hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 07:15:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15853 from hvitved/dataflow/get-location

Browse Source 
Data flow: Replace `hasLocationInfo` with `getLocation`
This commit is contained in:
Tom Hvitved
2024-03-18 20:21:46 +01:00
committed by GitHub
parent 8899d66132 d83500de5d
commit fc55567d90
96 changed files with 419 additions and 277 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
shared/dataflow/codeql/dataflow/DataFlow.qll
View File

@@ -4,8 +4,10 @@
* modules.
*/
private import codeql.util.Location
/** Provides language-specific data flow parameters. */
signature module InputSig {
signature module InputSig<LocationSig Location> {
/**
* A node in the data flow graph.
*/
@@ -13,16 +15,8 @@ signature module InputSig {
/** Gets a textual representation of this element. */
string toString();
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
* column `endcolumn` of line `endline` in file `filepath`.
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
);
/** Gets the location of this node. */
Location getLocation();
}
class ParameterNode extends Node;
@@ -321,9 +315,9 @@ signature module InputSig {
default predicate ignoreFieldFlowBranchLimit(DataFlowCallable c) { none() }
}
module Configs<InputSig Lang> {
module Configs<LocationSig Location, InputSig<Location> Lang> {
private import Lang
private import internal.DataFlowImplCommon::MakeImplCommon<Lang>
private import internal.DataFlowImplCommon::MakeImplCommon<Location, Lang>
import DataFlowImplCommonPublic
/** An input configuration for data flow. */
@@ -537,10 +531,10 @@ module Configs<InputSig Lang> {
}
}
module DataFlowMake<InputSig Lang> {
module DataFlowMake<LocationSig Location, InputSig<Location> Lang> {
private import Lang
private import internal.DataFlowImpl::MakeImpl<Lang>
import Configs<Lang>
private import internal.DataFlowImpl::MakeImpl<Location, Lang>
import Configs<Location, Lang>
/**
* Gets the exploration limit for `partialFlow` and `partialFlowRev`
@@ -623,19 +617,11 @@ module DataFlowMake<InputSig Lang> {
/** Gets a textual representation of this element. */
string toString();
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
* column `endcolumn` of line `endline` in file `filepath`.
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
);
/** Gets the underlying `Node`. */
Node getNode();
/** Gets the location of this node. */
Location getLocation();
}
signature module PathGraphSig<PathNodeSig PathNode> {
@@ -678,6 +664,15 @@ module DataFlowMake<InputSig Lang> {
result = this.asPathNode2().toString()
}
/** Gets the underlying `Node`. */
Node getNode() {
result = this.asPathNode1().getNode() or
result = this.asPathNode2().getNode()
}
/** Gets the location of this node. */
Location getLocation() { result = this.getNode().getLocation() }
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
@@ -685,17 +680,10 @@ module DataFlowMake<InputSig Lang> {
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
deprecated predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this.asPathNode1().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) or
this.asPathNode2().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the underlying `Node`. */
Node getNode() {
result = this.asPathNode1().getNode() or
result = this.asPathNode2().getNode()
this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
}
@@ -760,7 +748,7 @@ module DataFlowMake<InputSig Lang> {
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
deprecated predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
@@ -768,6 +756,9 @@ module DataFlowMake<InputSig Lang> {
/** Gets the underlying `Node`. */
Node getNode() { result = super.getNode() }
/** Gets the location of this node. */
Location getLocation() { result = super.getLocation() }
}
/**

