, there is no result. */ + int getAge() { + this = "Ronil" and result = 21 + or + this = "Dina" and result = 53 + or + this = "Ravi" and result = 16 + or + this = "Bruce" and result = 35 + or + this = "Jo" and result = 47 + or + this = "Aida" and result = 26 + or + this = "Esme" and result = 25 + or + this = "Charlie" and result = 31 + or + this = "Fred" and result = 68 + or + this = "Meera" and result = 62 + or + this = "Maya" and result = 29 + or + this = "Chad" and result = 49 + or + this = "Tiana" and result = 18 + or + this = "Laura" and result = 2 + or + this = "George" and result = 3 + or + this = "Will" and result = 41 + or + this = "Mary" and result = 51 + or + this = "Almira" and result = 1 + or + this = "Susannah" and result = 97 + or + this = "Rhoda" and result = 39 + or + this = "Cynthia" and result = 89 + or + this = "Eunice" and result = 83 + or + this = "Olive" and result = 25 + or + this = "Virginia" and result = 52 + or + this = "Angeline" and result = 22 + or + this = "Helen" and result = 79 + or + this = "Cornelia" and result = 59 + or + this = "Harriet" and result = 57 + or + this = "Mahala" and result = 61 + or + this = "Abby" and result = 24 + or + this = "Margaret" and result = 59 + or + this = "Deb" and result = 31 + or + this = "Minerva" and result = 72 + or + this = "Severus" and result = 61 + or + this = "Lavina" and result = 33 + or + this = "Adeline" and result = 17 + or + this = "Cath" and result = 22 + or + this = "Elisa" and result = 9 + or + this = "Lucretia" and result = 56 + or + this = "Anne" and result = 11 + or + this = "Eleanor" and result = 80 + or + this = "Joanna" and result = 43 + or + this = "Adam" and result = 37 + or + this = "Agnes" and result = 47 + or + this = "Rosanna" and result = 61 + or + this = "Clara" and result = 31 + or + this = "Melissa" and result = 37 + or + this = "Amy" and result = 12 + or + this = "Isabel" and result = 6 + or + this = "Jemima" and result = 16 + or + this = "Cordelia" and result = 21 + or + this = "Melinda" and result = 55 + or + this = "Delila" and result = 66 + or + this = "Jeremiah" and result = 54 + or + this = "Elijah" and result = 42 + or + this = "Hester" and result = 68 + or + this = "Walter" and result = 66 + or + this = "Oliver" and result = 33 + or + this = "Hugh" and result = 51 + or + this = "Aaron" and result = 49 + or + this = "Reuben" and result = 58 + or + this = "Eli" and result = 70 + or + this = "Amos" and result = 65 + or + this = "Augustus" and result = 56 + or + this = "Theodore" and result = 69 + or + this = "Ira" and result = 1 + or + this = "Timothy" and result = 54 + or + this = "Cyrus" and result = 78 + or + this = "Horace" and result = 34 + or + this = "Simon" and result = 23 + or + this = "Asa" and result = 28 + or + this = "Frank" and result = 59 + or + this = "Nelson" and result = 38 + or + this = "Leonard" and result = 58 + or + this = "Harrison" and result = 7 + or + this = "Anthony" and result = 2 + or + this = "Louis" and result = 34 + or + this = "Milton" and result = 36 + or + this = "Noah" and result = 48 + or + this = "Cornelius" and result = 41 + or + this = "Abdul" and result = 67 + or + this = "Warren" and result = 47 + or + this = "Harvey" and result = 31 + or + this = "Dennis" and result = 39 + or + this = "Wesley" and result = 13 + or + this = "Sylvester" and result = 19 + or + this = "Gilbert" and result = 16 + or + this = "Sullivan" and result = 17 + or + this = "Edmund" and result = 29 + or + this = "Wilson" and result = 27 + or + this = "Perry" and result = 31 + or + this = "Matthew" and result = 55 + or + this = "Simba" and result = 8 + or + this = "Nala" and result = 7 + or + this = "Rafiki" and result = 76 + or + this = "Shenzi" and result = 67 + } + + /** Gets the height of the person (in cm). If the person is deceased, there is no result. */ + float getHeight() { + this = "Ronil" and result = 183.0 + or + this = "Dina" and result = 155.1 + or + this = "Ravi" and result = 175.2 + or + this = "Bruce" and result = 191.3 + or + this = "Jo" and result = 163.4 + or + this = "Aida" and result = 182.6 + or + this = "Esme" and result = 176.9 + or + this = "Charlie" and result = 189.7 + or + this = "Fred" and result = 179.4 + or + this = "Meera" and result = 160.1 + or + this = "Maya" and result = 153.0 + or + this = "Chad" and result = 168.5 + or + this = "Tiana" and result = 149.7 + or + this = "Laura" and result = 87.5 + or + this = "George" and result = 96.4 + or + this = "Will" and result = 167.1 + or + this = "Mary" and result = 159.8 + or + this = "Almira" and result = 62.1 + or + this = "Susannah" and result = 145.8 + or + this = "Rhoda" and result = 180.1 + or + this = "Cynthia" and result = 161.8 + or + this = "Eunice" and result = 153.2 + or + this = "Olive" and result = 179.9 + or + this = "Virginia" and result = 165.1 + or + this = "Angeline" and result = 172.3 + or + this = "Helen" and result = 163.1 + or + this = "Cornelia" and result = 160.8 + or + this = "Harriet" and result = 163.2 + or + this = "Mahala" and result = 157.7 + or + this = "Abby" and result = 174.5 + or + this = "Margaret" and result = 165.6 + or + this = "Deb" and result = 171.6 + or + this = "Minerva" and result = 168.7 + or + this = "Severus" and result = 188.8 + or + this = "Lavina" and result = 155.1 + or + this = "Adeline" and result = 165.5 + or + this = "Cath" and result = 147.8 + or + this = "Elisa" and result = 129.4 + or + this = "Lucretia" and result = 153.6 + or + this = "Anne" and result = 140.4 + or + this = "Eleanor" and result = 151.1 + or + this = "Joanna" and result = 167.2 + or + this = "Adam" and result = 155.5 + or + this = "Agnes" and result = 156.8 + or + this = "Rosanna" and result = 162.4 + or + this = "Clara" and result = 158.6 + or + this = "Melissa" and result = 182.3 + or + this = "Amy" and result = 147.1 + or + this = "Isabel" and result = 121.4 + or + this = "Jemima" and result = 149.8 + or + this = "Cordelia" and result = 151.7 + or + this = "Melinda" and result = 154.4 + or + this = "Delila" and result = 163.4 + or + this = "Jeremiah" and result = 167.5 + or + this = "Elijah" and result = 184.5 + or + this = "Hester" and result = 152.7 + or + this = "Walter" and result = 159.6 + or + this = "Oliver" and result = 192.4 + or + this = "Hugh" and result = 173.1 + or + this = "Aaron" and result = 176.6 + or + this = "Reuben" and result = 169.9 + or + this = "Eli" and result = 180.4 + or + this = "Amos" and result = 167.4 + or + this = "Augustus" and result = 156.5 + or + this = "Theodore" and result = 176.6 + or + this = "Ira" and result = 54.1 + or + this = "Timothy" and result = 172.2 + or + this = "Cyrus" and result = 157.9 + or + this = "Horace" and result = 169.3 + or + this = "Simon" and result = 157.1 + or + this = "Asa" and result = 149.4 + or + this = "Frank" and result = 167.2 + or + this = "Nelson" and result = 173.0 + or + this = "Leonard" and result = 172.0 + or + this = "Harrison" and result = 126.0 + or + this = "Anthony" and result = 98.4 + or + this = "Louis" and result = 186.8 + or + this = "Milton" and result = 157.8 + or + this = "Noah" and result = 190.5 + or + this = "Cornelius" and result = 183.1 + or + this = "Abdul" and result = 182.0 + or + this = "Warren" and result = 175.0 + or + this = "Harvey" and result = 169.3 + or + this = "Dennis" and result = 160.4 + or + this = "Wesley" and result = 139.8 + or + this = "Sylvester" and result = 188.2 + or + this = "Gilbert" and result = 177.6 + or + this = "Sullivan" and result = 168.3 + or + this = "Edmund" and result = 159.2 + or + this = "Wilson" and result = 167.6 + or + this = "Perry" and result = 189.1 + or + this = "Matthew" and result = 167.2 + or + this = "Simba" and result = 140.1 + or + this = "Nala" and result = 138.0 + or + this = "Rafiki" and result = 139.3 + or + this = "Shenzi" and result = 171.1 + } + + /** Gets the location of the person's home ("north", "south", "east", or "west"). If the person is deceased, there is no result. */ + string getLocation() { + this = "Ronil" and result = "north" + or + this = "Dina" and result = "north" + or + this = "Ravi" and result = "north" + or + this = "Bruce" and result = "south" + or + this = "Jo" and result = "west" + or + this = "Aida" and result = "east" + or + this = "Esme" and result = "east" + or + this = "Charlie" and result = "south" + or + this = "Fred" and result = "west" + or + this = "Meera" and result = "south" + or + this = "Maya" and result = "south" + or + this = "Chad" and result = "south" + or + this = "Tiana" and result = "west" + or + this = "Laura" and result = "south" + or + this = "George" and result = "south" + or + this = "Will" and result = "south" + or + this = "Mary" and result = "south" + or + this = "Almira" and result = "south" + or + this = "Susannah" and result = "north" + or + this = "Rhoda" and result = "north" + or + this = "Cynthia" and result = "north" + or + this = "Eunice" and result = "north" + or + this = "Olive" and result = "west" + or + this = "Virginia" and result = "west" + or + this = "Angeline" and result = "west" + or + this = "Helen" and result = "west" + or + this = "Cornelia" and result = "east" + or + this = "Harriet" and result = "east" + or + this = "Mahala" and result = "east" + or + this = "Abby" and result = "east" + or + this = "Margaret" and result = "east" + or + this = "Deb" and result = "east" + or + this = "Minerva" and result = "south" + or + this = "Severus" and result = "north" + or + this = "Lavina" and result = "east" + or + this = "Adeline" and result = "west" + or + this = "Cath" and result = "east" + or + this = "Elisa" and result = "east" + or + this = "Lucretia" and result = "north" + or + this = "Anne" and result = "north" + or + this = "Eleanor" and result = "south" + or + this = "Joanna" and result = "south" + or + this = "Adam" and result = "east" + or + this = "Agnes" and result = "east" + or + this = "Rosanna" and result = "east" + or + this = "Clara" and result = "east" + or + this = "Melissa" and result = "west" + or + this = "Amy" and result = "west" + or + this = "Isabel" and result = "west" + or + this = "Jemima" and result = "west" + or + this = "Cordelia" and result = "west" + or + this = "Melinda" and result = "west" + or + this = "Delila" and result = "south" + or + this = "Jeremiah" and result = "north" + or + this = "Elijah" and result = "north" + or + this = "Hester" and result = "east" + or + this = "Walter" and result = "east" + or + this = "Oliver" and result = "east" + or + this = "Hugh" and result = "south" + or + this = "Aaron" and result = "south" + or + this = "Reuben" and result = "west" + or + this = "Eli" and result = "west" + or + this = "Amos" and result = "east" + or + this = "Augustus" and result = "south" + or + this = "Theodore" and result = "west" + or + this = "Ira" and result = "south" + or + this = "Timothy" and result = "north" + or + this = "Cyrus" and result = "north" + or + this = "Horace" and result = "east" + or + this = "Simon" and result = "east" + or + this = "Asa" and result = "east" + or + this = "Frank" and result = "west" + or + this = "Nelson" and result = "west" + or + this = "Leonard" and result = "west" + or + this = "Harrison" and result = "north" + or + this = "Anthony" and result = "north" + or + this = "Louis" and result = "north" + or + this = "Milton" and result = "south" + or + this = "Noah" and result = "south" + or + this = "Cornelius" and result = "east" + or + this = "Abdul" and result = "east" + or + this = "Warren" and result = "west" + or + this = "Harvey" and result = "west" + or + this = "Dennis" and result = "west" + or + this = "Wesley" and result = "west" + or + this = "Sylvester" and result = "south" + or + this = "Gilbert" and result = "east" + or + this = "Sullivan" and result = "east" + or + this = "Edmund" and result = "north" + or + this = "Wilson" and result = "north" + or + this = "Perry" and result = "west" + or + this = "Matthew" and result = "east" + or + this = "Simba" and result = "south" + or + this = "Nala" and result = "south" + or + this = "Rafiki" and result = "north" + or + this = "Shenzi" and result = "west" + } + + /** Holds if the person is deceased. */ + predicate isDeceased() { + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Edwin" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" + } + + /** Gets a parent of the person (alive or deceased). */ + Person getAParent() { + this = "Stephen" and result = "Edmund" + or + this = "Edmund" and result = "Augustus" + or + this = "Augustus" and result = "Stephen" + or + this = "Abby" and result = "Cornelia" + or + this = "Abby" and result = "Amos" + or + this = "Abdul" and result = "Susannah" + or + this = "Adam" and result = "Amos" + or + this = "Adeline" and result = "Melinda" + or + this = "Adeline" and result = "Frank" + or + this = "Agnes" and result = "Abdul" + or + this = "Aida" and result = "Agnes" + or + this = "Almira" and result = "Sylvester" + or + this = "Amos" and result = "Eunice" + or + this = "Amy" and result = "Noah" + or + this = "Amy" and result = "Chad" + or + this = "Angeline" and result = "Reuben" + or + this = "Angeline" and result = "Lucretia" + or + this = "Anne" and result = "Rhoda" + or + this = "Anne" and result = "Louis" + or + this = "Anthony" and result = "Lavina" + or + this = "Anthony" and result = "Asa" + or + this = "Asa" and result = "Cornelia" + or + this = "Cath" and result = "Harriet" + or + this = "Charlie" and result = "Matthew" + or + this = "Clara" and result = "Ernest" + or + this = "Cornelia" and result = "Cynthia" + or + this = "Cornelius" and result = "Eli" + or + this = "Deb" and result = "Margaret" + or + this = "Dennis" and result = "Fred" + or + this = "Eli" and result = "Susannah" + or + this = "Elijah" and result = "Delila" + or + this = "Elisa" and result = "Deb" + or + this = "Elisa" and result = "Horace" + or + this = "Esme" and result = "Margaret" + or + this = "Frank" and result = "Eleanor" + or + this = "Frank" and result = "Cyrus" + or + this = "George" and result = "Maya" + or + this = "George" and result = "Wilson" + or + this = "Gilbert" and result = "Cornelius" + or + this = "Harriet" and result = "Cynthia" + or + this = "Harrison" and result = "Louis" + or + this = "Harvey" and result = "Fred" + or + this = "Helen" and result = "Susannah" + or + this = "Hester" and result = "Edwin" + or + this = "Hugh" and result = "Cyrus" + or + this = "Hugh" and result = "Helen" + or + this = "Ira" and result = "Maya" + or + this = "Ira" and result = "Wilson" + or + this = "Isabel" and result = "Perry" + or + this = "Isabel" and result = "Harvey" + or + this = "Jemima" and result = "Melinda" + or + this = "Jemima" and result = "Frank" + or + this = "Ernest" and result = "Lilian" + or + this = "Ernest" and result = "Oscar" + or + this = "Gertrude" and result = "Ophelia" + or + this = "Gertrude" and result = "Raymond" + or + this = "Lilian" and result = "Elgar" + or + this = "Lilian" and result = "Mae" + or + this = "Raymond" and result = "Elgar" + or + this = "Raymond" and result = "Mae" + or + this = "Elmer" and result = "Ophelia" + or + this = "Elmer" and result = "Raymond" + or + this = "Herbert" and result = "Ophelia" + or + this = "Herbert" and result = "Raymond" + or + this = "Maude" and result = "Ophelia" + or + this = "Maude" and result = "Raymond" + or + this = "Otto" and result = "Elgar" + or + this = "Otto" and result = "Mae" + or + this = "Edwin" and result = "Otto" + or + this = "Parsley" and result = "Simon" + or + this = "Parsley" and result = "Garfunkel" + or + this = "Sage" and result = "Simon" + or + this = "Sage" and result = "Garfunkel" + or + this = "Rosemary" and result = "Simon" + or + this = "Rosemary" and result = "Garfunkel" + or + this = "Thyme" and result = "Simon" + or + this = "Thyme" and result = "Garfunkel" + or + this = "King Basil" and result = "Ophelia" + or + this = "King Basil" and result = "Raymond" + or + this = "Jo" and result = "Theodore" + or + this = "Joanna" and result = "Shenzi" + or + this = "Laura" and result = "Maya" + or + this = "Laura" and result = "Wilson" + or + this = "Lavina" and result = "Mahala" + or + this = "Lavina" and result = "Walter" + or + this = "Leonard" and result = "Cyrus" + or + this = "Leonard" and result = "Helen" + or + this = "Lucretia" and result = "Eleanor" + or + this = "Lucretia" and result = "Cyrus" + or + this = "Mahala" and result = "Eunice" + or + this = "Margaret" and result = "Cynthia" + or + this = "Matthew" and result = "Cyrus" + or + this = "Matthew" and result = "Helen" + or + this = "Maya" and result = "Meera" + or + this = "Melinda" and result = "Rafiki" + or + this = "Melissa" and result = "Mahala" + or + this = "Melissa" and result = "Walter" + or + this = "Nala" and result = "Bruce" + or + this = "Nelson" and result = "Mahala" + or + this = "Nelson" and result = "Walter" + or + this = "Noah" and result = "Eli" + or + this = "Olive" and result = "Reuben" + or + this = "Olive" and result = "Lucretia" + or + this = "Oliver" and result = "Matthew" + or + this = "Perry" and result = "Leonard" + or + this = "Ravi" and result = "Dina" + or + this = "Simba" and result = "Will" + or + this = "Simon" and result = "Margaret" + or + this = "Sullivan" and result = "Cornelius" + or + this = "Sylvester" and result = "Timothy" + or + this = "Theodore" and result = "Susannah" + or + this = "Tiana" and result = "Jo" + or + this = "Virginia" and result = "Helen" + or + this = "Warren" and result = "Shenzi" + or + this = "Wesley" and result = "Warren" + or + this = "Wesley" and result = "Jo" + or + this = "Will" and result = "Eli" + } + + /** Holds if the person is allowed in the region. Initially, all villagers are allowed in every region. */ + predicate isAllowedIn(string region) { + region = "north" or + region = "south" or + region = "east" or + region = "west" + } +} + +/** Returns a parent of the person. */ +Person parentOf(Person p) { result = p.getAParent() } diff --git a/java/ql/test/library-tests/frameworks/stream/test.ql b/java/ql/test/library-tests/frameworks/stream/test.ql index ff94106f985..b9baef32869 100644 --- a/java/ql/test/library-tests/frameworks/stream/test.ql +++ b/java/ql/test/library-tests/frameworks/stream/test.ql @@ -4,9 +4,6 @@ import TestUtilities.InlineFlowTest class SummaryModelTest extends SummaryModelCsv { override predicate row(string row) { row = - [ - //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind", - "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value" - ] + "generatedtest;Test;false;getElementSpliterator;(Spliterator);;Element of Argument[0];ReturnValue;value" } } diff --git a/java/ql/test/library-tests/optional/test.ql b/java/ql/test/library-tests/optional/test.ql index 1edfda2487a..a5a61097dde 100644 --- a/java/ql/test/library-tests/optional/test.ql +++ b/java/ql/test/library-tests/optional/test.ql @@ -3,10 +3,6 @@ import TestUtilities.InlineFlowTest class SummaryModelTest extends SummaryModelCsv { override predicate row(string row) { - row = - [ - //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind", - "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value" - ] + row = "generatedtest;Test;false;getStreamElement;;;Element of Argument[0];ReturnValue;value" } } diff --git a/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql b/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql index 1cd3e59fc6b..6bfde865e85 100644 --- a/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql +++ b/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql @@ -20,7 +20,7 @@ class XSSConfig extends TaintTracking::Configuration { class XssTest extends InlineExpectationsTest { XssTest() { this = "XssTest" } - override string getARelevantTag() { result = ["xss"] } + override string getARelevantTag() { result = "xss" } override predicate hasActualResult(Location location, string element, string tag, string value) { tag = "xss" and diff --git a/javascript/ql/lib/semmle/javascript/RangeAnalysis.qll b/javascript/ql/lib/semmle/javascript/RangeAnalysis.qll index 28f8b59c3fe..d1e9b48a6d0 100644 --- a/javascript/ql/lib/semmle/javascript/RangeAnalysis.qll +++ b/javascript/ql/lib/semmle/javascript/RangeAnalysis.qll @@ -236,10 +236,9 @@ module RangeAnalysis { ) { if exists(r.getImmediatePredecessor()) then linearDefinitionSum(r.getImmediatePredecessor(), xroot, xsign, yroot, ysign, bias) - else - if exists(r.asExpr().getIntValue()) - then none() // do not model constants as sums - else ( + else ( + not exists(r.asExpr().getIntValue()) and // do not model constants as sums + ( exists(AddExpr add, int bias1, int bias2 | r.asExpr() = add | // r = r1 + r2 linearDefinition(add.getLeftOperand().flow(), xroot, xsign, bias1) and @@ -257,6 +256,7 @@ module RangeAnalysis { linearDefinitionSum(r.asExpr().