From f7f6f104d0797f25f1e753218f658d6404df643b Mon Sep 17 00:00:00 2001 From: Stephan Brandauer Date: Tue, 2 May 2023 13:15:30 +0200 Subject: [PATCH] use NegativeEndpointType class; replace link to slack discussion --- .../AutomodelEndpointCharacteristics.qll | 12 ++++++--- .../AutomodelSharedCharacteristics.qll | 27 +++++++++---------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll b/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll index 77425071792..f9639743fa3 100644 --- a/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll +++ b/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll @@ -21,9 +21,7 @@ module CandidatesImpl implements SharedCharacteristics::CandidateSig { class EndpointType = AutomodelEndpointTypes::EndpointType; - predicate isNegative(AutomodelEndpointTypes::EndpointType t) { - t instanceof AutomodelEndpointTypes::NegativeSinkType - } + class NegativeEndpointType = AutomodelEndpointTypes::NegativeSinkType; // Sanitizers are currently not modeled in MaD. TODO: check if this has large negative impact. predicate isSanitizer(Endpoint e, EndpointType t) { none() } @@ -95,7 +93,13 @@ module CandidatesImpl implements SharedCharacteristics::CandidateSig { hasMetadata(e, package, type, name, signature, input, isFinal, isStatic, isPublic, calleeJavaDoc) and (if isFinal = true or isStatic = true then subtypes = false else subtypes = true) and - ext = "" and // see https://github.slack.com/archives/CP9127VUK/p1673979477496069 + ext = "" and + /* + * "ext" will always be empty for automodeling; it's a mechanism for + * specifying that the model should apply for parameters that have + * a certain annotation. + */ + provenance = "ai-generated" and metadata = "{" // diff --git a/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll b/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll index 58c46ceabd8..d0d05563105 100644 --- a/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll +++ b/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll @@ -16,6 +16,11 @@ signature module CandidateSig { class EndpointType; + /** + * An EndpointType that denotes the absence of any sink. + */ + class NegativeEndpointType extends EndpointType; + /** Gets the string representing the file+range of the endpoint. */ string getLocationString(Endpoint e); @@ -24,12 +29,6 @@ signature module CandidateSig { */ predicate isKnownLabel(string label, string humanReadableLabel, EndpointType type); - /** - * EndpointType must have a 'negative' type that denotes the absence of any sink. - * This predicate should hold for that type, and that type only. - */ - predicate isNegative(EndpointType t); - /** * Should hold for any endpoint that is a flow sanitizer. */ @@ -68,8 +67,6 @@ signature module CandidateSig { * implementations of endpoint characteristics exported by this module. */ module SharedCharacteristics { - predicate isNegative(Candidate::EndpointType e) { Candidate::isNegative(e) } - predicate isSink(Candidate::Endpoint e, string label) { Candidate::isSink(e, label) } predicate isNeutral(Candidate::Endpoint e) { Candidate::isNeutral(e) } @@ -80,7 +77,7 @@ module SharedCharacteristics { predicate isKnownSink(Candidate::Endpoint sink, Candidate::EndpointType endpointType) { // If the list of characteristics includes positive indicators with maximal confidence for this class, then it's a // known sink for the class. - not isNegative(endpointType) and + not endpointType instanceof Candidate::NegativeEndpointType and exists(EndpointCharacteristic characteristic | characteristic.appliesToEndpoint(sink) and characteristic.hasImplications(endpointType, true, maximalConfidence()) @@ -93,7 +90,7 @@ module SharedCharacteristics { * characteristics. */ predicate isSinkCandidate(Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType) { - not isNegative(sinkType) and + not sinkType instanceof Candidate::NegativeEndpointType and not exists(getAReasonSinkExcluded(candidateSink, sinkType)) } @@ -109,13 +106,13 @@ module SharedCharacteristics { Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType ) { // An endpoint is a sink candidate if none of its characteristics give much indication whether or not it is a sink. - not isNegative(sinkType) and + not sinkType instanceof Candidate::NegativeEndpointType and result.appliesToEndpoint(candidateSink) and // Exclude endpoints that have a characteristic that implies they're not sinks for _any_ sink type. ( exists(float confidence | confidence >= mediumConfidence() and - result.hasImplications(any(Candidate::EndpointType t | isNegative(t)), true, confidence) + result.hasImplications(any(Candidate::NegativeEndpointType t), true, confidence) ) or // Exclude endpoints that have a characteristic that implies they're not sinks for _this particular_ sink type. @@ -195,7 +192,7 @@ module SharedCharacteristics { override predicate hasImplications( Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence ) { - Candidate::isNegative(endpointType) and + endpointType instanceof Candidate::NegativeEndpointType and isPositiveIndicator = true and confidence = highConfidence() } @@ -214,7 +211,7 @@ module SharedCharacteristics { override predicate hasImplications( Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence ) { - Candidate::isNegative(endpointType) and + endpointType instanceof Candidate::NegativeEndpointType and isPositiveIndicator = true and confidence = mediumConfidence() } @@ -235,7 +232,7 @@ module SharedCharacteristics { override predicate hasImplications( Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence ) { - Candidate::isNegative(endpointType) and + endpointType instanceof Candidate::NegativeEndpointType and isPositiveIndicator = true and confidence = mediumConfidence() }