12
shared/dataflow/codeql/dataflow/TaintTracking.qll
View File

@@ -5,11 +5,12 @@
private import DataFlow as DF
private import internal.DataFlowImpl
private import codeql.util.Location
/**
* Provides language-specific taint-tracking parameters.
*/
signature module InputSig<DF::InputSig Lang> {
signature module InputSig<LocationSig Location, DF::InputSig<Location> Lang> {
/**
* Holds if `node` should be a sanitizer in all global taint flow configurations
* but not in local taint.
@@ -33,10 +34,13 @@ signature module InputSig<DF::InputSig Lang> {
/**
* Construct the modules for taint-tracking analyses.
*/
module TaintFlowMake<DF::InputSig DataFlowLang, InputSig<DataFlowLang> TaintTrackingLang> {
module TaintFlowMake<
LocationSig Location, DF::InputSig<Location> DataFlowLang,
InputSig<Location, DataFlowLang> TaintTrackingLang>
{
private import TaintTrackingLang
private import DF::DataFlowMake<DataFlowLang> as DataFlow
private import MakeImpl<DataFlowLang> as DataFlowInternal
private import DF::DataFlowMake<Location, DataFlowLang> as DataFlow
private import MakeImpl<Location, DataFlowLang> as DataFlowInternal
private module AddTaintDefaults<DataFlowInternal::FullStateConfigSig Config> implements
DataFlowInternal::FullStateConfigSig

61
shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
View File

@@ -7,12 +7,13 @@
private import codeql.util.Unit
private import codeql.util.Option
private import codeql.util.Boolean
private import codeql.util.Location
private import codeql.dataflow.DataFlow
module MakeImpl<InputSig Lang> {
module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
private import Lang
private import DataFlowMake<Lang>
private import DataFlowImplCommon::MakeImplCommon<Lang>
private import DataFlowMake<Location, Lang>
private import DataFlowImplCommon::MakeImplCommon<Location, Lang>
private import DataFlowImplCommonPublic
/**
@@ -195,11 +196,7 @@ module MakeImpl<InputSig Lang> {
pragma[only_bind_out](this).getDataFlowType0() = pragma[only_bind_into](result)
}
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this.projectToNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
Location getLocation() { result = this.projectToNode().getLocation() }
}
private class ArgNodeEx extends NodeEx {
@@ -3313,11 +3310,7 @@ module MakeImpl<InputSig Lang> {
override string toString() { result = p + concat(" : " + ppReprType(t)) + " " + ap }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
p.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
Location getLocation() { result = p.getLocation() }
}
/**
@@ -3735,18 +3728,8 @@ module MakeImpl<InputSig Lang> {
this.ppSummaryCtx()
}
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
* column `endcolumn` of line `endline` in file `filepath`.
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this.getNodeEx().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the location of this node. */
Location getLocation() { result = this.getNodeEx().getLocation() }
}
/** Holds if `n` can reach a sink. */
@@ -3782,6 +3765,9 @@ module MakeImpl<InputSig Lang> {
*/
final string toStringWithContext() { result = super.toStringWithContext() }
/** Gets the location of this node. */
Location getLocation() { result = super.getLocation() }
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
@@ -3789,10 +3775,11 @@ module MakeImpl<InputSig Lang> {
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
final predicate hasLocationInfo(
pragma[inline]
deprecated final predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the underlying `Node`. */
@@ -3954,11 +3941,7 @@ module MakeImpl<InputSig Lang> {
override string toString() { result = sourceGroup }
override predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
filepath = "" and startline = 0 and startcolumn = 0 and endline = 0 and endcolumn = 0
}
override Location getLocation() { result.hasLocationInfo("", 0, 0, 0, 0) }
}
private class PathNodeSinkGroup extends PathNodeImpl, TPathNodeSinkGroup {
@@ -3976,11 +3959,7 @@ module MakeImpl<InputSig Lang> {
override string toString() { result = sinkGroup }
override predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
filepath = "" and startline = 0 and startcolumn = 0 and endline = 0 and endcolumn = 0
}
override Location getLocation() { result.hasLocationInfo("", 0, 0, 0, 0) }
}
private predicate pathNode(
@@ -4867,6 +4846,9 @@ module MakeImpl<InputSig Lang> {
result = this.getNodeEx().toString() + this.ppType() + this.ppAp() + this.ppCtx()
}
/** Gets the location of this node. */
Location getLocation() { result = this.getNodeEx().getLocation() }
/**
* Holds if this element is at the specified location.
* The location spans column `startcolumn` of line `startline` to
@@ -4874,10 +4856,11 @@ module MakeImpl<InputSig Lang> {
* For more information, see
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
*/
predicate hasLocationInfo(
pragma[inline]
deprecated predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this.getNodeEx().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the underlying `Node`. */