(NegExpr).getOperand().flow(), xroot, -xsign, yroot, -ysign, -bias) ) + ) } /** diff --git a/javascript/ql/lib/semmle/javascript/XML.qll b/javascript/ql/lib/semmle/javascript/XML.qll index 4c762f4bf65..76f3b3cb022 100755 --- a/javascript/ql/lib/semmle/javascript/XML.qll +++ b/javascript/ql/lib/semmle/javascript/XML.qll @@ -108,7 +108,7 @@ class XMLParent extends @xmlparent { } /** Gets the text value contained in this XML parent. */ - string getTextValue() { result = allCharactersString() } + string getTextValue() { result = this.allCharactersString() } /** Gets a printable representation of this XML parent. */ string toString() { result = this.getName() } @@ -119,7 +119,7 @@ class XMLFile extends XMLParent, File { XMLFile() { xmlEncoding(this, _) } /** Gets a printable representation of this XML file. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } /** Gets the name of this XML file. */ override string getName() { result = File.super.getAbsolutePath() } @@ -129,14 +129,14 @@ class XMLFile extends XMLParent, File { * * Gets the path of this XML file. */ - deprecated string getPath() { result = getAbsolutePath() } + deprecated string getPath() { result = this.getAbsolutePath() } /** * DEPRECATED: Use `getParentContainer().getAbsolutePath()` instead. * * Gets the path of the folder that contains this XML file. */ - deprecated string getFolder() { result = getParentContainer().getAbsolutePath() } + deprecated string getFolder() { result = this.getParentContainer().getAbsolutePath() } /** Gets the encoding of this XML file. */ string getEncoding() { xmlEncoding(this, result) } @@ -200,7 +200,7 @@ class XMLDTD extends XMLLocatable, @xmldtd { */ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { /** Holds if this XML element has the given `name`. */ - predicate hasName(string name) { name = getName() } + predicate hasName(string name) { name = this.getName() } /** Gets the name of this XML element. */ override string getName() { xmlElements(this, result, _, _, _) } @@ -239,7 +239,7 @@ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { string getAttributeValue(string name) { result = this.getAttribute(name).getValue() } /** Gets a printable representation of this XML element. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll b/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll index 4041a7e7413..6a2e0132678 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Angular2.qll @@ -152,7 +152,7 @@ module Angular2 { /** A value that is about to be promoted to a trusted script value. */ private class AngularCodeInjectionSink extends CodeInjection::Sink { AngularCodeInjectionSink() { - this = domSanitizer().getAMethodCall(["bypassSecurityTrustScript"]).getArgument(0) + this = domSanitizer().getAMethodCall("bypassSecurityTrustScript").getArgument(0) } } diff --git a/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll b/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll index 6887758b064..1fd4e49db5a 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/ComposedFunctions.qll @@ -82,7 +82,7 @@ module FunctionCompositionCall { /** A call whose arguments are functions `f,g,h` which are composed into `f(g(h(...))` */ private class RightToLeft extends WithArrayOverloading { RightToLeft() { - this = DataFlow::moduleImport(["compose-function"]).getACall() + this = DataFlow::moduleImport("compose-function").getACall() or this = DataFlow::moduleMember(["redux", "ramda", "@reduxjs/toolkit", "recompose"], "compose") diff --git a/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll b/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll index 46a813d5c08..c1b4811e889 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/MooTools.qll @@ -35,7 +35,7 @@ module MooTools { predicate interpretsNodeAsHtml(DataFlow::Node node) { exists(Element e | node = e.getAnElementPropertyValue("html") or - node = e.getAMethodCall(["appendHtml"]).getArgument(0) + node = e.getAMethodCall("appendHtml").getArgument(0) ) } } diff --git a/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll b/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll index 43fde9639c2..7a88b3f94c3 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll @@ -727,7 +727,7 @@ module NodeJSLib { result = getParameter(1).getARhs() } - override predicate isSync() { "Sync" = methodName.suffix(methodName.length() - 4) } + override predicate isSync() { methodName.matches("%Sync") } override DataFlow::Node getOptionsArg() { not result.getALocalSource() instanceof DataFlow::FunctionNode and // looks like callback diff --git a/javascript/ql/lib/semmle/javascript/frameworks/SystemCommandExecutors.qll b/javascript/ql/lib/semmle/javascript/frameworks/SystemCommandExecutors.qll index ce445cfd174..89eb8c9e9ea 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/SystemCommandExecutors.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/SystemCommandExecutors.qll @@ -107,9 +107,7 @@ private class SystemCommandExecutors extends SystemCommandExecution, DataFlow::I */ bindingset[name] private boolean getSync(string name) { - if name.suffix(name.length() - 4) = "Sync" or name.suffix(name.length() - 4) = "sync" - then result = true - else result = false + if name.matches("%Sync") or name.matches("%sync") then result = true else result = false } private class RemoteCommandExecutor extends SystemCommandExecution, DataFlow::InvokeNode { diff --git a/javascript/ql/lib/semmle/javascript/security/UselessUseOfCat.qll b/javascript/ql/lib/semmle/javascript/security/UselessUseOfCat.qll index 604a8182e96..b2b65038508 100644 --- a/javascript/ql/lib/semmle/javascript/security/UselessUseOfCat.qll +++ b/javascript/ql/lib/semmle/javascript/security/UselessUseOfCat.qll @@ -303,14 +303,11 @@ module PrettyPrintCatCall { bindingset[str] private string createSimplifiedStringConcat(string str) { // Remove an initial ""+ (e.g. in `""+file`) - if str.prefix(5) = "\"\" + " + if str.matches("\"\" + %") then result = str.suffix(5) else // prettify `${newpath}` to just newpath - if - str.prefix(3) = "`${" and - str.suffix(str.length() - 2) = "}`" and - not str.suffix(3).matches("%{%") + if str.matches("`${%") and str.matches("%}`") and not str.suffix(3).matches("%{%") then result = str.prefix(str.length() - 2).suffix(3) else result = str } diff --git a/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll b/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll index 12b7559615d..2cd324ed8f7 100644 --- a/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll +++ b/javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll @@ -477,7 +477,7 @@ private module CharacterClasses { result = ["0", "9"] or cc.getValue() = "s" and - result = [" "] + result = " " or cc.getValue() = "w" and result = ["a", "Z", "_", "0", "9"] @@ -490,7 +490,7 @@ private module CharacterClasses { result = "9" or cc.getValue() = "s" and - result = [" "] + result = " " or cc.getValue() = "w" and result = "a" diff --git a/javascript/ql/lib/tutorial.qll b/javascript/ql/lib/tutorial.qll new file mode 100644 index 00000000000..8cb1797a532 --- /dev/null +++ b/javascript/ql/lib/tutorial.qll @@ -0,0 +1,1207 @@ +/** + * This library is used in the QL detective tutorials. + * + * Note: Data is usually stored in a separate database and the QL libraries only contain predicates, + * but for this tutorial both the data and the predicates are stored in the library. + */ +class Person extends string { + Person() { + this = "Ronil" or + this = "Dina" or + this = "Ravi" or + this = "Bruce" or + this = "Jo" or + this = "Aida" or + this = "Esme" or + this = "Charlie" or + this = "Fred" or + this = "Meera" or + this = "Maya" or + this = "Chad" or + this = "Tiana" or + this = "Laura" or + this = "George" or + this = "Will" or + this = "Mary" or + this = "Almira" or + this = "Susannah" or + this = "Rhoda" or + this = "Cynthia" or + this = "Eunice" or + this = "Olive" or + this = "Virginia" or + this = "Angeline" or + this = "Helen" or + this = "Cornelia" or + this = "Harriet" or + this = "Mahala" or + this = "Abby" or + this = "Margaret" or + this = "Deb" or + this = "Minerva" or + this = "Severus" or + this = "Lavina" or + this = "Adeline" or + this = "Cath" or + this = "Elisa" or + this = "Lucretia" or + this = "Anne" or + this = "Eleanor" or + this = "Joanna" or + this = "Adam" or + this = "Agnes" or + this = "Rosanna" or + this = "Clara" or + this = "Melissa" or + this = "Amy" or + this = "Isabel" or + this = "Jemima" or + this = "Cordelia" or + this = "Melinda" or + this = "Delila" or + this = "Jeremiah" or + this = "Elijah" or + this = "Hester" or + this = "Walter" or + this = "Oliver" or + this = "Hugh" or + this = "Aaron" or + this = "Reuben" or + this = "Eli" or + this = "Amos" or + this = "Augustus" or + this = "Theodore" or + this = "Ira" or + this = "Timothy" or + this = "Cyrus" or + this = "Horace" or + this = "Simon" or + this = "Asa" or + this = "Frank" or + this = "Nelson" or + this = "Leonard" or + this = "Harrison" or + this = "Anthony" or + this = "Louis" or + this = "Milton" or + this = "Noah" or + this = "Cornelius" or + this = "Abdul" or + this = "Warren" or + this = "Harvey" or + this = "Dennis" or + this = "Wesley" or + this = "Sylvester" or + this = "Gilbert" or + this = "Sullivan" or + this = "Edmund" or + this = "Wilson" or + this = "Perry" or + this = "Matthew" or + this = "Simba" or + this = "Nala" or + this = "Rafiki" or + this = "Shenzi" or + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Edwin" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" or + this = "Stephen" + } + + /** Gets the hair color of the person. If the person is bald, there is no result. */ + string getHairColor() { + this = "Ronil" and result = "black" + or + this = "Dina" and result = "black" + or + this = "Ravi" and result = "black" + or + this = "Bruce" and result = "brown" + or + this = "Jo" and result = "red" + or + this = "Aida" and result = "blond" + or + this = "Esme" and result = "blond" + or + this = "Fred" and result = "gray" + or + this = "Meera" and result = "brown" + or + this = "Maya" and result = "brown" + or + this = "Chad" and result = "brown" + or + this = "Tiana" and result = "black" + or + this = "Laura" and result = "blond" + or + this = "George" and result = "blond" + or + this = "Will" and result = "blond" + or + this = "Mary" and result = "blond" + or + this = "Almira" and result = "black" + or + this = "Susannah" and result = "blond" + or + this = "Rhoda" and result = "blond" + or + this = "Cynthia" and result = "gray" + or + this = "Eunice" and result = "white" + or + this = "Olive" and result = "brown" + or + this = "Virginia" and result = "brown" + or + this = "Angeline" and result = "red" + or + this = "Helen" and result = "white" + or + this = "Cornelia" and result = "gray" + or + this = "Harriet" and result = "white" + or + this = "Mahala" and result = "black" + or + this = "Abby" and result = "red" + or + this = "Margaret" and result = "brown" + or + this = "Deb" and result = "brown" + or + this = "Minerva" and result = "brown" + or + this = "Severus" and result = "black" + or + this = "Lavina" and result = "brown" + or + this = "Adeline" and result = "brown" + or + this = "Cath" and result = "brown" + or + this = "Elisa" and result = "brown" + or + this = "Lucretia" and result = "gray" + or + this = "Anne" and result = "black" + or + this = "Eleanor" and result = "brown" + or + this = "Joanna" and result = "brown" + or + this = "Adam" and result = "black" + or + this = "Agnes" and result = "black" + or + this = "Rosanna" and result = "gray" + or + this = "Clara" and result = "blond" + or + this = "Melissa" and result = "brown" + or + this = "Amy" and result = "brown" + or + this = "Isabel" and result = "black" + or + this = "Jemima" and result = "red" + or + this = "Cordelia" and result = "red" + or + this = "Melinda" and result = "gray" + or + this = "Delila" and result = "white" + or + this = "Jeremiah" and result = "gray" + or + this = "Hester" and result = "black" + or + this = "Walter" and result = "black" + or + this = "Aaron" and result = "gray" + or + this = "Reuben" and result = "gray" + or + this = "Eli" and result = "gray" + or + this = "Amos" and result = "white" + or + this = "Augustus" and result = "white" + or + this = "Theodore" and result = "white" + or + this = "Timothy" and result = "brown" + or + this = "Cyrus" and result = "brown" + or + this = "Horace" and result = "brown" + or + this = "Simon" and result = "brown" + or + this = "Asa" and result = "brown" + or + this = "Frank" and result = "brown" + or + this = "Nelson" and result = "black" + or + this = "Leonard" and result = "black" + or + this = "Harrison" and result = "black" + or + this = "Anthony" and result = "black" + or + this = "Louis" and result = "black" + or + this = "Milton" and result = "blond" + or + this = "Noah" and result = "blond" + or + this = "Cornelius" and result = "red" + or + this = "Abdul" and result = "brown" + or + this = "Warren" and result = "red" + or + this = "Harvey" and result = "blond" + or + this = "Dennis" and result = "blond" + or + this = "Wesley" and result = "brown" + or + this = "Sylvester" and result = "brown" + or + this = "Gilbert" and result = "brown" + or + this = "Sullivan" and result = "brown" + or + this = "Edmund" and result = "brown" + or + this = "Wilson" and result = "blond" + or + this = "Perry" and result = "black" + or + this = "Simba" and result = "brown" + or + this = "Nala" and result = "brown" + or + this = "Rafiki" and result = "red" + or + this = "Shenzi" and result = "gray" + or + this = "Ernest" and result = "blond" + or + this = "Gertrude" and result = "brown" + or + this = "Oscar" and result = "blond" + or + this = "Lilian" and result = "brown" + or + this = "Raymond" and result = "brown" + or + this = "Elgar" and result = "brown" + or + this = "Elmer" and result = "brown" + or + this = "Herbert" and result = "brown" + or + this = "Maude" and result = "brown" + or + this = "Mae" and result = "brown" + or + this = "Otto" and result = "black" + or + this = "Edwin" and result = "black" + or + this = "Ophelia" and result = "brown" + or + this = "Parsley" and result = "brown" + or + this = "Sage" and result = "brown" + or + this = "Rosemary" and result = "brown" + or + this = "Thyme" and result = "brown" + or + this = "Garfunkel" and result = "brown" + or + this = "King Basil" and result = "brown" + or + this = "Stephen" and result = "black" + or + this = "Stephen" and result = "gray" + } + + /** Gets the age of the person (in years). If the person is deceased, there is no result. */ + int getAge() { + this = "Ronil" and result = 21 + or + this = "Dina" and result = 53 + or + this = "Ravi" and result = 16 + or + this = "Bruce" and result = 35 + or + this = "Jo" and result = 47 + or + this = "Aida" and result = 26 + or + this = "Esme" and result = 25 + or + this = "Charlie" and result = 31 + or + this = "Fred" and result = 68 + or + this = "Meera" and result = 62 + or + this = "Maya" and result = 29 + or + this = "Chad" and result = 49 + or + this = "Tiana" and result = 18 + or + this = "Laura" and result = 2 + or + this = "George" and result = 3 + or + this = "Will" and result = 41 + or + this = "Mary" and result = 51 + or + this = "Almira" and result = 1 + or + this = "Susannah" and result = 97 + or + this = "Rhoda" and result = 39 + or + this = "Cynthia" and result = 89 + or + this = "Eunice" and result = 83 + or + this = "Olive" and result = 25 + or + this = "Virginia" and result = 52 + or + this = "Angeline" and result = 22 + or + this = "Helen" and result = 79 + or + this = "Cornelia" and result = 59 + or + this = "Harriet" and result = 57 + or + this = "Mahala" and result = 61 + or + this = "Abby" and result = 24 + or + this = "Margaret" and result = 59 + or + this = "Deb" and result = 31 + or + this = "Minerva" and result = 72 + or + this = "Severus" and result = 61 + or + this = "Lavina" and result = 33 + or + this = "Adeline" and result = 17 + or + this = "Cath" and result = 22 + or + this = "Elisa" and result = 9 + or + this = "Lucretia" and result = 56 + or + this = "Anne" and result = 11 + or + this = "Eleanor" and result = 80 + or + this = "Joanna" and result = 43 + or + this = "Adam" and result = 37 + or + this = "Agnes" and result = 47 + or + this = "Rosanna" and result = 61 + or + this = "Clara" and result = 31 + or + this = "Melissa" and result = 37 + or + this = "Amy" and result = 12 + or + this = "Isabel" and result = 6 + or + this = "Jemima" and result = 16 + or + this = "Cordelia" and result = 21 + or + this = "Melinda" and result = 55 + or + this = "Delila" and result = 66 + or + this = "Jeremiah" and result = 54 + or + this = "Elijah" and result = 42 + or + this = "Hester" and result = 68 + or + this = "Walter" and result = 66 + or + this = "Oliver" and result = 33 + or + this = "Hugh" and result = 51 + or + this = "Aaron" and result = 49 + or + this = "Reuben" and result = 58 + or + this = "Eli" and result = 70 + or + this = "Amos" and result = 65 + or + this = "Augustus" and result = 56 + or + this = "Theodore" and result = 69 + or + this = "Ira" and result = 1 + or + this = "Timothy" and result = 54 + or + this = "Cyrus" and result = 78 + or + this = "Horace" and result = 34 + or + this = "Simon" and result = 23 + or + this = "Asa" and result = 28 + or + this = "Frank" and result = 59 + or + this = "Nelson" and result = 38 + or + this = "Leonard" and result = 58 + or + this = "Harrison" and result = 7 + or + this = "Anthony" and result = 2 + or + this = "Louis" and result = 34 + or + this = "Milton" and result = 36 + or + this = "Noah" and result = 48 + or + this = "Cornelius" and result = 41 + or + this = "Abdul" and result = 67 + or + this = "Warren" and result = 47 + or + this = "Harvey" and result = 31 + or + this = "Dennis" and result = 39 + or + this = "Wesley" and result = 13 + or + this = "Sylvester" and result = 19 + or + this = "Gilbert" and result = 16 + or + this = "Sullivan" and result = 17 + or + this = "Edmund" and result = 29 + or + this = "Wilson" and result = 27 + or + this = "Perry" and result = 31 + or + this = "Matthew" and result = 55 + or + this = "Simba" and result = 8 + or + this = "Nala" and result = 7 + or + this = "Rafiki" and result = 76 + or + this = "Shenzi" and result = 67 + } + + /** Gets the height of the person (in cm). If the person is deceased, there is no result. */ + float getHeight() { + this = "Ronil" and result = 183.0 + or + this = "Dina" and result = 155.1 + or + this = "Ravi" and result = 175.2 + or + this = "Bruce" and result = 191.3 + or + this = "Jo" and result = 163.4 + or + this = "Aida" and result = 182.6 + or + this = "Esme" and result = 176.9 + or + this = "Charlie" and result = 189.7 + or + this = "Fred" and result = 179.4 + or + this = "Meera" and result = 160.1 + or + this = "Maya" and result = 153.0 + or + this = "Chad" and result = 168.5 + or + this = "Tiana" and result = 149.7 + or + this = "Laura" and result = 87.5 + or + this = "George" and result = 96.4 + or + this = "Will" and result = 167.1 + or + this = "Mary" and result = 159.8 + or + this = "Almira" and