55
shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
View File

@@ -1,8 +1,9 @@
private import codeql.dataflow.DataFlow
private import codeql.typetracking.TypeTracking as Tt
private import codeql.util.Location
private import codeql.util.Unit
module MakeImplCommon<InputSig Lang> {
module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
private import Lang
import Cached
@@ -1642,19 +1643,13 @@ module MakeImplCommon<InputSig Lang> {
}
}
final private class NodeFinal = Node;
/**
* A `Node` at which a cast can occur such that the type should be checked.
*/
class CastingNode instanceof Node {
class CastingNode extends NodeFinal {
CastingNode() { castingNode(this) }
string toString() { result = super.toString() }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
}
private predicate readStepWithTypes(
@@ -1800,17 +1795,9 @@ module MakeImplCommon<InputSig Lang> {
* The value of a parameter at function entry, viewed as a node in a data
* flow graph.
*/
class ParamNode instanceof Node {
class ParamNode extends NodeFinal {
ParamNode() { parameterNode(this, _, _) }
string toString() { result = super.toString() }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/**
* Holds if this node is the parameter of callable `c` at the specified
* position.
@@ -1821,17 +1808,9 @@ module MakeImplCommon<InputSig Lang> {
}
/** A data-flow node that represents a call argument. */
class ArgNode instanceof Node {
class ArgNode extends NodeFinal {
ArgNode() { argumentNode(this, _, _) }
string toString() { result = super.toString() }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Holds if this argument occurs at the given position in the given call. */
final predicate argumentOf(DataFlowCall call, ArgumentPosition pos) {
argumentNode(this, call, pos)
@@ -1842,17 +1821,9 @@ module MakeImplCommon<InputSig Lang> {
* A node from which flow can return to the caller. This is either a regular
* `ReturnNode` or a `PostUpdateNode` corresponding to the value of a parameter.
*/
class ReturnNodeExt instanceof Node {
class ReturnNodeExt extends NodeFinal {
ReturnNodeExt() { returnNodeExt(this, _) }
string toString() { result = super.toString() }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the kind of this returned value. */
ReturnKindExt getKind() { returnNodeExt(this, result) }
}
@@ -1861,16 +1832,8 @@ module MakeImplCommon<InputSig Lang> {
* A node to which data can flow from a call. Either an ordinary out node
* or a post-update node associated with a call argument.
*/
class OutNodeExt instanceof Node {
class OutNodeExt extends NodeFinal {
OutNodeExt() { outNodeExt(this) }
string toString() { result = super.toString() }
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
}
/**

14
shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll
View File

@@ -5,8 +5,9 @@
private import codeql.dataflow.DataFlow as DF
private import codeql.dataflow.TaintTracking as TT
private import codeql.util.Location
signature module InputSig<DF::InputSig DataFlowLang> {
signature module InputSig<LocationSig Location, DF::InputSig<Location> DataFlowLang> {
/** Holds if `n` should be excluded from the consistency test `uniqueEnclosingCallable`. */
default predicate uniqueEnclosingCallableExclude(DataFlowLang::Node n) { none() }
@@ -71,8 +72,8 @@ signature module InputSig<DF::InputSig DataFlowLang> {
}
module MakeConsistency<
DF::InputSig DataFlowLang, TT::InputSig<DataFlowLang> TaintTrackingLang,
InputSig<DataFlowLang> Input>
LocationSig Location, DF::InputSig<Location> DataFlowLang,
TT::InputSig<Location, DataFlowLang> TaintTrackingLang, InputSig<Location, DataFlowLang> Input>
{
private import DataFlowLang
private import TaintTrackingLang
@@ -128,10 +129,7 @@ module MakeConsistency<
query predicate uniqueNodeLocation(Node n, string msg) {
exists(int c |
c =
count(string filepath, int startline, int startcolumn, int endline, int endcolumn |
n.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
) and
c = count(n.getLocation()) and
c != 1 and
not Input::uniqueNodeLocationExclude(n) and
msg = "Node should have one location but has " + c + "."
@@ -142,7 +140,7 @@ module MakeConsistency<
exists(int c |
c =
strictcount(Node n |
not n.hasLocationInfo(_, _, _, _, _) and
not exists(n.getLocation()) and
not Input::missingLocationExclude(n)
) and
msg = "Nodes without location: " + c