result = 62.1 + or + this = "Susannah" and result = 145.8 + or + this = "Rhoda" and result = 180.1 + or + this = "Cynthia" and result = 161.8 + or + this = "Eunice" and result = 153.2 + or + this = "Olive" and result = 179.9 + or + this = "Virginia" and result = 165.1 + or + this = "Angeline" and result = 172.3 + or + this = "Helen" and result = 163.1 + or + this = "Cornelia" and result = 160.8 + or + this = "Harriet" and result = 163.2 + or + this = "Mahala" and result = 157.7 + or + this = "Abby" and result = 174.5 + or + this = "Margaret" and result = 165.6 + or + this = "Deb" and result = 171.6 + or + this = "Minerva" and result = 168.7 + or + this = "Severus" and result = 188.8 + or + this = "Lavina" and result = 155.1 + or + this = "Adeline" and result = 165.5 + or + this = "Cath" and result = 147.8 + or + this = "Elisa" and result = 129.4 + or + this = "Lucretia" and result = 153.6 + or + this = "Anne" and result = 140.4 + or + this = "Eleanor" and result = 151.1 + or + this = "Joanna" and result = 167.2 + or + this = "Adam" and result = 155.5 + or + this = "Agnes" and result = 156.8 + or + this = "Rosanna" and result = 162.4 + or + this = "Clara" and result = 158.6 + or + this = "Melissa" and result = 182.3 + or + this = "Amy" and result = 147.1 + or + this = "Isabel" and result = 121.4 + or + this = "Jemima" and result = 149.8 + or + this = "Cordelia" and result = 151.7 + or + this = "Melinda" and result = 154.4 + or + this = "Delila" and result = 163.4 + or + this = "Jeremiah" and result = 167.5 + or + this = "Elijah" and result = 184.5 + or + this = "Hester" and result = 152.7 + or + this = "Walter" and result = 159.6 + or + this = "Oliver" and result = 192.4 + or + this = "Hugh" and result = 173.1 + or + this = "Aaron" and result = 176.6 + or + this = "Reuben" and result = 169.9 + or + this = "Eli" and result = 180.4 + or + this = "Amos" and result = 167.4 + or + this = "Augustus" and result = 156.5 + or + this = "Theodore" and result = 176.6 + or + this = "Ira" and result = 54.1 + or + this = "Timothy" and result = 172.2 + or + this = "Cyrus" and result = 157.9 + or + this = "Horace" and result = 169.3 + or + this = "Simon" and result = 157.1 + or + this = "Asa" and result = 149.4 + or + this = "Frank" and result = 167.2 + or + this = "Nelson" and result = 173.0 + or + this = "Leonard" and result = 172.0 + or + this = "Harrison" and result = 126.0 + or + this = "Anthony" and result = 98.4 + or + this = "Louis" and result = 186.8 + or + this = "Milton" and result = 157.8 + or + this = "Noah" and result = 190.5 + or + this = "Cornelius" and result = 183.1 + or + this = "Abdul" and result = 182.0 + or + this = "Warren" and result = 175.0 + or + this = "Harvey" and result = 169.3 + or + this = "Dennis" and result = 160.4 + or + this = "Wesley" and result = 139.8 + or + this = "Sylvester" and result = 188.2 + or + this = "Gilbert" and result = 177.6 + or + this = "Sullivan" and result = 168.3 + or + this = "Edmund" and result = 159.2 + or + this = "Wilson" and result = 167.6 + or + this = "Perry" and result = 189.1 + or + this = "Matthew" and result = 167.2 + or + this = "Simba" and result = 140.1 + or + this = "Nala" and result = 138.0 + or + this = "Rafiki" and result = 139.3 + or + this = "Shenzi" and result = 171.1 + } + + /** Gets the location of the person's home ("north", "south", "east", or "west"). If the person is deceased, there is no result. */ + string getLocation() { + this = "Ronil" and result = "north" + or + this = "Dina" and result = "north" + or + this = "Ravi" and result = "north" + or + this = "Bruce" and result = "south" + or + this = "Jo" and result = "west" + or + this = "Aida" and result = "east" + or + this = "Esme" and result = "east" + or + this = "Charlie" and result = "south" + or + this = "Fred" and result = "west" + or + this = "Meera" and result = "south" + or + this = "Maya" and result = "south" + or + this = "Chad" and result = "south" + or + this = "Tiana" and result = "west" + or + this = "Laura" and result = "south" + or + this = "George" and result = "south" + or + this = "Will" and result = "south" + or + this = "Mary" and result = "south" + or + this = "Almira" and result = "south" + or + this = "Susannah" and result = "north" + or + this = "Rhoda" and result = "north" + or + this = "Cynthia" and result = "north" + or + this = "Eunice" and result = "north" + or + this = "Olive" and result = "west" + or + this = "Virginia" and result = "west" + or + this = "Angeline" and result = "west" + or + this = "Helen" and result = "west" + or + this = "Cornelia" and result = "east" + or + this = "Harriet" and result = "east" + or + this = "Mahala" and result = "east" + or + this = "Abby" and result = "east" + or + this = "Margaret" and result = "east" + or + this = "Deb" and result = "east" + or + this = "Minerva" and result = "south" + or + this = "Severus" and result = "north" + or + this = "Lavina" and result = "east" + or + this = "Adeline" and result = "west" + or + this = "Cath" and result = "east" + or + this = "Elisa" and result = "east" + or + this = "Lucretia" and result = "north" + or + this = "Anne" and result = "north" + or + this = "Eleanor" and result = "south" + or + this = "Joanna" and result = "south" + or + this = "Adam" and result = "east" + or + this = "Agnes" and result = "east" + or + this = "Rosanna" and result = "east" + or + this = "Clara" and result = "east" + or + this = "Melissa" and result = "west" + or + this = "Amy" and result = "west" + or + this = "Isabel" and result = "west" + or + this = "Jemima" and result = "west" + or + this = "Cordelia" and result = "west" + or + this = "Melinda" and result = "west" + or + this = "Delila" and result = "south" + or + this = "Jeremiah" and result = "north" + or + this = "Elijah" and result = "north" + or + this = "Hester" and result = "east" + or + this = "Walter" and result = "east" + or + this = "Oliver" and result = "east" + or + this = "Hugh" and result = "south" + or + this = "Aaron" and result = "south" + or + this = "Reuben" and result = "west" + or + this = "Eli" and result = "west" + or + this = "Amos" and result = "east" + or + this = "Augustus" and result = "south" + or + this = "Theodore" and result = "west" + or + this = "Ira" and result = "south" + or + this = "Timothy" and result = "north" + or + this = "Cyrus" and result = "north" + or + this = "Horace" and result = "east" + or + this = "Simon" and result = "east" + or + this = "Asa" and result = "east" + or + this = "Frank" and result = "west" + or + this = "Nelson" and result = "west" + or + this = "Leonard" and result = "west" + or + this = "Harrison" and result = "north" + or + this = "Anthony" and result = "north" + or + this = "Louis" and result = "north" + or + this = "Milton" and result = "south" + or + this = "Noah" and result = "south" + or + this = "Cornelius" and result = "east" + or + this = "Abdul" and result = "east" + or + this = "Warren" and result = "west" + or + this = "Harvey" and result = "west" + or + this = "Dennis" and result = "west" + or + this = "Wesley" and result = "west" + or + this = "Sylvester" and result = "south" + or + this = "Gilbert" and result = "east" + or + this = "Sullivan" and result = "east" + or + this = "Edmund" and result = "north" + or + this = "Wilson" and result = "north" + or + this = "Perry" and result = "west" + or + this = "Matthew" and result = "east" + or + this = "Simba" and result = "south" + or + this = "Nala" and result = "south" + or + this = "Rafiki" and result = "north" + or + this = "Shenzi" and result = "west" + } + + /** Holds if the person is deceased. */ + predicate isDeceased() { + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Edwin" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" + } + + /** Gets a parent of the person (alive or deceased). */ + Person getAParent() { + this = "Stephen" and result = "Edmund" + or + this = "Edmund" and result = "Augustus" + or + this = "Augustus" and result = "Stephen" + or + this = "Abby" and result = "Cornelia" + or + this = "Abby" and result = "Amos" + or + this = "Abdul" and result = "Susannah" + or + this = "Adam" and result = "Amos" + or + this = "Adeline" and result = "Melinda" + or + this = "Adeline" and result = "Frank" + or + this = "Agnes" and result = "Abdul" + or + this = "Aida" and result = "Agnes" + or + this = "Almira" and result = "Sylvester" + or + this = "Amos" and result = "Eunice" + or + this = "Amy" and result = "Noah" + or + this = "Amy" and result = "Chad" + or + this = "Angeline" and result = "Reuben" + or + this = "Angeline" and result = "Lucretia" + or + this = "Anne" and result = "Rhoda" + or + this = "Anne" and result = "Louis" + or + this = "Anthony" and result = "Lavina" + or + this = "Anthony" and result = "Asa" + or + this = "Asa" and result = "Cornelia" + or + this = "Cath" and result = "Harriet" + or + this = "Charlie" and result = "Matthew" + or + this = "Clara" and result = "Ernest" + or + this = "Cornelia" and result = "Cynthia" + or + this = "Cornelius" and result = "Eli" + or + this = "Deb" and result = "Margaret" + or + this = "Dennis" and result = "Fred" + or + this = "Eli" and result = "Susannah" + or + this = "Elijah" and result = "Delila" + or + this = "Elisa" and result = "Deb" + or + this = "Elisa" and result = "Horace" + or + this = "Esme" and result = "Margaret" + or + this = "Frank" and result = "Eleanor" + or + this = "Frank" and result = "Cyrus" + or + this = "George" and result = "Maya" + or + this = "George" and result = "Wilson" + or + this = "Gilbert" and result = "Cornelius" + or + this = "Harriet" and result = "Cynthia" + or + this = "Harrison" and result = "Louis" + or + this = "Harvey" and result = "Fred" + or + this = "Helen" and result = "Susannah" + or + this = "Hester" and result = "Edwin" + or + this = "Hugh" and result = "Cyrus" + or + this = "Hugh" and result = "Helen" + or + this = "Ira" and result = "Maya" + or + this = "Ira" and result = "Wilson" + or + this = "Isabel" and result = "Perry" + or + this = "Isabel" and result = "Harvey" + or + this = "Jemima" and result = "Melinda" + or + this = "Jemima" and result = "Frank" + or + this = "Ernest" and result = "Lilian" + or + this = "Ernest" and result = "Oscar" + or + this = "Gertrude" and result = "Ophelia" + or + this = "Gertrude" and result = "Raymond" + or + this = "Lilian" and result = "Elgar" + or + this = "Lilian" and result = "Mae" + or + this = "Raymond" and result = "Elgar" + or + this = "Raymond" and result = "Mae" + or + this = "Elmer" and result = "Ophelia" + or + this = "Elmer" and result = "Raymond" + or + this = "Herbert" and result = "Ophelia" + or + this = "Herbert" and result = "Raymond" + or + this = "Maude" and result = "Ophelia" + or + this = "Maude" and result = "Raymond" + or + this = "Otto" and result = "Elgar" + or + this = "Otto" and result = "Mae" + or + this = "Edwin" and result = "Otto" + or + this = "Parsley" and result = "Simon" + or + this = "Parsley" and result = "Garfunkel" + or + this = "Sage" and result = "Simon" + or + this = "Sage" and result = "Garfunkel" + or + this = "Rosemary" and result = "Simon" + or + this = "Rosemary" and result = "Garfunkel" + or + this = "Thyme" and result = "Simon" + or + this = "Thyme" and result = "Garfunkel" + or + this = "King Basil" and result = "Ophelia" + or + this = "King Basil" and result = "Raymond" + or + this = "Jo" and result = "Theodore" + or + this = "Joanna" and result = "Shenzi" + or + this = "Laura" and result = "Maya" + or + this = "Laura" and result = "Wilson" + or + this = "Lavina" and result = "Mahala" + or + this = "Lavina" and result = "Walter" + or + this = "Leonard" and result = "Cyrus" + or + this = "Leonard" and result = "Helen" + or + this = "Lucretia" and result = "Eleanor" + or + this = "Lucretia" and result = "Cyrus" + or + this = "Mahala" and result = "Eunice" + or + this = "Margaret" and result = "Cynthia" + or + this = "Matthew" and result = "Cyrus" + or + this = "Matthew" and result = "Helen" + or + this = "Maya" and result = "Meera" + or + this = "Melinda" and result = "Rafiki" + or + this = "Melissa" and result = "Mahala" + or + this = "Melissa" and result = "Walter" + or + this = "Nala" and result = "Bruce" + or + this = "Nelson" and result = "Mahala" + or + this = "Nelson" and result = "Walter" + or + this = "Noah" and result = "Eli" + or + this = "Olive" and result = "Reuben" + or + this = "Olive" and result = "Lucretia" + or + this = "Oliver" and result = "Matthew" + or + this = "Perry" and result = "Leonard" + or + this = "Ravi" and result = "Dina" + or + this = "Simba" and result = "Will" + or + this = "Simon" and result = "Margaret" + or + this = "Sullivan" and result = "Cornelius" + or + this = "Sylvester" and result = "Timothy" + or + this = "Theodore" and result = "Susannah" + or + this = "Tiana" and result = "Jo" + or + this = "Virginia" and result = "Helen" + or + this = "Warren" and result = "Shenzi" + or + this = "Wesley" and result = "Warren" + or + this = "Wesley" and result = "Jo" + or + this = "Will" and result = "Eli" + } + + /** Holds if the person is allowed in the region. Initially, all villagers are allowed in every region. */ + predicate isAllowedIn(string region) { + region = "north" or + region = "south" or + region = "east" or + region = "west" + } +} + +/** Returns a parent of the person. */ +Person parentOf(Person p) { result = p.getAParent() } diff --git a/javascript/ql/src/Security/CWE-730/ServerCrash.ql b/javascript/ql/src/Security/CWE-730/ServerCrash.ql index 7c16287d48c..336cc2abf70 100644 --- a/javascript/ql/src/Security/CWE-730/ServerCrash.ql +++ b/javascript/ql/src/Security/CWE-730/ServerCrash.ql @@ -104,7 +104,7 @@ class AsyncSentinelCall extends DataFlow::CallNode { exists(DataFlow::FunctionNode node | node.getAstNode() = asyncCallee | // manual models exists(string memberName | - not "Sync" = memberName.suffix(memberName.length() - 4) and + not memberName.matches("%Sync") and this = NodeJSLib::FS::moduleMember(memberName).getACall() and node = this.getCallback([1 .. 2]) ) diff --git a/javascript/ql/test/testUtilities/ConsistencyChecking.qll b/javascript/ql/test/testUtilities/ConsistencyChecking.qll index cd02a998649..f63eb933ff6 100644 --- a/javascript/ql/test/testUtilities/ConsistencyChecking.qll +++ b/javascript/ql/test/testUtilities/ConsistencyChecking.qll @@ -62,7 +62,7 @@ private class AssertionComment extends LineComment { /** * Holds if a consistency issue is expected at this location. */ - predicate expectConsistencyError() { getText().matches(["%[INCONSISTENCY]%"]) } + predicate expectConsistencyError() { getText().matches("%[INCONSISTENCY]%") } } private DataFlow::Node getASink() { exists(DataFlow::Configuration cfg | cfg.hasFlow(_, result)) } diff --git a/python/change-notes/2021-09-14-promote-regex-injection.md b/python/change-notes/2021-09-14-promote-regex-injection.md new file mode 100644 index 00000000000..0141251dea8 --- /dev/null +++ b/python/change-notes/2021-09-14-promote-regex-injection.md @@ -0,0 +1,2 @@ +lgtm,codescanning +* The query "Regular expression injection" (`py/regex-injection`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @jorgectf](https://github.com/github/codeql/pull/5442). diff --git a/python/ql/lib/semmle/python/ApiGraphs.qll b/python/ql/lib/semmle/python/ApiGraphs.qll index 62afe4ef865..9ab510d0ee5 100644 --- a/python/ql/lib/semmle/python/ApiGraphs.qll +++ b/python/ql/lib/semmle/python/ApiGraphs.qll @@ -55,7 +55,7 @@ module API { /** * Gets a call to the function represented by this API component. */ - DataFlow::CallCfgNode getACall() { result = getReturn().getAnImmediateUse() } + DataFlow::CallCfgNode getACall() { result = this.getReturn().getAnImmediateUse() } /** * Gets a node representing member `m` of this API component. @@ -67,21 +67,21 @@ module API { */ bindingset[m] bindingset[result] - Node getMember(string m) { result = getASuccessor(Label::member(m)) } + Node getMember(string m) { result = this.getASuccessor(Label::member(m)) } /** * Gets a node representing a member of this API component where the name of the member is * not known statically. */ - Node getUnknownMember() { result = getASuccessor(Label::unknownMember()) } + Node getUnknownMember() { result = this.getASuccessor(Label::unknownMember()) } /** * Gets a node representing a member of this API component where the name of the member may * or may not be known statically. */ Node getAMember() { - result = getASuccessor(Label::member(_)) or - result = getUnknownMember() + result = this.getASuccessor(Label::member(_)) or + result = this.getUnknownMember() } /** @@ -90,23 +90,25 @@ module API { * This predicate may have multiple results when there are multiple invocations of this API component. * Consider using `getACall()` if there is a need to distinguish between individual calls. */ - Node getReturn() { result = getASuccessor(Label::return()) } + Node getReturn() { result = this.getASuccessor(Label::return()) } /** * Gets a node representing a subclass of the class represented by this node. */ - Node getASubclass() { result = getASuccessor(Label::subclass()) } + Node getASubclass() { result = this.getASuccessor(Label::subclass()) } /** * Gets a node representing the result from awaiting this node. */ - Node getAwaited() { result = getASuccessor(Label::await()) } + Node getAwaited() { result = this.getASuccessor(Label::await()) } /** * Gets a string representation of the lexicographically least among all shortest access paths * from the root to this node. */ - string getPath() { result = min(string p | p = getAPath(Impl::distanceFromRoot(this)) | p) } + string getPath() { + result = min(string p | p = this.getAPath(Impl::distanceFromRoot(this)) | p) + } /** * Gets a node such that there is an edge in the API graph between this node and the other @@ -124,13 +126,13 @@ module API { * Gets a node such that there is an edge in the API graph between this node and the other * one. */ - Node getAPredecessor() { result = getAPredecessor(_) } + Node getAPredecessor() { result = this.getAPredecessor(_) } /** * Gets a node such that there is an edge in the API graph between that other node and * this one. */ - Node getASuccessor() { result = getASuccessor(_) } + Node getASuccessor() { result = this.getASuccessor(_) } /** * Gets the data-flow node that gives rise to this node, if any. @@ -147,11 +149,11 @@ module API { predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - getInducingNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + this.getInducingNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) or // For nodes that do not have a meaningful location, `path` is the empty string and all other // parameters are zero. - not exists(getInducingNode()) and + not exists(this.getInducingNode()) and filepath = "" and startline = 0 and startcolumn = 0 and @@ -202,7 +204,7 @@ module API { or this = Impl::MkModuleImport(_) and type = "ModuleImport " | - result = type + getPath() + result = type + this.getPath() or not exists(this.getPath()) and result = type + "with no path" ) diff --git a/python/ql/lib/semmle/python/Concepts.qll b/python/ql/lib/semmle/python/Concepts.qll index 5517347e692..a61734f1b3e 100644 --- a/python/ql/lib/semmle/python/Concepts.qll +++ b/python/ql/lib/semmle/python/Concepts.qll @@ -355,6 +355,53 @@ module SqlExecution { } } +/** + * A data-flow node that executes a regular expression. + * + * Extend this class to refine existing API models. If you want to model new APIs, + * extend `RegexExecution::Range` instead. + */ +class RegexExecution extends DataFlow::Node { + RegexExecution::Range range; + + RegexExecution() { this = range } + + /** Gets the data flow node for the regex being executed by this node. */ + DataFlow::Node getRegex() { result = range.getRegex() } + + /** Gets a dataflow node for the string to be searched or matched against. */ + DataFlow::Node getString() { result = range.getString() } + + /** + * Gets the name of this regex execution, typically the name of an executing method. + * This is used for nice alert messages and should include the module if possible. + */ + string getName() { result = range.getName() } +} + +/** Provides classes for modeling new regular-expression execution APIs. */ +module RegexExecution { + /** + * A data-flow node that executes a regular expression. + * + * Extend this class to model new APIs. If you want to refine existing API models, + * extend `RegexExecution` instead. + */ + abstract class Range extends DataFlow::Node { + /** Gets the data flow node for the regex being executed by this node. */ + abstract DataFlow::Node getRegex(); + + /** Gets a dataflow node for the string to be searched or matched against. */ + abstract DataFlow::Node getString(); + + /** + * Gets the name of this regex execution, typically the name of an executing method. + * This is used for nice alert messages and should include the module if possible. + */ + abstract string getName(); + } +} + /** * A data-flow node that escapes meta-characters, which could be used to prevent * injection attacks. @@ -411,6 +458,9 @@ module Escaping { /** Gets the escape-kind for escaping a string so it can safely be included in HTML. */ string getHtmlKind() { result = "html" } + + /** Gets the escape-kind for escaping a string so it can safely be included in HTML. */ + string getRegexKind() { result = "regex" } // TODO: If adding an XML kind, update the modeling of the `MarkupSafe` PyPI package. // // Technically it claims to escape for both HTML and XML, but for now we don't have @@ -427,6 +477,14 @@ class HtmlEscaping extends Escaping { HtmlEscaping() { range.getKind() = Escaping::getHtmlKind() } } +/** + * An escape of a string so it can be safely included in + * the body of a regex. + */ +class RegexEscaping extends Escaping { + RegexEscaping() { range.getKind() = Escaping::getRegexKind() } +} + /** Provides classes for modeling HTTP-related APIs. */ module HTTP { import semmle.python.web.HttpConstants diff --git a/python/ql/lib/semmle/python/Exprs.qll b/python/ql/lib/semmle/python/Exprs.qll index 98c24b126a4..5a56a704b6f 100644 --- a/python/ql/lib/semmle/python/Exprs.qll +++ b/python/ql/lib/semmle/python/Exprs.qll @@ -240,7 +240,7 @@ class Call extends Call_ { /** Gets the tuple (*) argument of this call, provided there is exactly one. */ Expr getStarArg() { count(this.getStarargs()) < 2 and - result = getStarargs() + result = this.getStarargs() } } diff --git a/python/ql/lib/semmle/python/Files.qll b/python/ql/lib/semmle/python/Files.qll index 66dfca681cc..99570fc4d7a 100644 --- a/python/ql/lib/semmle/python/Files.qll +++ b/python/ql/lib/semmle/python/Files.qll @@ -256,7 +256,7 @@ abstract class Container extends @container { * */ string getBaseName() { - result = getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) + result = this.getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) } /** @@ -282,7 +282,9 @@ abstract class Container extends @container { * "/tmp/x.tar.gz""gz" * */ - string getExtension() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) } + string getExtension() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) + } /** * Gets the stem of this container, that is, the prefix of its base name up to @@ -301,7 +303,9 @@ abstract class Container extends @container { * "/tmp/x.tar.gz""x.tar" * */ - string getStem() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) } + string getStem() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) + } File getFile(string baseName) { result = this.getAFile() and diff --git a/python/ql/lib/semmle/python/Flow.qll b/python/ql/lib/semmle/python/Flow.qll index 65246927872..ab3d0a5f393 100755 --- a/python/ql/lib/semmle/python/Flow.qll +++ b/python/ql/lib/semmle/python/Flow.qll @@ -851,9 +851,9 @@ class ForNode extends ControlFlowNode { /** Holds if this `for` statement causes iteration over `sequence` storing each step of the iteration in `target` */ predicate iterates(ControlFlowNode target, ControlFlowNode sequence) { - sequence = getSequence() and - target = possibleTarget() and - not target = unrolledSuffix().possibleTarget() + sequence = this.getSequence() and + target = this.possibleTarget() and + not target = this.unrolledSuffix().possibleTarget() } /** Gets the sequence node for this `for` statement. */ diff --git a/python/ql/lib/semmle/python/Import.qll b/python/ql/lib/semmle/python/Import.qll index 40c1c27a851..9620b01e4c6 100644 --- a/python/ql/lib/semmle/python/Import.qll +++ b/python/ql/lib/semmle/python/Import.qll @@ -31,7 +31,7 @@ class ImportExpr extends ImportExpr_ { // relative imports are no longer allowed in Python 3 major_version() < 3 and // and can be explicitly turned off in later versions of Python 2 - not getEnclosingModule().hasFromFuture("absolute_import") + not this.getEnclosingModule().hasFromFuture("absolute_import") } /** @@ -53,8 +53,8 @@ class ImportExpr extends ImportExpr_ { * the name of the topmost module that will be imported. */ private string relativeTopName() { - getLevel() = -1 and - result = basePackageName(1) + "." + this.getTopName() and + this.getLevel() = -1 and + result = this.basePackageName(1) + "." + this.getTopName() and valid_module_name(result) } @@ -62,7 +62,7 @@ class ImportExpr extends ImportExpr_ { if this.getLevel() <= 0 then result = this.getTopName() else ( - result = basePackageName(this.getLevel()) and + result = this.basePackageName(this.getLevel()) and valid_module_name(result) ) } @@ -73,17 +73,17 @@ class ImportExpr extends ImportExpr_ { * which may not be the name of the module. */ string bottomModuleName() { - result = relativeTopName() + this.remainderOfName() + result = this.relativeTopName() + this.remainderOfName() or - not exists(relativeTopName()) and + not exists(this.relativeTopName()) and result = this.qualifiedTopName() + this.remainderOfName() } /** Gets the name of topmost module or package being imported */ string topModuleName() { - result = relativeTopName() + result = this.relativeTopName() or - not exists(relativeTopName()) and + not exists(this.relativeTopName()) and result = this.qualifiedTopName() } @@ -94,7 +94,7 @@ class ImportExpr extends ImportExpr_ { */ string getImportedModuleName() { exists(string bottomName | bottomName = this.bottomModuleName() | - if this.isTop() then result = topModuleName() else result = bottomName + if this.isTop() then result = this.topModuleName() else result = bottomName ) } diff --git a/python/ql/lib/semmle/python/Module.qll b/python/ql/lib/semmle/python/Module.qll index 8f9344f60c0..6baf41b4a03 100644 --- a/python/ql/lib/semmle/python/Module.qll +++ b/python/ql/lib/semmle/python/Module.qll @@ -86,13 +86,13 @@ class Module extends Module_, Scope, AstNode { /** Gets the package containing this module (or parent package if this is a package) */ Module getPackage() { this.getName().matches("%.%") and - result.getName() = getName().regexpReplaceAll("\\.[^.]*$", "") + result.getName() = this.getName().regexpReplaceAll("\\.[^.]*$", "") } /** Gets the name of the package containing this module */ string getPackageName() { this.getName().matches("%.%") and - result = getName().regexpReplaceAll("\\.[^.]*$", "") + result = this.getName().regexpReplaceAll("\\.[^.]*$", "") } /** Gets the metrics for this module */ diff --git a/python/ql/lib/semmle/python/RegexTreeView.qll b/python/ql/lib/semmle/python/RegexTreeView.qll index ad1949e4bc4..75084dfa5ec 100644 --- a/python/ql/lib/semmle/python/RegexTreeView.qll +++ b/python/ql/lib/semmle/python/RegexTreeView.qll @@ -49,16 +49,17 @@ newtype TRegExpParent = * or another regular expression term. */ class RegExpParent extends TRegExpParent { + /** Gets a textual representation of this element. */ string toString() { result = "RegExpParent" } /** Gets the `i`th child term. */ abstract RegExpTerm getChild(int i); /** Gets a child term . */ - RegExpTerm getAChild() { result = getChild(_) } + RegExpTerm getAChild() { result = this.getChild(_) } /** Gets the number of child terms. */ - int getNumChild() { result = count(getAChild()) } + int getNumChild() { result = count(this.getAChild()) } /** Gets the associated regex. */ abstract Regex getRegex(); @@ -72,14 +73,18 @@ class RegExpLiteral extends TRegExpLiteral, RegExpParent { override RegExpTerm getChild(int i) { i = 0 and result.getRegex() = re and result.isRootTerm() } + /** Holds if dot, `.`, matches all characters, including newlines. */ predicate isDotAll() { re.getAMode() = "DOTALL" } + /** Holds if this regex matching is case-insensitive for this regex. */ predicate isIgnoreCase() { re.getAMode() = "IGNORECASE" } + /** Get a string representing all modes for this regex. */ string getFlags() { result = concat(string mode | mode = re.getAMode() | mode, " | ") } override Regex getRegex() { result = re } + /** Gets the primary QL class for this regex. */ string getPrimaryQLClass() { result = "RegExpLiteral" } } @@ -117,7 +122,7 @@ class RegExpTerm extends RegExpParent { RegExpTerm getRootTerm() { this.isRootTerm() and result = this or - result = getParent().(RegExpTerm).getRootTerm() + result = this.getParent().(RegExpTerm).getRootTerm() } /** @@ -196,7 +201,7 @@ class RegExpTerm extends RegExpParent { /** Gets the regular expression term that is matched (textually) before this one, if any. */ RegExpTerm getPredecessor() { - exists(RegExpTerm parent | parent = getParent() | + exists(RegExpTerm parent | parent = this.getParent() | result = parent.(RegExpSequence).previousElement(this) or not exists(parent.(RegExpSequence).previousElement(this)) and @@ -207,7 +212,7 @@ class RegExpTerm extends RegExpParent { /** Gets the regular expression term that is matched (textually) after this one, if any. */ RegExpTerm getSuccessor() { - exists(RegExpTerm parent | parent = getParent() | + exists(RegExpTerm parent | parent = this.getParent() | result = parent.(RegExpSequence).nextElement(this) or not exists(parent.(RegExpSequence).nextElement(this)) and @@ -246,8 +251,10 @@ class RegExpQuantifier extends RegExpTerm, TRegExpQuantifier { result.getEnd() = part_end } + /** Hols if this term may match an unlimited number of times. */ predicate mayRepeatForever() { may_repeat_forever = true } + /** Gets the qualifier for this term. That is e.g "?" for "a?". */ string getQualifier() { result = re.getText().substring(part_end, end) } override string getPrimaryQLClass() { result = "RegExpQuantifier" } @@ -322,8 +329,10 @@ class RegExpRange extends RegExpQuantifier { RegExpRange() { re.multiples(part_end, end, lower, upper) } + /** Gets the string defining the upper bound of this range, if any. */ string getUpper() { result = upper } + /** Gets the string defining the lower bound of this range, if any. */ string getLower() { result = lower } /** @@ -358,7 +367,7 @@ class RegExpSequence extends RegExpTerm, TRegExpSequence { override RegExpTerm getChild(int i) { result = seqChild(re, start, end, i) } /** Gets the element preceding `element` in this sequence. */ - RegExpTerm previousElement(RegExpTerm element) { element = nextElement(result) } + RegExpTerm previousElement(RegExpTerm element) { element = this.nextElement(result) } /** Gets the element following `element` in this sequence. */ RegExpTerm nextElement(RegExpTerm element) { @@ -461,15 +470,17 @@ class RegExpEscape extends RegExpNormalChar { // TODO: Find a way to include a formfeed character // this.getUnescaped() = "f" and result = " " // or - isUnicode() and - result = getUnicode() + this.isUnicode() and + result = this.getUnicode() } + /** Holds if this terms name is given by the part following the escape character. */ predicate isIdentityEscape() { not this.getUnescaped() in ["n", "r", "t", "f"] } override string getPrimaryQLClass() { result = "RegExpEscape" } - string getUnescaped() { result = this.getText().suffix(1) } + /** Gets the part of the term following the escape character. That is e.g. "w" if the term is "\w". */ + private string getUnescaped() { result = this.getText().suffix(1) } /** * Gets the text for this escape. That is e.g. "\w". @@ -479,7 +490,7 @@ class RegExpEscape extends RegExpNormalChar { /** * Holds if this is a unicode escape. */ - private predicate isUnicode() { getText().prefix(2) = ["\\u", "\\U"] } + private predicate isUnicode() { this.getText().prefix(2) = ["\\u", "\\U"] } /** * Gets the unicode char for this escape. @@ -536,15 +547,8 @@ private int toHex(string hex) { * ``` */ class RegExpCharacterClassEscape extends RegExpEscape { - // string value; - RegExpCharacterClassEscape() { - // value = re.getText().substring(start + 1, end) and - // value in ["d", "D", "s", "S", "w", "W"] - this.getValue() in ["d", "D", "s", "S", "w", "W"] - } + RegExpCharacterClassEscape() { this.getValue() in ["d", "D", "s", "S", "w", "W"] } - /** Gets the name of the character class; for example, `w` for `\w`. */ - // override string getValue() { result = value } override RegExpTerm getChild(int i) { none() } override string getPrimaryQLClass() { result = "RegExpCharacterClassEscape" } @@ -563,19 +567,22 @@ class RegExpCharacterClassEscape extends RegExpEscape { class RegExpCharacterClass extends RegExpTerm, TRegExpCharacterClass { RegExpCharacterClass() { this = TRegExpCharacterClass(re, start, end) } + /** Holds if this character class is inverted, matching the opposite of its content. */ predicate isInverted() { re.getChar(start + 1) = "^" } + /** Gets the `i`th char inside this charater class. */ string getCharThing(int i) { result = re.getChar(i + start) } + /** Holds if this character class can match anything. */ predicate isUniversalClass() { // [^] - isInverted() and not exists(getAChild()) + this.isInverted() and not exists(this.getAChild()) or // [\w\W] and similar - not isInverted() and + not this.isInverted() and exists(string cce1, string cce2 | - cce1 = getAChild().(RegExpCharacterClassEscape).getValue() and - cce2 = getAChild().(RegExpCharacterClassEscape).getValue() + cce1 = this.getAChild().(RegExpCharacterClassEscape).getValue() and + cce2 = this.getAChild().(RegExpCharacterClassEscape).getValue() | cce1 != cce2 and cce1.toLowerCase() = cce2.toLowerCase() ) @@ -620,6 +627,7 @@ class RegExpCharacterRange extends RegExpTerm, TRegExpCharacterRange { re.charRange(_, start, lower_end, upper_start, end) } + /** Holds if this range goes from `lo` to `hi`, in effect is `lo-hi`. */ predicate isRange(string lo, string hi) { lo = re.getText().substring(start, lower_end) and hi = re.getText().substring(upper_start, end) @@ -653,8 +661,13 @@ class RegExpCharacterRange extends RegExpTerm, TRegExpCharacterRange { class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar { RegExpNormalChar() { this = TRegExpNormalChar(re, start, end) } + /** + * Holds if this constant represents a valid Unicode character (as opposed + * to a surrogate code point that does not correspond to a character by itself.) + */ predicate isCharacter() { any() } + /** Gets the string representation of the char matched by this term. */ string getValue() { result = re.getText().substring(start, end) } override RegExpTerm getChild(int i) { none() } @@ -684,15 +697,15 @@ class RegExpConstant extends RegExpTerm { qstart <= start and end <= qend ) and value = this.(RegExpNormalChar).getValue() - // This will never hold - // or - // this = TRegExpSpecialChar(re, start, end) and - // re.inCharSet(start) and - // value = this.(RegExpSpecialChar).getChar() } + /** + * Holds if this constant represents a valid Unicode character (as opposed + * to a surrogate code point that does not correspond to a character by itself.) + */ predicate isCharacter() { any() } + /** Gets the string matched by this constant term. */ string getValue() { result = value } override RegExpTerm getChild(int i) { none() } @@ -731,10 +744,6 @@ class RegExpGroup extends RegExpTerm, TRegExpGroup { /** Gets the name of this capture group, if any. */ string getName() { result = re.getGroupName(start, end) } - predicate isCharacter() { any() } - - string getValue() { result = re.getText().substring(start, end) } - override RegExpTerm getChild(int i) { result.getRegex() = re and i = 0 and @@ -762,8 +771,13 @@ class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar { re.specialCharacter(start, end, char) } + /** + * Holds if this constant represents a valid Unicode character (as opposed + * to a surrogate code point that does not correspond to a character by itself.) + */ predicate isCharacter() { any() } + /** Gets the char for this term. */ string getChar() { result = char } override RegExpTerm getChild(int i) { none() } @@ -828,8 +842,6 @@ class RegExpCaret extends RegExpSpecialChar { class RegExpZeroWidthMatch extends RegExpGroup { RegExpZeroWidthMatch() { re.zeroWidthMatch(start, end) } - override predicate isCharacter() { any() } - override RegExpTerm getChild(int i) { none() } override string getPrimaryQLClass() { result = "RegExpZeroWidthMatch" } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll index f43a550af57..494780d2e1b 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll @@ -937,7 +937,7 @@ class CallContextSpecificCall extends CallContextCall, TSpecificCall { } override predicate relevantFor(DataFlowCallable callable) { - recordDataFlowCallSite(getCall(), callable) + recordDataFlowCallSite(this.getCall(), callable) } override predicate matchesCall(DataFlowCall call) { call = this.getCall() } @@ -1257,7 +1257,7 @@ abstract class AccessPathFront extends TAccessPathFront { TypedContent getHead() { this = TFrontHead(result) } - predicate isClearedAt(Node n) { clearsContentCached(n, getHead().getContent()) } + predicate isClearedAt(Node n) { clearsContentCached(n, this.getHead().getContent()) } } class AccessPathFrontNil extends AccessPathFront, TFrontNil { diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll index 169ebd191ba..b41edd28898 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll @@ -610,11 +610,11 @@ class DataFlowLambda extends DataFlowCallable, TLambda { override string toString() { result = lambda.toString() } - override CallNode getACall() { result = getCallableValue().getACall() } + override CallNode getACall() { result = this.getCallableValue().getACall() } override Scope getScope() { result = lambda.getEvaluatingScope() } - override NameNode getParameter(int n) { result = getParameter(getCallableValue(), n) } + override NameNode getParameter(int n) { result = getParameter(this.getCallableValue(), n) } override string getName() { result = "Lambda callable" } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll b/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll index df1ee7bba16..76cc1573b24 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll @@ -62,12 +62,12 @@ class LocalSourceNode extends Node { /** * Gets a read of attribute `attrName` on this node. */ - AttrRead getAnAttributeRead(string attrName) { result = getAnAttributeReference(attrName) } + AttrRead getAnAttributeRead(string attrName) { result = this.getAnAttributeReference(attrName) } /** * Gets a write of attribute `attrName` on this node. */ - AttrWrite getAnAttributeWrite(string attrName) { result = getAnAttributeReference(attrName) } + AttrWrite getAnAttributeWrite(string attrName) { result = this.getAnAttributeReference(attrName) } /** * Gets a reference (read or write) of any attribute on this node. @@ -81,12 +81,12 @@ class LocalSourceNode extends Node { /** * Gets a read of any attribute on this node. */ - AttrRead getAnAttributeRead() { result = getAnAttributeReference() } + AttrRead getAnAttributeRead() { result = this.getAnAttributeReference() } /** * Gets a write of any attribute on this node. */ - AttrWrite getAnAttributeWrite() { result = getAnAttributeReference() } + AttrWrite getAnAttributeWrite() { result = this.getAnAttributeReference() } /** * Gets a call to this node. diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTrackingImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking2/TaintTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking2/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking2/TaintTrackingImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking2/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll index f4f73b8247c..acb029c23d9 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll @@ -75,24 +75,26 @@ abstract class Configuration extends DataFlow::Configuration { predicate isSanitizer(DataFlow::Node node) { none() } final override predicate isBarrier(DataFlow::Node node) { - isSanitizer(node) or + this.isSanitizer(node) or defaultTaintSanitizer(node) } /** Holds if taint propagation into `node` is prohibited. */ predicate isSanitizerIn(DataFlow::Node node) { none() } - final override predicate isBarrierIn(DataFlow::Node node) { isSanitizerIn(node) } + final override predicate isBarrierIn(DataFlow::Node node) { this.isSanitizerIn(node) } /** Holds if taint propagation out of `node` is prohibited. */ predicate isSanitizerOut(DataFlow::Node node) { none() } - final override predicate isBarrierOut(DataFlow::Node node) { isSanitizerOut(node) } + final override predicate isBarrierOut(DataFlow::Node node) { this.isSanitizerOut(node) } /** Holds if taint propagation through nodes guarded by `guard` is prohibited. */ predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { none() } - final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { isSanitizerGuard(guard) } + final override predicate isBarrierGuard(DataFlow::BarrierGuard guard) { + this.isSanitizerGuard(guard) + } /** * Holds if the additional taint propagation step from `node1` to `node2` @@ -101,7 +103,7 @@ abstract class Configuration extends DataFlow::Configuration { predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { none() } final override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - isAdditionalTaintStep(node1, node2) or + this.isAdditionalTaintStep(node1, node2) or defaultAdditionalTaintStep(node1, node2) } diff --git a/python/ql/lib/semmle/python/essa/Definitions.qll b/python/ql/lib/semmle/python/essa/Definitions.qll index 752ff9da329..e4e4bba747f 100644 --- a/python/ql/lib/semmle/python/essa/Definitions.qll +++ b/python/ql/lib/semmle/python/essa/Definitions.qll @@ -225,9 +225,9 @@ class ModuleVariable extends SsaSourceVariable { } override ControlFlowNode getAnImplicitUse() { - result = global_variable_callnode() + result = this.global_variable_callnode() or - result = global_variable_import() + result = this.global_variable_import() or exists(ImportTimeScope scope | scope.entryEdge(result, _) | this = scope.getOuterVariable(_) or diff --git a/python/ql/lib/semmle/python/essa/Essa.qll b/python/ql/lib/semmle/python/essa/Essa.qll index d703b72242a..2d403070c4c 100644 --- a/python/ql/lib/semmle/python/essa/Essa.qll +++ b/python/ql/lib/semmle/python/essa/Essa.qll @@ -41,7 +41,7 @@ class EssaVariable extends TEssaDefinition { */ ControlFlowNode getASourceUse() { exists(SsaSourceVariable var | - result = use_for_var(var) and + result = this.use_for_var(var) and result = var.getASourceUse() ) } @@ -258,7 +258,7 @@ class PhiFunction extends EssaDefinition, TPhiFunction { /** Gets another definition of the same source variable that reaches this definition. */ private EssaDefinition reachingDefinition(BasicBlock pred) { result.getScope() = this.getScope() and - result.getSourceVariable() = pred_var(pred) and + result.getSourceVariable() = this.pred_var(pred) and result.reachesEndOfBlock(pred) } diff --git a/python/ql/lib/semmle/python/frameworks/Aiohttp.qll b/python/ql/lib/semmle/python/frameworks/Aiohttp.qll index 46bcf3e554c..748f6c92d39 100644 --- a/python/ql/lib/semmle/python/frameworks/Aiohttp.qll +++ b/python/ql/lib/semmle/python/frameworks/Aiohttp.qll @@ -424,7 +424,7 @@ module AiohttpWebModel { override string getAttributeName() { none() } - override string getMethodName() { result in ["read_nowait"] } + override string getMethodName() { result = "read_nowait" } override string getAsyncMethodName() { result in [ diff --git a/python/ql/lib/semmle/python/frameworks/Cryptodome.qll b/python/ql/lib/semmle/python/frameworks/Cryptodome.qll index 4d108196148..54b5b9437a3 100644 --- a/python/ql/lib/semmle/python/frameworks/Cryptodome.qll +++ b/python/ql/lib/semmle/python/frameworks/Cryptodome.qll @@ -116,7 +116,7 @@ private module CryptodomeModel { ] and this = API::moduleImport(["Crypto", "Cryptodome"]) - .getMember(["Cipher"]) + .getMember("Cipher") .getMember(cipherName) .getMember("new") .getReturn() @@ -135,21 +135,21 @@ private module CryptodomeModel { or // for the following methods, method signatures can be found in // https://pycryptodome.readthedocs.io/en/latest/src/cipher/modern.html - methodName in ["update"] and + methodName = "update" and result in [this.getArg(0), this.getArgByName("data")] or // although `mac_tag` is used as the parameter name in the spec above, some implementations use `received_mac_tag`, for an example, see // https://github.com/Legrandin/pycryptodome/blob/5dace638b70ac35bb5d9b565f3e75f7869c9d851/lib/Crypto/Cipher/ChaCha20_Poly1305.py#L207 - methodName in ["verify"] and + methodName = "verify" and result in [this.getArg(0), this.getArgByName(["mac_tag", "received_mac_tag"])] or - methodName in ["hexverify"] and + methodName = "hexverify" and result in [this.getArg(0), this.getArgByName("mac_tag_hex")] or - methodName in ["encrypt_and_digest"] and + methodName = "encrypt_and_digest" and result in [this.getArg(0), this.getArgByName("plaintext")] or - methodName in ["decrypt_and_verify"] and + methodName = "decrypt_and_verify" and result in [ this.getArg(0), this.getArgByName("ciphertext"), this.getArg(1), this.getArgByName("mac_tag") @@ -169,7 +169,7 @@ private module CryptodomeModel { methodName in ["sign", "verify"] and this = API::moduleImport(["Crypto", "Cryptodome"]) - .getMember(["Signature"]) + .getMember("Signature") .getMember(signatureName) .getMember("new") .getReturn() @@ -185,11 +185,11 @@ private module CryptodomeModel { methodName = "sign" and result in [this.getArg(0), this.getArgByName("msg_hash")] // Cryptodome.Hash instance or - methodName in ["verify"] and + methodName = "verify" and ( - result in [this.getArg(0), this.getArgByName(["msg_hash"])] // Cryptodome.Hash instance + result in [this.getArg(0), this.getArgByName("msg_hash")] // Cryptodome.Hash instance or - result in [this.getArg(1), this.getArgByName(["signature"])] + result in [this.getArg(1), this.getArgByName("signature")] ) } } @@ -204,7 +204,7 @@ private module CryptodomeModel { CryptodomeGenericHashOperation() { exists(API::Node hashModule | hashModule = - API::moduleImport(["Crypto", "Cryptodome"]).getMember(["Hash"]).getMember(hashName) + API::moduleImport(["Crypto", "Cryptodome"]).getMember("Hash").getMember(hashName) | this = hashModule.getMember("new").getACall() or diff --git a/python/ql/lib/semmle/python/frameworks/Django.qll b/python/ql/lib/semmle/python/frameworks/Django.qll index 08afa55635a..89ff0537c97 100644 --- a/python/ql/lib/semmle/python/frameworks/Django.qll +++ b/python/ql/lib/semmle/python/frameworks/Django.qll @@ -1844,11 +1844,13 @@ private module PrivateDjango { t.start() and result.asCfgNode().(CallNode).getFunction() = this.asViewRef().asCfgNode() or - exists(DataFlow::TypeTracker t2 | result = asViewResult(t2).track(t2, t)) + exists(DataFlow::TypeTracker t2 | result = this.asViewResult(t2).track(t2, t)) } /** Gets a reference to the result of calling the `as_view` classmethod of this class. */ - DataFlow::Node asViewResult() { asViewResult(DataFlow::TypeTracker::end()).flowsTo(result) } + DataFlow::Node asViewResult() { + this.asViewResult(DataFlow::TypeTracker::end()).flowsTo(result) + } } /** A class that we consider a django View class. */ @@ -1944,10 +1946,10 @@ private module PrivateDjango { abstract DataFlow::Node getViewArg(); final override DjangoRouteHandler getARequestHandler() { - poorMansFunctionTracker(result) = getViewArg() + poorMansFunctionTracker(result) = this.getViewArg() or exists(DjangoViewClass vc | - getViewArg() = vc.asViewResult() and + this.getViewArg() = vc.asViewResult() and result = vc.getARequestHandler() ) } diff --git a/python/ql/lib/semmle/python/frameworks/Flask.qll b/python/ql/lib/semmle/python/frameworks/Flask.qll index e854e07658b..3c2cc5af5ec 100644 --- a/python/ql/lib/semmle/python/frameworks/Flask.qll +++ b/python/ql/lib/semmle/python/frameworks/Flask.qll @@ -292,12 +292,12 @@ module Flask { override Function getARequestHandler() { exists(DataFlow::LocalSourceNode func_src | - func_src.flowsTo(getViewArg()) and + func_src.flowsTo(this.getViewArg()) and func_src.asExpr().(CallableExpr) = result.getDefinition() ) or exists(FlaskViewClass vc | - getViewArg() = vc.asViewResult().getAUse() and + this.getViewArg() = vc.asViewResult().getAUse() and result = vc.getARequestHandler() ) } diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll index f89f74f3c34..973af899896 100644 --- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll +++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll @@ -195,6 +195,101 @@ private module StdlibPrivate { } } + /** + * The `os.path` module offers a number of methods for checking if a file exists and/or has certain + * properties, leading to a file system access. + * A call to `os.path.exists` or `os.path.lexists` will check if a file exists on the file system. + * (Although, on some platforms, the check may return `false` due to missing permissions.) + * A call to `os.path.getatime` will raise `OSError` if the file does not exist or is inaccessible. + * See: + * - https://docs.python.org/3/library/os.path.html#os.path.exists + * - https://docs.python.org/3/library/os.path.html#os.path.lexists + * - https://docs.python.org/3/library/os.path.html#os.path.isfile + * - https://docs.python.org/3/library/os.path.html#os.path.isdir + * - https://docs.python.org/3/library/os.path.html#os.path.islink + * - https://docs.python.org/3/library/os.path.html#os.path.ismount + * - https://docs.python.org/3/library/os.path.html#os.path.getatime + * - https://docs.python.org/3/library/os.path.html#os.path.getmtime + * - https://docs.python.org/3/library/os.path.html#os.path.getctime + * - https://docs.python.org/3/library/os.path.html#os.path.getsize + * - https://docs.python.org/3/library/os.path.html#os.path.realpath + */ + private class OsPathProbingCall extends FileSystemAccess::Range, DataFlow::CallCfgNode { + OsPathProbingCall() { + this = + os::path() + .getMember([ + // these check if the file exists + "exists", "lexists", "isfile", "isdir", "islink", "ismount", + // these raise errors if the file does not exist + "getatime", "getmtime", "getctime", "getsize" + ]) + .getACall() + } + + override DataFlow::Node getAPathArgument() { + result in [this.getArg(0), this.getArgByName("path")] + } + } + + /** A call to `os.path.samefile` will raise an exception if an `os.stat()` call on either pathname fails. */ + private class OsPathSamefileCall extends FileSystemAccess::Range, DataFlow::CallCfgNode { + OsPathSamefileCall() { this = os::path().getMember("samefile").getACall() } + + override DataFlow::Node getAPathArgument() { + result in [ + this.getArg(0), this.getArgByName("path1"), this.getArg(1), this.getArgByName("path2") + ] + } + } + + // Functions with non-standard arguments: + // - os.path.join(path, *paths) + // - os.path.relpath(path, start=os.curdir) + // these functions need special treatment when computing `getPathArg`. + // + // Functions that excluded because they can act as sanitizers: + // - os.path.commonpath(paths): takes a sequence + // - os.path.commonprefix(list): takes a list argument + // unless the user control all arguments, we are comparing with a known value. + private string pathComputation() { + result in [ + "abspath", "basename", "commonpath", "dirname", "expanduser", "expandvars", "join", + "normcase", "normpath", "realpath", "relpath", "split", "splitdrive", "splitext" + ] + } + + /** + * The `os.path` module offers a number of methods for computing new paths from existing paths. + * These should all propagate taint. + */ + private class OsPathComputation extends DataFlow::CallCfgNode { + string methodName; + + OsPathComputation() { + methodName = pathComputation() and + this = os::path().getMember(methodName).getACall() + } + + DataFlow::Node getPathArg() { + result in [this.getArg(0), this.getArgByName("path")] + or + methodName = "join" and result = this.getArg(_) + or + methodName = "relpath" and result in [this.getArg(1), this.getArgByName("start")] + } + } + + /** An additional taint step for path computations. */ + private class OsPathComputationAdditionalTaintStep extends TaintTracking::AdditionalTaintStep { + override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { + exists(OsPathComputation call | + nodeTo = call and + nodeFrom = call.getPathArg() + ) + } + } + /** * A call to `os.path.normpath`. * See https://docs.python.org/3/library/os.path.html#os.path.normpath @@ -205,16 +300,6 @@ private module StdlibPrivate { DataFlow::Node getPathArg() { result in [this.getArg(0), this.getArgByName("path")] } } - /** An additional taint step for calls to `os.path.normpath` */ - private class OsPathNormpathCallAdditionalTaintStep extends TaintTracking::AdditionalTaintStep { - override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { - exists(OsPathNormpathCall call | - nodeTo = call and - nodeFrom = call.getPathArg() - ) - } - } - /** * A call to `os.path.abspath`. * See https://docs.python.org/3/library/os.path.html#os.path.abspath @@ -225,16 +310,6 @@ private module StdlibPrivate { DataFlow::Node getPathArg() { result in [this.getArg(0), this.getArgByName("path")] } } - /** An additional taint step for calls to `os.path.abspath` */ - private class OsPathAbspathCallAdditionalTaintStep extends TaintTracking::AdditionalTaintStep { - override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { - exists(OsPathAbspathCall call | - nodeTo = call and - nodeFrom = call.getPathArg() - ) - } - } - /** * A call to `os.path.realpath`. * See https://docs.python.org/3/library/os.path.html#os.path.realpath @@ -245,16 +320,6 @@ private module StdlibPrivate { DataFlow::Node getPathArg() { result in [this.getArg(0), this.getArgByName("path")] } } - /** An additional taint step for calls to `os.path.realpath` */ - private class OsPathRealpathCallAdditionalTaintStep extends TaintTracking::AdditionalTaintStep { - override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { - exists(OsPathRealpathCall call | - nodeTo = call and - nodeFrom = call.getPathArg() - ) - } - } - /** * A call to `os.system`. * See https://docs.python.org/3/library/os.html#os.system @@ -397,8 +462,8 @@ private module StdlibPrivate { result = this.get_executable_arg() or exists(DataFlow::Node arg_args, boolean shell | - arg_args = get_args_arg() and - shell = get_shell_arg_value() + arg_args = this.get_args_arg() and + shell = this.get_shell_arg_value() | // When "executable" argument is set, and "shell" argument is `False`, the // "args" argument will only be used to set the program name and arguments to @@ -1212,7 +1277,7 @@ private module StdlibPrivate { /** * Gets a name of an attribute of a `pathlib.Path` object that is also a `pathlib.Path` object. */ - private string pathlibPathAttribute() { result in ["parent"] } + private string pathlibPathAttribute() { result = "parent" } /** * Gets a name of a method of a `pathlib.Path` object that returns a `pathlib.Path` object. @@ -1571,6 +1636,119 @@ private module StdlibPrivate { result = this.getArg(any(int i | i >= msgIndex)) } } + + // --------------------------------------------------------------------------- + // re + // --------------------------------------------------------------------------- + /** + * List of methods in the `re` module immediately executing a regular expression. + * + * See https://docs.python.org/3/library/re.html#module-contents + */ + private class RegexExecutionMethod extends string { + RegexExecutionMethod() { + this in ["match", "fullmatch", "search", "split", "findall", "finditer", "sub", "subn"] + } + + /** Gets the index of the argument representing the string to be searched by a regex. */ + int getStringArgIndex() { + this in ["match", "fullmatch", "search", "split", "findall", "finditer"] and + result = 1 + or + this in ["sub", "subn"] and + result = 2 + } + } + + /** + * A a call to a method from the `re` module immediately executing a regular expression. + * + * See `RegexExecutionMethods` + */ + private class DirectRegexExecution extends DataFlow::CallCfgNode, RegexExecution::Range { + RegexExecutionMethod method; + + DirectRegexExecution() { this = API::moduleImport("re").getMember(method).getACall() } + + override DataFlow::Node getRegex() { result in [this.getArg(0), this.getArgByName("pattern")] } + + override DataFlow::Node getString() { + result in [this.getArg(method.getStringArgIndex()), this.getArgByName("string")] + } + + override string getName() { result = "re." + method } + } + + /** Helper module for tracking compiled regexes. */ + private module CompiledRegexes { + private DataFlow::TypeTrackingNode compiledRegex(DataFlow::TypeTracker t, DataFlow::Node regex) { + t.start() and + result = API::moduleImport("re").getMember("compile").getACall() and + regex in [ + result.(DataFlow::CallCfgNode).getArg(0), + result.