13
shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -10,7 +10,7 @@ private import AccessPathSyntax as AccessPathSyntax
/**
* Provides language-specific parameters.
*/
signature module InputSig<DF::InputSig Lang> {
signature module InputSig<LocationSig Location, DF::InputSig<Location> Lang> {
/**
* A base class of callables that are candidates for flow summary modeling.
*/
@@ -139,10 +139,12 @@ signature module InputSig<DF::InputSig Lang> {
}
}
module Make<DF::InputSig DataFlowLang, InputSig<DataFlowLang> Input> {
module Make<
LocationSig Location, DF::InputSig<Location> DataFlowLang, InputSig<Location, DataFlowLang> Input>
{
private import DataFlowLang
private import Input
private import codeql.dataflow.internal.DataFlowImplCommon::MakeImplCommon<DataFlowLang>
private import codeql.dataflow.internal.DataFlowImplCommon::MakeImplCommon<Location, DataFlowLang>
private import codeql.util.Unit
final private class SummarizedCallableBaseFinal = SummarizedCallableBase;
@@ -1457,7 +1459,7 @@ module Make<DF::InputSig DataFlowLang, InputSig<DataFlowLang> Input> {
AccessPathSyntax::parseInt(part.getArgumentList()) < 0
}
signature module SourceSinkInterpretationInputSig<LocationSig Location> {
signature module SourceSinkInterpretationInputSig {
class Element {
string toString();
@@ -1523,8 +1525,7 @@ module Make<DF::InputSig DataFlowLang, InputSig<DataFlowLang> Input> {
* Should eventually be replaced with API graphs like in dynamic languages.
*/
module SourceSinkInterpretation<
LocationSig Location,
SourceSinkInterpretationInputSig<Location> SourceSinkInterpretationInput>
SourceSinkInterpretationInputSig SourceSinkInterpretationInput>
{
private import SourceSinkInterpretationInput

14
shared/dataflow/codeql/dataflow/test/InlineFlowTest.qll
View File

@@ -29,8 +29,9 @@
private import codeql.dataflow.DataFlow as DF
private import codeql.dataflow.TaintTracking as TT
private import codeql.util.test.InlineExpectationsTest as IET
private import codeql.util.Location
signature module InputSig<DF::InputSig DataFlowLang> {
signature module InputSig<LocationSig Location, DF::InputSig<Location> DataFlowLang> {
predicate defaultSource(DataFlowLang::Node source);
predicate defaultSink(DataFlowLang::Node source);
@@ -40,12 +41,13 @@ signature module InputSig<DF::InputSig DataFlowLang> {
}
module InlineFlowTestMake<
DF::InputSig DataFlowLang, TT::InputSig<DataFlowLang> TaintTrackingLang,
IET::InlineExpectationsTestSig Test, InputSig<DataFlowLang> Impl>
LocationSig Location, DF::InputSig<Location> DataFlowLang,
TT::InputSig<Location, DataFlowLang> TaintTrackingLang, IET::InlineExpectationsTestSig Test,
InputSig<Location, DataFlowLang> Impl>
{
private module DataFlow = DF::DataFlowMake<DataFlowLang>;
private module DataFlow = DF::DataFlowMake<Location, DataFlowLang>;
private module TaintTracking = TT::TaintFlowMake<DataFlowLang, TaintTrackingLang>;
private module TaintTracking = TT::TaintFlowMake<Location, DataFlowLang, TaintTrackingLang>;
private module InlineExpectationsTest = IET::Make<Test>;
@@ -76,7 +78,7 @@ module InlineFlowTestMake<
private predicate hasLocationInfo(DataFlowLang::Node node, Test::Location location) {
exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |
node.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and
node.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and
location.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
)
}