(DataFlow::CallCfgNode).getArgByName("pattern") + ] + or + exists(DataFlow::TypeTracker t2 | result = compiledRegex(t2, regex).track(t2, t)) + } + + DataFlow::Node compiledRegex(DataFlow::Node regex) { + compiledRegex(DataFlow::TypeTracker::end(), regex).flowsTo(result) + } + } + + private import CompiledRegexes + + /** + * A call on compiled regular expression (obtained via `re.compile`) executing a + * regular expression. + * + * Given the following example: + * + * ```py + * pattern = re.compile(input) + * pattern.match(s) + * ``` + * + * This class will identify that `re.compile` compiles `input` and afterwards + * executes `re`'s `match`. As a result, `this` will refer to `pattern.match(s)` + * and `this.getRegexNode()` will return the node for `input` (`re.compile`'s first argument). + * + * + * See `RegexExecutionMethods` + * + * See https://docs.python.org/3/library/re.html#regular-expression-objects + */ + private class CompiledRegexExecution extends DataFlow::MethodCallNode, RegexExecution::Range { + DataFlow::Node regexNode; + RegexExecutionMethod method; + + CompiledRegexExecution() { this.calls(compiledRegex(regexNode), method) } + + override DataFlow::Node getRegex() { result = regexNode } + + override DataFlow::Node getString() { + result in [this.getArg(method.getStringArgIndex() - 1), this.getArgByName("string")] + } + + override string getName() { result = "re." + method } + } + + /** + * A call to 're.escape'. + * See https://docs.python.org/3/library/re.html#re.escape + */ + private class ReEscapeCall extends Escaping::Range, DataFlow::CallCfgNode { + ReEscapeCall() { this = API::moduleImport("re").getMember("escape").getACall() } + + override DataFlow::Node getAnInput() { + result in [this.getArg(0), this.getArgByName("pattern")] + } + + override DataFlow::Node getOutput() { result = this } + + override string getKind() { result = Escaping::getRegexKind() } + } } // --------------------------------------------------------------------------- diff --git a/python/ql/lib/semmle/python/frameworks/Tornado.qll b/python/ql/lib/semmle/python/frameworks/Tornado.qll index ba4898facc8..91ae3ac2575 100644 --- a/python/ql/lib/semmle/python/frameworks/Tornado.qll +++ b/python/ql/lib/semmle/python/frameworks/Tornado.qll @@ -318,7 +318,7 @@ private module Tornado { ] } - override string getMethodName() { result in ["full_url"] } + override string getMethodName() { result = "full_url" } override string getAsyncMethodName() { none() } } diff --git a/python/ql/lib/semmle/python/frameworks/Werkzeug.qll b/python/ql/lib/semmle/python/frameworks/Werkzeug.qll index 039481f8522..e9e3f257871 100644 --- a/python/ql/lib/semmle/python/frameworks/Werkzeug.qll +++ b/python/ql/lib/semmle/python/frameworks/Werkzeug.qll @@ -58,7 +58,7 @@ module Werkzeug { override string getAttributeName() { none() } - override string getMethodName() { result in ["getlist"] } + override string getMethodName() { result = "getlist" } override string getAsyncMethodName() { none() } } diff --git a/python/ql/lib/semmle/python/frameworks/Yarl.qll b/python/ql/lib/semmle/python/frameworks/Yarl.qll index 00b0911471b..5ea78c1ac8e 100644 --- a/python/ql/lib/semmle/python/frameworks/Yarl.qll +++ b/python/ql/lib/semmle/python/frameworks/Yarl.qll @@ -68,7 +68,7 @@ module Yarl { ] } - override string getMethodName() { result in ["human_repr"] } + override string getMethodName() { result = "human_repr" } override string getAsyncMethodName() { none() } } diff --git a/python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSCustomizations.qll index cbaf3b982e9..b92ff341ec8 100644 --- a/python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSCustomizations.qll +++ b/python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSCustomizations.qll @@ -60,8 +60,8 @@ module PolynomialReDoS { RegExpTerm t; RegexExecutionAsSink() { - exists(CompiledRegexes::RegexExecution re | - re.getRegexNode().asExpr() = t.getRegex() and + exists(RegexExecution re | + re.getRegex().asExpr() = t.getRegex() and this = re.getString() ) and t.isRootTerm() @@ -76,137 +76,3 @@ module PolynomialReDoS { */ class StringConstCompareAsSanitizerGuard extends SanitizerGuard, StringConstCompare { } } - -/** Helper module for tracking compiled regexes. */ -private module CompiledRegexes { - // TODO: This module should be refactored and merged with the experimental work done on detecting - // regex injections, such that this can be expressed from just using a concept. - /** A configuration for finding uses of compiled regexes. */ - class RegexDefinitionConfiguration extends DataFlow2::Configuration { - RegexDefinitionConfiguration() { this = "RegexDefinitionConfiguration" } - - override predicate isSource(DataFlow::Node source) { source instanceof RegexDefinitonSource } - - override predicate isSink(DataFlow::Node sink) { sink instanceof RegexDefinitionSink } - } - - /** A regex compilation. */ - class RegexDefinitonSource extends DataFlow::CallCfgNode { - DataFlow::Node regexNode; - - RegexDefinitonSource() { - this = API::moduleImport("re").getMember("compile").getACall() and - regexNode in [this.getArg(0), this.getArgByName("pattern")] - } - - /** Gets the regex that is being compiled by this node. */ - RegExpTerm getRegExp() { result.getRegex() = regexNode.asExpr() and result.isRootTerm() } - - /** Gets the data flow node for the regex being compiled by this node. */ - DataFlow::Node getRegexNode() { result = regexNode } - } - - /** A use of a compiled regex. */ - class RegexDefinitionSink extends DataFlow::Node { - RegexExecutionMethod method; - DataFlow::CallCfgNode executingCall; - - RegexDefinitionSink() { - exists(DataFlow::AttrRead reMethod | - executingCall.getFunction() = reMethod and - reMethod.getAttributeName() = method and - this = reMethod.getObject() - ) - } - - /** Gets the method used to execute the regex. */ - RegexExecutionMethod getMethod() { result = method } - - /** Gets the data flow node for the executing call. */ - DataFlow::CallCfgNode getExecutingCall() { result = executingCall } - } - - /** A data flow node executing a regex. */ - abstract class RegexExecution extends DataFlow::Node { - /** Gets the data flow node for the regex being compiled by this node. */ - abstract DataFlow::Node getRegexNode(); - - /** Gets a dataflow node for the string to be searched or matched against. */ - abstract DataFlow::Node getString(); - } - - private class RegexExecutionMethod extends string { - RegexExecutionMethod() { - this in ["match", "fullmatch", "search", "split", "findall", "finditer", "sub", "subn"] - } - } - - /** Gets the index of the argument representing the string to be searched by a regex. */ - int stringArg(RegexExecutionMethod method) { - method in ["match", "fullmatch", "search", "split", "findall", "finditer"] and - result = 1 - or - method in ["sub", "subn"] and - result = 2 - } - - /** - * A class to find `re` methods immediately executing an expression. - * - * See `RegexExecutionMethods` - */ - class DirectRegex extends DataFlow::CallCfgNode, RegexExecution { - RegexExecutionMethod method; - - DirectRegex() { this = API::moduleImport("re").getMember(method).getACall() } - - override DataFlow::Node getRegexNode() { - result in [this.getArg(0), this.getArgByName("pattern")] - } - - override DataFlow::Node getString() { - result in [this.getArg(stringArg(method)), this.getArgByName("string")] - } - } - - /** - * A class to find `re` methods immediately executing a compiled expression by `re.compile`. - * - * Given the following example: - * - * ```py - * pattern = re.compile(input) - * pattern.match(s) - * ``` - * - * This class will identify that `re.compile` compiles `input` and afterwards - * executes `re`'s `match`. As a result, `this` will refer to `pattern.match(s)` - * and `this.getRegexNode()` will return the node for `input` (`re.compile`'s first argument) - * - * - * See `RegexExecutionMethods` - * - * See https://docs.python.org/3/library/re.html#regular-expression-objects - */ - private class CompiledRegex extends DataFlow::CallCfgNode, RegexExecution { - DataFlow::Node regexNode; - RegexExecutionMethod method; - - CompiledRegex() { - exists( - RegexDefinitionConfiguration conf, RegexDefinitonSource source, RegexDefinitionSink sink - | - conf.hasFlow(source, sink) and - regexNode = source.getRegexNode() and - method = sink.getMethod() and - this = sink.getExecutingCall() - ) - } - - override DataFlow::Node getRegexNode() { result = regexNode } - - override DataFlow::Node getString() { - result in [this.getArg(stringArg(method) - 1), this.getArgByName("string")] - } - } -} diff --git a/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll index 0e5410a8be2..93363d3409a 100644 --- a/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll +++ b/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll @@ -59,7 +59,7 @@ module ReflectedXSS { class HtmlEscapingAsSanitizer extends Sanitizer { HtmlEscapingAsSanitizer() { // TODO: For now, since there is not an `isSanitizingStep` member-predicate part of a - // `TaintTracking::Configuration`, we use treat the output is a taint-sanitizer. This + // `TaintTracking::Configuration`, we treat the output as a taint-sanitizer. This // is slightly imprecise, which you can see in the `m_unsafe + SAFE` test-case in // python/ql/test/library-tests/frameworks/markupsafe/taint_test.py // diff --git a/python/ql/lib/semmle/python/security/injection/RegexInjection.qll b/python/ql/lib/semmle/python/security/injection/RegexInjection.qll new file mode 100644 index 00000000000..80601bd638f --- /dev/null +++ b/python/ql/lib/semmle/python/security/injection/RegexInjection.qll @@ -0,0 +1,37 @@ +/** + * Provides a taint-tracking configuration for detecting regular expression injection + * vulnerabilities. + * + * Note, for performance reasons: only import this file if + * `RegexInjection::Configuration` is needed, otherwise + * `RegexInjectionCustomizations` should be imported instead. + */ + +private import python +import semmle.python.dataflow.new.DataFlow +import semmle.python.dataflow.new.TaintTracking + +/** + * Provides a taint-tracking configuration for detecting regular expression injection + * vulnerabilities. + */ +module RegexInjection { + import RegexInjectionCustomizations::RegexInjection + + /** + * A taint-tracking configuration for detecting "reflected server-side cross-site scripting" vulnerabilities. + */ + class Configuration extends TaintTracking::Configuration { + Configuration() { this = "RegexInjection" } + + override predicate isSource(DataFlow::Node source) { source instanceof Source } + + override predicate isSink(DataFlow::Node sink) { sink instanceof Sink } + + override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer } + + override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { + guard instanceof SanitizerGuard + } + } +} diff --git a/python/ql/lib/semmle/python/security/injection/RegexInjectionCustomizations.qll b/python/ql/lib/semmle/python/security/injection/RegexInjectionCustomizations.qll new file mode 100644 index 00000000000..c26bae1c1b4 --- /dev/null +++ b/python/ql/lib/semmle/python/security/injection/RegexInjectionCustomizations.qll @@ -0,0 +1,62 @@ +/** + * Provides default sources, sinks and sanitizers for detecting + * "regular expression injection" + * vulnerabilities, as well as extension points for adding your own. + */ + +private import python +private import semmle.python.Concepts +private import semmle.python.dataflow.new.DataFlow +private import semmle.python.dataflow.new.TaintTracking +private import semmle.python.dataflow.new.RemoteFlowSources + +/** + * Provides default sources, sinks and sanitizers for detecting + * "regular expression injection" + * vulnerabilities, as well as extension points for adding your own. + */ +module RegexInjection { + /** + * A data flow source for "regular expression injection" vulnerabilities. + */ + abstract class Source extends DataFlow::Node { } + + /** + * A sink for "regular expression injection" vulnerabilities is the execution of a regular expression. + * If you have a custom way to execute regular expressions, you can extend `RegexExecution::Range`. + */ + class Sink extends DataFlow::Node { + RegexExecution regexExecution; + + Sink() { this = regexExecution.getRegex() } + + /** Gets the call that executes the regular expression marked by this sink. */ + RegexExecution getRegexExecution() { result = regexExecution } + } + + /** + * A sanitizer for "regular expression injection" vulnerabilities. + */ + abstract class Sanitizer extends DataFlow::Node { } + + /** + * A sanitizer guard for "regular expression injection" vulnerabilities. + */ + abstract class SanitizerGuard extends DataFlow::BarrierGuard { } + + /** + * A source of remote user input, considered as a flow source. + */ + class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { } + + /** + * A regex escaping, considered as a sanitizer. + */ + class RegexEscapingAsSanitizer extends Sanitizer { + RegexEscapingAsSanitizer() { + // Due to use-use flow, we want the output rather than an input + // (so the input can still flow to other sinks). + this = any(RegexEscaping esc).getOutput() + } + } +} diff --git a/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll b/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll index 12b7559615d..2cd324ed8f7 100644 --- a/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll +++ b/python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll @@ -477,7 +477,7 @@ private module CharacterClasses { result = ["0", "9"] or cc.getValue() = "s" and - result = [" "] + result = " " or cc.getValue() = "w" and result = ["a", "Z", "_", "0", "9"] @@ -490,7 +490,7 @@ private module CharacterClasses { result = "9" or cc.getValue() = "s" and - result = [" "] + result = " " or cc.getValue() = "w" and result = "a" diff --git a/python/ql/lib/semmle/python/templates/PyxlTags.qll b/python/ql/lib/semmle/python/templates/PyxlTags.qll index f0e663cdad0..abfef070d78 100644 --- a/python/ql/lib/semmle/python/templates/PyxlTags.qll +++ b/python/ql/lib/semmle/python/templates/PyxlTags.qll @@ -29,7 +29,7 @@ private predicate pyxl_tag(Call c, string name) { } class PyxlHtmlTag extends PyxlTag { - PyxlHtmlTag() { this.getPyxlTagName().prefix(2) = "x_" } + PyxlHtmlTag() { this.getPyxlTagName().matches("x\\_%") } string getTagName() { result = this.getPyxlTagName().suffix(2) } diff --git a/python/ql/lib/semmle/python/web/Http.qll b/python/ql/lib/semmle/python/web/Http.qll index 527a050d814..fc1b1bc5756 100644 --- a/python/ql/lib/semmle/python/web/Http.qll +++ b/python/ql/lib/semmle/python/web/Http.qll @@ -33,7 +33,7 @@ class WsgiEnvironment extends TaintKind { ( text = "QUERY_STRING" or text = "PATH_INFO" or - text.prefix(5) = "HTTP_" + text.matches("HTTP\\_%") ) ) } diff --git a/python/ql/lib/semmle/python/xml/XML.qll b/python/ql/lib/semmle/python/xml/XML.qll index 4c762f4bf65..76f3b3cb022 100755 --- a/python/ql/lib/semmle/python/xml/XML.qll +++ b/python/ql/lib/semmle/python/xml/XML.qll @@ -108,7 +108,7 @@ class XMLParent extends @xmlparent { } /** Gets the text value contained in this XML parent. */ - string getTextValue() { result = allCharactersString() } + string getTextValue() { result = this.allCharactersString() } /** Gets a printable representation of this XML parent. */ string toString() { result = this.getName() } @@ -119,7 +119,7 @@ class XMLFile extends XMLParent, File { XMLFile() { xmlEncoding(this, _) } /** Gets a printable representation of this XML file. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } /** Gets the name of this XML file. */ override string getName() { result = File.super.getAbsolutePath() } @@ -129,14 +129,14 @@ class XMLFile extends XMLParent, File { * * Gets the path of this XML file. */ - deprecated string getPath() { result = getAbsolutePath() } + deprecated string getPath() { result = this.getAbsolutePath() } /** * DEPRECATED: Use `getParentContainer().getAbsolutePath()` instead. * * Gets the path of the folder that contains this XML file. */ - deprecated string getFolder() { result = getParentContainer().getAbsolutePath() } + deprecated string getFolder() { result = this.getParentContainer().getAbsolutePath() } /** Gets the encoding of this XML file. */ string getEncoding() { xmlEncoding(this, result) } @@ -200,7 +200,7 @@ class XMLDTD extends XMLLocatable, @xmldtd { */ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { /** Holds if this XML element has the given `name`. */ - predicate hasName(string name) { name = getName() } + predicate hasName(string name) { name = this.getName() } /** Gets the name of this XML element. */ override string getName() { xmlElements(this, result, _, _, _) } @@ -239,7 +239,7 @@ class XMLElement extends @xmlelement, XMLParent, XMLLocatable { string getAttributeValue(string name) { result = this.getAttribute(name).getValue() } /** Gets a printable representation of this XML element. */ - override string toString() { result = getName() } + override string toString() { result = this.getName() } } /** diff --git a/python/ql/lib/tutorial.qll b/python/ql/lib/tutorial.qll new file mode 100644 index 00000000000..8cb1797a532 --- /dev/null +++ b/python/ql/lib/tutorial.qll @@ -0,0 +1,1207 @@ +/** + * This library is used in the QL detective tutorials. + * + * Note: Data is usually stored in a separate database and the QL libraries only contain predicates, + * but for this tutorial both the data and the predicates are stored in the library. + */ +class Person extends string { + Person() { + this = "Ronil" or + this = "Dina" or + this = "Ravi" or + this = "Bruce" or + this = "Jo" or + this = "Aida" or + this = "Esme" or + this = "Charlie" or + this = "Fred" or + this = "Meera" or + this = "Maya" or + this = "Chad" or + this = "Tiana" or + this = "Laura" or + this = "George" or + this = "Will" or + this = "Mary" or + this = "Almira" or + this = "Susannah" or + this = "Rhoda" or + this = "Cynthia" or + this = "Eunice" or + this = "Olive" or + this = "Virginia" or + this = "Angeline" or + this = "Helen" or + this = "Cornelia" or + this = "Harriet" or + this = "Mahala" or + this = "Abby" or + this = "Margaret" or + this = "Deb" or + this = "Minerva" or + this = "Severus" or + this = "Lavina" or + this = "Adeline" or + this = "Cath" or + this = "Elisa" or + this = "Lucretia" or + this = "Anne" or + this = "Eleanor" or + this = "Joanna" or + this = "Adam" or + this = "Agnes" or + this = "Rosanna" or + this = "Clara" or + this = "Melissa" or + this = "Amy" or + this = "Isabel" or + this = "Jemima" or + this = "Cordelia" or + this = "Melinda" or + this = "Delila" or + this = "Jeremiah" or + this = "Elijah" or + this = "Hester" or + this = "Walter" or + this = "Oliver" or + this = "Hugh" or + this = "Aaron" or + this = "Reuben" or + this = "Eli" or + this = "Amos" or + this = "Augustus" or + this = "Theodore" or + this = "Ira" or + this = "Timothy" or + this = "Cyrus" or + this = "Horace" or + this = "Simon" or + this = "Asa" or + this = "Frank" or + this = "Nelson" or + this = "Leonard" or + this = "Harrison" or + this = "Anthony" or + this = "Louis" or + this = "Milton" or + this = "Noah" or + this = "Cornelius" or + this = "Abdul" or + this = "Warren" or + this = "Harvey" or + this = "Dennis" or + this = "Wesley" or + this = "Sylvester" or + this = "Gilbert" or + this = "Sullivan" or + this = "Edmund" or + this = "Wilson" or + this = "Perry" or + this = "Matthew" or + this = "Simba" or + this = "Nala" or + this = "Rafiki" or + this = "Shenzi" or + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Edwin" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" or + this = "Stephen" + } + + /** Gets the hair color of the person. If the person is bald, there is no result. */ + string getHairColor() { + this = "Ronil" and result = "black" + or + this = "Dina" and result = "black" + or + this = "Ravi" and result = "black" + or + this = "Bruce" and result = "brown" + or + this = "Jo" and result = "red" + or + this = "Aida" and result = "blond" + or + this = "Esme" and result = "blond" + or + this = "Fred" and result = "gray" + or + this = "Meera" and result = "brown" + or + this = "Maya" and result = "brown" + or + this = "Chad" and result = "brown" + or + this = "Tiana" and result = "black" + or + this = "Laura" and result = "blond" + or + this = "George" and result = "blond" + or + this = "Will" and result = "blond" + or + this = "Mary" and result = "blond" + or + this = "Almira" and result = "black" + or + this = "Susannah" and result = "blond" + or + this = "Rhoda" and result = "blond" + or + this = "Cynthia" and result = "gray" + or + this = "Eunice" and result = "white" + or + this = "Olive" and result = "brown" + or + this = "Virginia" and result = "brown" + or + this = "Angeline" and result = "red" + or + this = "Helen" and result = "white" + or + this = "Cornelia" and result = "gray" + or + this = "Harriet" and result = "white" + or + this = "Mahala" and result = "black" + or + this = "Abby" and result = "red" + or + this = "Margaret" and result = "brown" + or + this = "Deb" and result = "brown" + or + this = "Minerva" and result = "brown" + or + this = "Severus" and result = "black" + or + this = "Lavina" and result = "brown" + or + this = "Adeline" and result = "brown" + or + this = "Cath" and result = "brown" + or + this = "Elisa" and result = "brown" + or + this = "Lucretia" and result = "gray" + or + this = "Anne" and result = "black" + or + this = "Eleanor" and result = "brown" + or + this = "Joanna" and result = "brown" + or + this = "Adam" and result = "black" + or + this = "Agnes" and result = "black" + or + this = "Rosanna" and result = "gray" + or + this = "Clara" and result = "blond" + or + this = "Melissa" and result = "brown" + or + this = "Amy" and result = "brown" + or + this = "Isabel" and result = "black" + or + this = "Jemima" and result = "red" + or + this = "Cordelia" and result = "red" + or + this = "Melinda" and result = "gray" + or + this = "Delila" and result = "white" + or + this = "Jeremiah" and result = "gray" + or + this = "Hester" and result = "black" + or + this = "Walter" and result = "black" + or + this = "Aaron" and result = "gray" + or + this = "Reuben" and result = "gray" + or + this = "Eli" and result = "gray" + or + this = "Amos" and result = "white" + or + this = "Augustus" and result = "white" + or + this = "Theodore" and result = "white" + or + this = "Timothy" and result = "brown" + or + this = "Cyrus" and result = "brown" + or + this = "Horace" and result = "brown" + or + this = "Simon" and result = "brown" + or + this = "Asa" and result = "brown" + or + this = "Frank" and result = "brown" + or + this = "Nelson" and result = "black" + or + this = "Leonard" and result = "black" + or + this = "Harrison" and result = "black" + or + this = "Anthony" and result = "black" + or + this = "Louis" and result = "black" + or + this = "Milton" and result = "blond" + or + this = "Noah" and result = "blond" + or + this = "Cornelius" and result = "red" + or + this = "Abdul" and result = "brown" + or + this = "Warren" and result = "red" + or + this = "Harvey" and result = "blond" + or + this = "Dennis" and result = "blond" + or + this = "Wesley" and result = "brown" + or + this = "Sylvester" and result = "brown" + or + this = "Gilbert" and result = "brown" + or + this = "Sullivan" and result = "brown" + or + this = "Edmund" and result = "brown" + or + this = "Wilson" and result = "blond" + or + this = "Perry" and result = "black" + or + this = "Simba" and result = "brown" + or + this = "Nala" and result = "brown" + or + this = "Rafiki" and result = "red" + or + this = "Shenzi" and result = "gray" + or + this = "Ernest" and result = "blond" + or + this = "Gertrude" and result = "brown" + or + this = "Oscar" and result = "blond" + or + this = "Lilian" and result = "brown" + or + this = "Raymond" and result = "brown" + or + this = "Elgar" and result = "brown" + or + this = "Elmer" and result = "brown" + or + this = "Herbert" and result = "brown" + or + this = "Maude" and result = "brown" + or + this = "Mae" and result = "brown" + or + this = "Otto" and result = "black" + or + this = "Edwin" and result = "black" + or + this = "Ophelia" and result = "brown" + or + this = "Parsley" and result = "brown" + or + this = "Sage" and result = "brown" + or + this = "Rosemary" and result = "brown" + or + this = "Thyme" and result = "brown" + or + this = "Garfunkel" and result = "brown" + or + this = "King Basil" and result = "brown" + or + this = "Stephen" and result = "black" + or + this = "Stephen" and result = "gray" + } + + /** Gets the age of the person (in years). If the person is deceased, there is no result. */ + int getAge() { + this = "Ronil" and result = 21 + or + this = "Dina" and result = 53 + or + this = "Ravi" and result = 16 + or + this = "Bruce" and result = 35 + or + this = "Jo" and result = 47 + or + this = "Aida" and result = 26 + or + this = "Esme" and result = 25 + or + this = "Charlie" and result = 31 + or + this = "Fred" and result = 68 + or + this = "Meera" and result = 62 + or + this = "Maya" and result = 29 + or + this = "Chad" and result = 49 + or + this = "Tiana" and result = 18 + or + this = "Laura" and result = 2 + or + this = "George" and result = 3 + or + this = "Will" and result = 41 + or + this = "Mary" and result = 51 + or + this = "Almira" and result = 1 + or + this = "Susannah" and result = 97 + or + this = "Rhoda" and result = 39 + or + this = "Cynthia" and result = 89 + or + this = "Eunice" and result = 83 + or + this = "Olive" and result = 25 + or + this = "Virginia" and result = 52 + or + this = "Angeline" and result = 22 + or + this = "Helen" and result = 79 + or + this = "Cornelia" and result = 59 + or + this = "Harriet" and result = 57 + or + this = "Mahala" and result = 61 + or + this = "Abby" and result = 24 + or + this = "Margaret" and result = 59 + or + this = "Deb" and result = 31 + or + this = "Minerva" and result = 72 + or + this = "Severus" and result = 61 + or + this = "Lavina" and result = 33 + or + this = "Adeline" and result = 17 + or + this = "Cath" and result = 22 + or + this = "Elisa" and result = 9 + or + this = "Lucretia" and result = 56 + or + this = "Anne" and result = 11 + or + this = "Eleanor" and result = 80 + or + this = "Joanna" and result = 43 + or + this = "Adam" and result = 37 + or + this = "Agnes" and result = 47 + or + this = "Rosanna" and result = 61 + or + this = "Clara" and result = 31 + or + this = "Melissa" and result = 37 + or + this = "Amy" and result = 12 + or + this = "Isabel" and result = 6 + or + this = "Jemima" and result = 16 + or + this = "Cordelia" and result = 21 + or + this = "Melinda" and result = 55 + or + this = "Delila" and result = 66 + or + this = "Jeremiah" and result = 54 + or + this = "Elijah" and result = 42 + or + this = "Hester" and result = 68 + or + this = "Walter" and result = 66 + or + this = "Oliver" and result = 33 + or + this = "Hugh" and result = 51 + or + this = "Aaron" and result = 49 + or + this = "Reuben" and result = 58 + or + this = "Eli" and result = 70 + or + this = "Amos" and result = 65 + or + this = "Augustus" and result = 56 + or + this = "Theodore" and result = 69 + or + this = "Ira" and result = 1 + or + this = "Timothy" and result = 54 + or + this = "Cyrus" and result = 78 + or + this = "Horace" and result = 34 + or + this = "Simon" and result = 23 + or + this = "Asa" and result = 28 + or + this = "Frank" and result = 59 + or + this = "Nelson" and result = 38 + or + this = "Leonard" and result = 58 + or + this = "Harrison" and result = 7 + or + this = "Anthony" and result = 2 + or + this = "Louis" and result = 34 + or + this = "Milton" and result = 36 + or + this = "Noah" and result = 48 + or + this = "Cornelius" and result = 41 + or + this = "Abdul" and result = 67 + or + this = "Warren" and result = 47 + or + this = "Harvey" and result = 31 + or + this = "Dennis" and result = 39 + or + this = "Wesley" and result = 13 + or + this = "Sylvester" and result = 19 + or + this = "Gilbert" and result = 16 + or + this = "Sullivan" and result = 17 + or + this = "Edmund" and result = 29 + or + this = "Wilson" and result = 27 + or + this = "Perry" and result = 31 + or + this = "Matthew" and result = 55 + or + this = "Simba" and result = 8 + or + this = "Nala" and result = 7 + or + this = "Rafiki" and result = 76 + or + this = "Shenzi" and result = 67 + } + + /** Gets the height of the person (in cm). If the person is deceased, there is no result. */ + float getHeight() { + this = "Ronil" and result = 183.0 + or + this = "Dina" and result = 155.1 + or + this = "Ravi" and result = 175.2 + or + this = "Bruce" and result = 191.3 + or + this = "Jo" and result = 163.4 + or + this = "Aida" and result = 182.6 + or + this = "Esme" and result = 176.9 + or + this = "Charlie" and result = 189.7 + or + this = "Fred" and result = 179.4 + or + this = "Meera" and result = 160.1 + or + this = "Maya" and result = 153.0 + or + this = "Chad" and result = 168.5 + or + this = "Tiana" and result = 149.7 + or + this = "Laura" and result = 87.5 + or + this = "George" and result = 96.4 + or + this = "Will" and result = 167.1 + or + this = "Mary" and result = 159.8 + or + this = "Almira" and result = 62.1 + or + this = "Susannah" and result = 145.8 + or + this = "Rhoda" and result = 180.1 + or + this = "Cynthia" and result = 161.8 + or + this = "Eunice" and result = 153.2 + or + this = "Olive" and result = 179.9 + or + this = "Virginia" and result = 165.1 + or + this = "Angeline" and result = 172.3 + or + this = "Helen" and result = 163.1 + or + this = "Cornelia" and result = 160.8 + or + this = "Harriet" and result = 163.2 + or + this = "Mahala" and result = 157.7 + or + this = "Abby" and result = 174.5 + or + this = "Margaret" and result = 165.6 + or + this = "Deb" and result = 171.6 + or + this = "Minerva" and result = 168.7 + or + this = "Severus" and result = 188.8 + or + this = "Lavina" and result = 155.1 + or + this = "Adeline" and result = 165.5 + or + this = "Cath" and result = 147.8 + or + this = "Elisa" and result = 129.4 + or + this = "Lucretia" and result = 153.6 + or + this = "Anne" and result = 140.4 + or + this = "Eleanor" and result = 151.1 + or + this = "Joanna" and result = 167.2 + or + this = "Adam" and result = 155.5 + or + this = "Agnes" and result = 156.8 + or + this = "Rosanna" and result = 162.4 + or + this = "Clara" and result = 158.6 + or + this = "Melissa" and result = 182.3 + or + this = "Amy" and result = 147.1 + or + this = "Isabel" and result = 121.4 + or + this = "Jemima" and result = 149.8 + or + this = "Cordelia" and result = 151.7 + or + this = "Melinda" and result = 154.4 + or + this = "Delila" and result = 163.4 + or + this = "Jeremiah" and result = 167.5 + or + this = "Elijah" and result = 184.5 + or + this = "Hester" and result = 152.7 + or + this = "Walter" and result = 159.6 + or + this = "Oliver" and result = 192.4 + or + this = "Hugh" and result = 173.1 + or + this = "Aaron" and result = 176.6 + or + this = "Reuben" and result = 169.9 + or + this = "Eli" and result = 180.4 + or + this = "Amos" and result = 167.4 + or + this = "Augustus" and result = 156.5 + or + this = "Theodore" and result = 176.6 + or + this = "Ira" and result = 54.1 + or + this = "Timothy" and result = 172.2 + or + this = "Cyrus" and result = 157.9 + or + this = "Horace" and result = 169.3 + or + this = "Simon" and result = 157.1 + or + this = "Asa" and result = 149.4 + or + this = "Frank" and result = 167.2 + or + this = "Nelson" and result = 173.0 + or + this = "Leonard" and result = 172.0 + or + this = "Harrison" and result = 126.0 + or + this = "Anthony" and result = 98.4 + or + this = "Louis" and result = 186.8 + or + this = "Milton" and result = 157.8 + or + this = "Noah" and result = 190.5 + or + this = "Cornelius" and result = 183.1 + or + this = "Abdul" and result = 182.0 + or + this = "Warren" and result = 175.0 + or + this = "Harvey" and result = 169.3 + or + this = "Dennis" and result = 160.4 + or + this = "Wesley" and result = 139.8 + or + this = "Sylvester" and result = 188.2 + or + this = "Gilbert" and result = 177.6 + or + this = "Sullivan" and result = 168.3 + or + this = "Edmund" and result = 159.2 + or + this = "Wilson" and result = 167.6 + or + this = "Perry" and result = 189.1 + or + this = "Matthew" and result = 167.2 + or + this = "Simba" and result = 140.1 + or + this = "Nala" and result = 138.0 + or + this = "Rafiki" and result = 139.3 + or + this = "Shenzi" and result = 171.1 + } + + /** Gets the location of the person's home ("north", "south", "east", or "west"). If the person is deceased, there is no result. */ + string getLocation() { + this = "Ronil" and result = "north" + or + this = "Dina" and result = "north" + or + this = "Ravi" and result = "north" + or + this = "Bruce" and result = "south" + or + this = "Jo" and result = "west" + or + this = "Aida" and result = "east" + or + this = "Esme" and result = "east" + or + this = "Charlie" and result = "south" + or + this = "Fred" and result = "west" + or + this = "Meera" and result = "south" + or + this = "Maya" and result = "south" + or + this = "Chad" and result = "south" + or + this = "Tiana" and result = "west" + or + this = "Laura" and result = "south" + or + this = "George" and result = "south" + or + this = "Will" and result = "south" + or + this = "Mary" and result = "south" + or + this = "Almira" and result = "south" + or + this = "Susannah" and result = "north" + or + this = "Rhoda" and result = "north" + or + this = "Cynthia" and result = "north" + or + this = "Eunice" and result = "north" + or + this = "Olive" and result = "west" + or + this = "Virginia" and result = "west" + or + this = "Angeline" and result = "west" + or + this = "Helen" and result = "west" + or + this = "Cornelia" and result = "east" + or + this = "Harriet" and result = "east" + or + this = "Mahala" and result = "east" + or + this = "Abby" and result = "east" + or + this = "Margaret" and result = "east" + or + this = "Deb" and result = "east" + or + this = "Minerva" and result = "south" + or + this = "Severus" and result = "north" + or + this = "Lavina" and result = "east" + or + this = "Adeline" and result = "west" + or + this = "Cath" and result = "east" + or + this = "Elisa" and result = "east" + or + this = "Lucretia" and result = "north" + or + this = "Anne" and result = "north" + or + this = "Eleanor" and result = "south" + or + this = "Joanna" and result = "south" + or + this = "Adam" and result = "east" + or + this = "Agnes" and result = "east" + or + this = "Rosanna" and result = "east" + or + this = "Clara" and result = "east" + or + this = "Melissa" and result = "west" + or + this = "Amy" and result = "west" + or + this = "Isabel" and result = "west" + or + this = "Jemima" and result = "west" + or + this = "Cordelia" and result = "west" + or + this = "Melinda" and result = "west" + or + this = "Delila" and result = "south" + or + this = "Jeremiah" and result = "north" + or + this = "Elijah" and result = "north" + or + this = "Hester" and result = "east" + or + this = "Walter" and result = "east" + or + this = "Oliver" and result = "east" + or + this = "Hugh" and result = "south" + or + this = "Aaron" and result = "south" + or + this = "Reuben" and result = "west" + or + this = "Eli" and result = "west" + or + this = "Amos" and result = "east" + or + this = "Augustus" and result = "south" + or + this = "Theodore" and result = "west" + or + this = "Ira" and result = "south" + or + this = "Timothy" and result = "north" + or + this = "Cyrus" and result = "north" + or + this = "Horace" and result = "east" + or + this = "Simon" and result = "east" + or + this = "Asa" and result = "east" + or + this = "Frank" and result = "west" + or + this = "Nelson" and result = "west" + or + this = "Leonard" and result = "west" + or + this = "Harrison" and result = "north" + or + this = "Anthony" and result = "north" + or + this = "Louis" and result = "north" + or + this = "Milton" and result = "south" + or + this = "Noah" and result = "south" + or + this = "Cornelius" and result = "east" + or + this = "Abdul" and result = "east" + or + this = "Warren" and result = "west" + or + this = "Harvey" and result = "west" + or + this = "Dennis" and result = "west" + or + this = "Wesley" and result = "west" + or + this = "Sylvester" and result = "south" + or + this = "Gilbert" and result = "east" + or + this = "Sullivan" and result = "east" + or + this = "Edmund" and result = "north" + or + this = "Wilson" and result = "north" + or + this = "Perry" and result = "west" + or + this = "Matthew" and result = "east" + or + this = "Simba" and result = "south" + or + this = "Nala" and result = "south" + or + this = "Rafiki" and result = "north" + or + this = "Shenzi" and result = "west" + } + + /** Holds if the person is deceased. */ + predicate isDeceased() { + this = "Ernest" or + this = "Gertrude" or + this = "Oscar" or + this = "Lilian" or + this = "Edwin" or + this = "Raymond" or + this = "Elgar" or + this = "Elmer" or + this = "Herbert" or + this = "Maude" or + this = "Mae" or + this = "Otto" or + this = "Ophelia" or + this = "Parsley" or + this = "Sage" or + this = "Rosemary" or + this = "Thyme" or + this = "Garfunkel" or + this = "King Basil" + } + + /** Gets a parent of the person (alive or deceased). */ + Person getAParent() { + this = "Stephen" and result = "Edmund" + or + this = "Edmund" and result = "Augustus" + or + this = "Augustus" and result = "Stephen" + or + this = "Abby" and result = "Cornelia" + or + this = "Abby" and result = "Amos" + or + this = "Abdul" and result = "Susannah" + or + this = "Adam" and result = "Amos" + or + this = "Adeline" and result = "Melinda" + or + this = "Adeline" and result = "Frank" + or + this = "Agnes" and result = "Abdul" + or + this = "Aida" and result = "Agnes" + or + this = "Almira" and result = "Sylvester" + or + this = "Amos" and result = "Eunice" + or + this = "Amy" and result = "Noah" + or + this = "Amy" and result = "Chad" + or + this = "Angeline" and result = "Reuben" + or + this = "Angeline" and result = "Lucretia" + or + this = "Anne" and result = "Rhoda" + or + this = "Anne" and result = "Louis" + or + this = "Anthony" and result = "Lavina" + or + this = "Anthony" and result = "Asa" + or + this = "Asa" and result = "Cornelia" + or + this = "Cath" and result = "Harriet" + or + this = "Charlie" and result = "Matthew" + or + this = "Clara" and result = "Ernest" + or + this = "Cornelia" and result = "Cynthia" + or + this = "Cornelius" and result = "Eli" + or + this = "Deb" and result = "Margaret" + or + this = "Dennis" and result = "Fred" + or + this = "Eli" and result = "Susannah" + or + this = "Elijah" and result = "Delila" + or + this = "Elisa" and result = "Deb" + or + this = "Elisa" and result = "Horace" + or + this = "Esme" and result = "Margaret" + or + this = "Frank" and result = "Eleanor" + or + this = "Frank" and result = "Cyrus" + or + this = "George" and result = "Maya" + or + this = "George" and result = "Wilson" + or + this = "Gilbert" and result = "Cornelius" + or + this = "Harriet" and result = "Cynthia" + or + this = "Harrison" and result = "Louis" + or + this = "Harvey" and result = "Fred" + or + this = "Helen" and result = "Susannah" + or + this = "Hester" and result = "Edwin" + or + this = "Hugh" and result = "Cyrus" + or + this = "Hugh" and result = "Helen" + or + this = "Ira" and result = "Maya" + or + this = "Ira" and result = "Wilson" + or + this = "Isabel" and result = "Perry" + or + this = "Isabel" and result = "Harvey" + or + this = "Jemima" and result = "Melinda" + or + this = "Jemima" and result = "Frank" + or + this = "Ernest" and result = "Lilian" + or + this = "Ernest" and result = "Oscar" + or + this = "Gertrude" and result = "Ophelia" + or + this = "Gertrude" and result = "Raymond" + or + this = "Lilian" and result = "Elgar" + or + this = "Lilian" and result = "Mae" + or + this = "Raymond" and result = "Elgar" + or + this = "Raymond" and result = "Mae" + or + this = "Elmer" and result = "Ophelia" + or + this = "Elmer" and result = "Raymond" + or + this = "Herbert" and result = "Ophelia" + or + this = "Herbert" and result = "Raymond" + or + this = "Maude" and result = "Ophelia" + or + this = "Maude" and result = "Raymond" + or + this = "Otto" and result = "Elgar" + or + this = "Otto" and result = "Mae" + or + this = "Edwin" and result = "Otto" + or + this = "Parsley" and result = "Simon" + or + this = "Parsley" and result = "Garfunkel" + or + this = "Sage" and result = "Simon" + or + this = "Sage" and result = "Garfunkel" + or + this = "Rosemary" and result = "Simon" + or + this = "Rosemary" and result = "Garfunkel" + or + this = "Thyme" and result = "Simon" + or + this = "Thyme" and result = "Garfunkel" + or + this = "King Basil" and result = "Ophelia" + or + this = "King Basil" and result = "Raymond" + or + this = "Jo" and result = "Theodore" + or + this = "Joanna" and result = "Shenzi" + or + this = "Laura" and result = "Maya" + or + this = "Laura" and result = "Wilson" + or + this = "Lavina" and result = "Mahala" + or + this = "Lavina" and result = "Walter" + or + this = "Leonard" and result = "Cyrus" + or + this = "Leonard" and result = "Helen" + or + this = "Lucretia" and result = "Eleanor" + or + this = "Lucretia" and result = "Cyrus" + or + this = "Mahala" and result = "Eunice" + or + this = "Margaret" and result = "Cynthia" + or + this = "Matthew" and result = "Cyrus" + or + this = "Matthew" and result = "Helen" + or + this = "Maya" and result = "Meera" + or + this = "Melinda" and result = "Rafiki" + or + this = "Melissa" and result = "Mahala" + or + this = "Melissa" and result = "Walter" + or + this = "Nala" and result = "Bruce" + or + this = "Nelson" and result = "Mahala" + or + this = "Nelson" and result = "Walter" + or + this = "Noah" and result = "Eli" + or + this = "Olive" and result = "Reuben" + or + this = "Olive" and result = "Lucretia" + or + this = "Oliver" and result = "Matthew" + or + this = "Perry" and result = "Leonard" + or + this = "Ravi" and result = "Dina" + or + this = "Simba" and result = "Will" + or + this = "Simon" and result = "Margaret" + or + this = "Sullivan" and result = "Cornelius" + or + this = "Sylvester" and result = "Timothy" + or + this = "Theodore" and result = "Susannah" + or + this = "Tiana" and result = "Jo" + or + this = "Virginia" and result = "Helen" + or + this = "Warren" and result = "Shenzi" + or + this = "Wesley" and result = "Warren" + or + this = "Wesley" and result = "Jo" + or + this = "Will" and result = "Eli" + } + + /** Holds if the person is allowed in the region. Initially, all villagers are allowed in every region. */ + predicate isAllowedIn(string region) { + region = "north" or + region = "south" or + region = "east" or + region = "west" + } +} + +/** Returns a parent of the person. */ +Person parentOf(Person p) { result = p.getAParent() } diff --git a/python/ql/src/Functions/SignatureSpecialMethods.ql b/python/ql/src/Functions/SignatureSpecialMethods.ql index 87aeeae51ff..f240f0e5087 100644 --- a/python/ql/src/Functions/SignatureSpecialMethods.ql +++ b/python/ql/src/Functions/SignatureSpecialMethods.ql @@ -132,12 +132,12 @@ predicate incorrect_special_method_defn( else if required < func.minParameters() then message = "Too many parameters" and show_counts = true - else - if func.minParameters() < required and not func.getScope().hasVarArg() - then - message = (required - func.minParameters()) + " default values(s) will never be used" and - show_counts = false - else none() + else ( + func.minParameters() < required and + not func.getScope().hasVarArg() and + message = (required - func.minParameters()) + " default values(s) will never be used" and + show_counts = false + ) ) } diff --git a/python/ql/src/experimental/Security/CWE-730/RegexInjection.qhelp b/python/ql/src/Security/CWE-730/RegexInjection.qhelp similarity index 100% rename from python/ql/src/experimental/Security/CWE-730/RegexInjection.qhelp rename to python/ql/src/Security/CWE-730/RegexInjection.qhelp diff --git a/python/ql/src/experimental/Security/CWE-730/RegexInjection.ql b/python/ql/src/Security/CWE-730/RegexInjection.ql similarity index 58% rename from python/ql/src/experimental/Security/CWE-730/RegexInjection.ql rename to python/ql/src/Security/CWE-730/RegexInjection.ql index 7725f636eb0..0dfb5b00d52 100644 --- a/python/ql/src/experimental/Security/CWE-730/RegexInjection.ql +++ b/python/ql/src/Security/CWE-730/RegexInjection.ql @@ -5,25 +5,24 @@ * exponential time on certain inputs. * @kind path-problem * @problem.severity error + * @precision high * @id py/regex-injection * @tags security * external/cwe/cwe-730 * external/cwe/cwe-400 */ -// determine precision above import python -import experimental.semmle.python.security.injection.RegexInjection +private import semmle.python.Concepts +import semmle.python.security.injection.RegexInjection import DataFlow::PathGraph from - RegexInjectionFlowConfig config, DataFlow::PathNode source, DataFlow::PathNode sink, - RegexInjectionSink regexInjectionSink, Attribute methodAttribute + RegexInjection::Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink, + RegexExecution regexExecution where config.hasFlowPath(source, sink) and - regexInjectionSink = sink.getNode() and - methodAttribute = regexInjectionSink.getRegexMethod() + regexExecution = sink.getNode().(RegexInjection::Sink).getRegexExecution() select sink.getNode(), source, sink, "$@ regular expression is constructed from a $@ and executed by $@.", sink.getNode(), "This", - source.getNode(), "user-provided value", methodAttribute, - regexInjectionSink.getRegexModule() + "." + methodAttribute.getName() + source.getNode(), "user-provided value", regexExecution, regexExecution.getName() diff --git a/python/ql/src/experimental/Security/CWE-730/re_bad.py b/python/ql/src/Security/CWE-730/re_bad.py similarity index 100% rename from python/ql/src/experimental/Security/CWE-730/re_bad.py rename to python/ql/src/Security/CWE-730/re_bad.py diff --git a/python/ql/src/experimental/Security/CWE-730/re_good.py b/python/ql/src/Security/CWE-730/re_good.py similarity index 100% rename from python/ql/src/experimental/Security/CWE-730/re_good.py rename to python/ql/src/Security/CWE-730/re_good.py diff --git a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql index cd00908fe05..895352be75c 100644 --- a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql +++ b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql @@ -88,7 +88,7 @@ class CredentialSink extends TaintSink { CredentialSink() { exists(string name | name.regexpMatch(getACredentialRegex()) and - not name.suffix(name.length() - 4) = "file" + not name.matches("%file") | any(FunctionValue func).getNamedArgumentForCall(_, name) = this or diff --git a/python/ql/src/analysis/Consistency.ql b/python/ql/src/analysis/Consistency.ql index a504216a252..698a3d95b3a 100644 --- a/python/ql/src/analysis/Consistency.ql +++ b/python/ql/src/analysis/Consistency.ql @@ -141,7 +141,7 @@ predicate builtin_object_consistency(string clsname, string problem, string what or not exists(o.toString()) and problem = "no toString" and - not exists(string name | name.prefix(7) = "_semmle" | py_special_objects(o, name)) and + not exists(string name | name.matches("\\_semmle%") | py_special_objects(o, name)) and not o = unknownValue() ) } diff --git a/python/ql/src/experimental/semmle/python/Concepts.qll b/python/ql/src/experimental/semmle/python/Concepts.qll index d0f021ee5fd..cd6d4f7be62 100644 --- a/python/ql/src/experimental/semmle/python/Concepts.qll +++ b/python/ql/src/experimental/semmle/python/Concepts.qll @@ -44,73 +44,6 @@ class LogOutput extends DataFlow::Node { DataFlow::Node getAnInput() { result = range.getAnInput() } } -/** Provides classes for modeling Regular Expression-related APIs. */ -module RegexExecution { - /** - * A data-flow node that executes a regular expression. - * - * Extend this class to model new APIs. If you want to refine existing API models, - * extend `RegexExecution` instead. - */ - abstract class Range extends DataFlow::Node { - /** - * Gets the argument containing the executed expression. - */ - abstract DataFlow::Node getRegexNode(); - - /** - * Gets the library used to execute the regular expression. - */ - abstract string getRegexModule(); - } -} - -/** - * A data-flow node that executes a regular expression. - * - * Extend this class to refine existing API models. If you want to model new APIs, - * extend `RegexExecution::Range` instead. - */ -class RegexExecution extends DataFlow::Node { - RegexExecution::Range range; - - RegexExecution() { this = range } - - DataFlow::Node getRegexNode() { result = range.getRegexNode() } - - string getRegexModule() { result = range.getRegexModule() } -} - -/** Provides classes for modeling Regular Expression escape-related APIs. */ -module RegexEscape { - /** - * A data-flow node that escapes a regular expression. - * - * Extend this class to model new APIs. If you want to refine existing API models, - * extend `RegexEscape` instead. - */ - abstract class Range extends DataFlow::Node { - /** - * Gets the argument containing the escaped expression. - */ - abstract DataFlow::Node getRegexNode(); - } -} - -/** - * A data-flow node that escapes a regular expression. - * - * Extend this class to refine existing API models. If you want to model new APIs, - * extend `RegexEscape::Range` instead. - */ -class RegexEscape extends DataFlow::Node { - RegexEscape::Range range; - - RegexEscape() { this = range } - - DataFlow::Node getRegexNode() { result = range.getRegexNode() } -} - /** Provides classes for modeling LDAP query execution-related APIs. */ module LDAPQuery { /** diff --git a/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll b/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll index b3b70f43394..420caf0d73b 100644 --- a/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll +++ b/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll @@ -9,91 +9,3 @@ private import semmle.python.dataflow.new.TaintTracking private import semmle.python.dataflow.new.RemoteFlowSources private import experimental.semmle.python.Concepts private import semmle.python.ApiGraphs - -/** - * Provides models for Python's `re` library. - * - * See https://docs.python.org/3/library/re.html - */ -private module Re { - /** - * List of `re` methods immediately executing an expression. - * - * See https://docs.python.org/3/library/re.html#module-contents - */ - private class RegexExecutionMethods extends string { - RegexExecutionMethods() { - this in ["match", "fullmatch", "search", "split", "findall", "finditer", "sub", "subn"] - } - } - - /** - * A class to find `re` methods immediately executing an expression. - * - * See `RegexExecutionMethods` - */ - private class DirectRegex extends DataFlow::CallCfgNode, RegexExecution::Range { - DataFlow::Node regexNode; - - DirectRegex() { - this = API::moduleImport("re").getMember(any(RegexExecutionMethods m)).getACall() and - regexNode = this.getArg(0) - } - - override DataFlow::Node getRegexNode() { result = regexNode } - - override string getRegexModule() { result = "re" } - } - - /** - * A class to find `re` methods immediately executing a compiled expression by `re.compile`. - * - * Given the following example: - * - * ```py - * pattern = re.compile(input) - * pattern.match(s) - * ``` - * - * This class will identify that `re.compile` compiles `input` and afterwards - * executes `re`'s `match`. As a result, `this` will refer to `pattern.match(s)` - * and `this.getRegexNode()` will return the node for `input` (`re.compile`'s first argument) - * - * - * See `RegexExecutionMethods` - * - * See https://docs.python.org/3/library/re.html#regular-expression-objects - */ - private class CompiledRegex extends DataFlow::MethodCallNode, RegexExecution::Range { - DataFlow::Node regexNode; - - CompiledRegex() { - exists(DataFlow::MethodCallNode patternCall | - patternCall = API::moduleImport("re").getMember("compile").getACall() and - patternCall.flowsTo(this.getObject()) and - this.getMethodName() instanceof RegexExecutionMethods and - regexNode = patternCall.getArg(0) - ) - } - - override DataFlow::Node getRegexNode() { result = regexNode } - - override string getRegexModule() { result = "re" } - } - - /** - * A class to find `re` methods escaping an expression. - * - * See https://docs.python.org/3/library/re.html#re.escape - */ - class ReEscape extends DataFlow::CallCfgNode, RegexEscape::Range { - DataFlow::Node regexNode; - - ReEscape() { - this = API::moduleImport("re").getMember("escape").getACall() and - regexNode = this.getArg(0) - } - - override DataFlow::Node getRegexNode() { result = regexNode } - } -} diff --git a/python/ql/src/experimental/semmle/python/security/injection/RegexInjection.qll b/python/ql/src/experimental/semmle/python/security/injection/RegexInjection.qll deleted file mode 100644 index 7b7b08cacab..00000000000 --- a/python/ql/src/experimental/semmle/python/security/injection/RegexInjection.qll +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Provides a taint-tracking configuration for detecting regular expression injection - * vulnerabilities. - */ - -import python -import experimental.semmle.python.Concepts -import semmle.python.dataflow.new.DataFlow -import semmle.python.dataflow.new.TaintTracking -import semmle.python.dataflow.new.RemoteFlowSources - -/** - * A class to find methods executing regular expressions. - * - * See `RegexExecution` - */ -class RegexInjectionSink extends DataFlow::Node { - string regexModule; - Attribute regexMethod; - - RegexInjectionSink() { - exists(RegexExecution reExec | - this = reExec.getRegexNode() and - regexModule = reExec.getRegexModule() and - regexMethod = reExec.(DataFlow::CallCfgNode).getFunction().asExpr().(Attribute) - ) - } - - /** - * Gets the argument containing the executed expression. - */ - string getRegexModule() { result = regexModule } - - /** - * Gets the method used to execute the regular expression. - */ - Attribute getRegexMethod() { result = regexMethod } -} - -/** - * A taint-tracking configuration for detecting regular expression injections. - */ -class RegexInjectionFlowConfig extends TaintTracking::Configuration { - RegexInjectionFlowConfig() { this = "RegexInjectionFlowConfig" } - - override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } - - override predicate isSink(DataFlow::Node sink) { sink instanceof RegexInjectionSink } - - override predicate isSanitizer(DataFlow::Node sanitizer) { - sanitizer = any(RegexEscape reEscape).getRegexNode() - } -} diff --git a/python/ql/test/experimental/meta/ConceptsTest.qll b/python/ql/test/experimental/meta/ConceptsTest.qll index de53f053eb9..3ba52ddabde 100644 --- a/python/ql/test/experimental/meta/ConceptsTest.qll +++ b/python/ql/test/experimental/meta/ConceptsTest.qll @@ -96,7 +96,7 @@ class EncodingTest extends InlineExpectationsTest { class LoggingTest extends InlineExpectationsTest { LoggingTest() { this = "LoggingTest" } - override string getARelevantTag() { result in ["loggingInput"] } + override string getARelevantTag() { result = "loggingInput" } override predicate hasActualResult(Location location, string element, string tag, string value) { exists(location.getFile().getRelativePath()) and @@ -181,7 +181,7 @@ class EscapingTest extends InlineExpectationsTest { class HttpServerRouteSetupTest extends InlineExpectationsTest { HttpServerRouteSetupTest() { this = "HttpServerRouteSetupTest" } - override string getARelevantTag() { result in ["routeSetup"] } + override string getARelevantTag() { result = "routeSetup" } override predicate hasActualResult(Location location, string element, string tag, string value) { exists(location.getFile().getRelativePath()) and diff --git a/python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.qlref b/python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.qlref deleted file mode 100644 index c0c506c4707..00000000000 --- a/python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.qlref +++ /dev/null @@ -1 +0,0 @@ -experimental/Security/CWE-730/RegexInjection.ql diff --git a/python/ql/test/library-tests/PointsTo/customise/test.ql b/python/ql/test/library-tests/PointsTo/customise/test.ql index c2fceb95225..f101e4f2a5d 100644 --- a/python/ql/test/library-tests/PointsTo/customise/test.ql +++ b/python/ql/test/library-tests/PointsTo/customise/test.ql @@ -11,7 +11,7 @@ class HasTypeFact extends CustomPointsToOriginFact { exists(FunctionObject func, string name | func.getACall() = this and name = func.getName() and - name.prefix("has_type_".length()) = "has_type_" + name.matches("has\\_type\\_%") ) } @@ -19,7 +19,7 @@ class HasTypeFact extends CustomPointsToOriginFact { exists(FunctionObject func, string name | func.getACall() = this and name = func.getName() and - name.prefix("has_type_".length()) = "has_type_" + name.matches("has\\_type\\_%") | cls.getName() = name.suffix("has_type_".length()) ) and diff --git a/python/ql/test/library-tests/PointsTo/new/Consistency.ql b/python/ql/test/library-tests/PointsTo/new/Consistency.ql index 282b96fc541..0ee1a392ef2 100644 --- a/python/ql/test/library-tests/PointsTo/new/Consistency.ql +++ b/python/ql/test/library-tests/PointsTo/new/Consistency.ql @@ -104,7 +104,7 @@ predicate ssa_consistency(string clsname, string problem, string what) { or exists(EssaDefinition def | clsname = def.getAQlClass() and - clsname.prefix(4) = "Essa" and + clsname.matches("Essa%") and what = " at " + def.getLocation() and problem = "not covered by Python-specific subclass." ) diff --git a/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py b/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py index bcf6589ef85..64f8ad5010d 100644 --- a/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py +++ b/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py @@ -27,3 +27,10 @@ def through_function(open_file): open_file.write("foo") # $ fileWriteData="foo" getAPathArgument="path" through_function(f) + +from os import path +path.exists("filepath") # $ getAPathArgument="filepath" +path.isfile("filepath") # $ getAPathArgument="filepath" +path.isdir("filepath") # $ getAPathArgument="filepath" +path.islink("filepath") # $ getAPathArgument="filepath" +path.ismount("filepath") # $ getAPathArgument="filepath" diff --git a/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll b/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll index 08ba0ce6e40..4ae53e94a38 100644 --- a/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll +++ b/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll @@ -28,7 +28,7 @@ class SimpleSource extends TaintSource { predicate visit_call(CallNode call, FunctionObject func) { exists(AttrNode attr, ClassObject cls, string name | - name.prefix(6) = "visit_" and + name.matches("visit\\_%") and func = cls.lookupAttribute(name) and attr.getObject("visit").refersTo(_, cls, _) and attr = call.getFunction() diff --git a/python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.expected b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.expected similarity index 93% rename from python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.expected rename to python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.expected index 07a01b5f9dc..598b60ae38a 100644 --- a/python/ql/test/experimental/query-tests/Security/CWE-730/RegexInjection.expected +++ b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.expected @@ -23,6 +23,6 @@ nodes | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern | subpaths #select -| re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | re_bad.py:13:22:13:28 | ControlFlowNode for request | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | This | re_bad.py:13:22:13:28 | ControlFlowNode for request | user-provided value | re_bad.py:14:5:14:13 | Attribute | re.search | -| re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | re_bad.py:24:22:24:28 | ControlFlowNode for request | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | This | re_bad.py:24:22:24:28 | ControlFlowNode for request | user-provided value | re_bad.py:26:5:26:27 | Attribute | re.search | -| re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | re_bad.py:36:22:36:28 | ControlFlowNode for request | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | This | re_bad.py:36:22:36:28 | ControlFlowNode for request | user-provided value | re_bad.py:37:5:37:37 | Attribute | re.search | +| re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | re_bad.py:13:22:13:28 | ControlFlowNode for request | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | This | re_bad.py:13:22:13:28 | ControlFlowNode for request | user-provided value | re_bad.py:14:5:14:33 | ControlFlowNode for Attribute() | re.search | +| re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | re_bad.py:24:22:24:28 | ControlFlowNode for request | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | This | re_bad.py:24:22:24:28 | ControlFlowNode for request | user-provided value | re_bad.py:26:5:26:31 | ControlFlowNode for Attribute() | re.search | +| re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | re_bad.py:36:22:36:28 | ControlFlowNode for request | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | $@ regular expression is constructed from a $@ and executed by $@. | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | This | re_bad.py:36:22:36:28 | ControlFlowNode for request | user-provided value | re_bad.py:37:5:37:41 | ControlFlowNode for Attribute() | re.search | diff --git a/python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.qlref b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.qlref new file mode 100644 index 00000000000..53f8be2a625 --- /dev/null +++ b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.qlref @@ -0,0 +1 @@ +Security/CWE-730/RegexInjection.ql diff --git a/python/ql/test/experimental/query-tests/Security/CWE-730/re_bad.py b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/re_bad.py similarity index 100% rename from python/ql/test/experimental/query-tests/Security/CWE-730/re_bad.py rename to python/ql/test/query-tests/Security/CWE-730-RegexInjection/re_bad.py diff --git a/python/ql/test/experimental/query-tests/Security/CWE-730/re_good.py b/python/ql/test/query-tests/Security/CWE-730-RegexInjection/re_good.py similarity index 100% rename from python/ql/test/experimental/query-tests/Security/CWE-730/re_good.py rename to python/ql/test/query-tests/Security/CWE-730-RegexInjection/re_good.py