mirror of
https://github.com/github/codeql.git
synced 2026-06-11 16:01:09 +02:00
Compare commits
2 Commits
andersfugm
...
yoff/pytho
| Author | SHA1 | Date | |
|---|---|---|---|
|
ac5fa629ef | ||
|
|
5fb75ac987 |
12
MODULE.bazel
12
MODULE.bazel
@@ -237,6 +237,9 @@ use_repo(
|
||||
kotlin_extractor_deps,
|
||||
"codeql_kotlin_defaults",
|
||||
"codeql_kotlin_embeddable",
|
||||
"kotlin-compiler-1.8.0",
|
||||
"kotlin-compiler-1.9.0-Beta",
|
||||
"kotlin-compiler-1.9.20-Beta",
|
||||
"kotlin-compiler-2.0.0-RC1",
|
||||
"kotlin-compiler-2.0.20-Beta2",
|
||||
"kotlin-compiler-2.1.0-Beta1",
|
||||
@@ -245,7 +248,9 @@ use_repo(
|
||||
"kotlin-compiler-2.2.20-Beta2",
|
||||
"kotlin-compiler-2.3.0",
|
||||
"kotlin-compiler-2.3.20",
|
||||
"kotlin-compiler-2.4.0",
|
||||
"kotlin-compiler-embeddable-1.8.0",
|
||||
"kotlin-compiler-embeddable-1.9.0-Beta",
|
||||
"kotlin-compiler-embeddable-1.9.20-Beta",
|
||||
"kotlin-compiler-embeddable-2.0.0-RC1",
|
||||
"kotlin-compiler-embeddable-2.0.20-Beta2",
|
||||
"kotlin-compiler-embeddable-2.1.0-Beta1",
|
||||
@@ -254,7 +259,9 @@ use_repo(
|
||||
"kotlin-compiler-embeddable-2.2.20-Beta2",
|
||||
"kotlin-compiler-embeddable-2.3.0",
|
||||
"kotlin-compiler-embeddable-2.3.20",
|
||||
"kotlin-compiler-embeddable-2.4.0",
|
||||
"kotlin-stdlib-1.8.0",
|
||||
"kotlin-stdlib-1.9.0-Beta",
|
||||
"kotlin-stdlib-1.9.20-Beta",
|
||||
"kotlin-stdlib-2.0.0-RC1",
|
||||
"kotlin-stdlib-2.0.20-Beta2",
|
||||
"kotlin-stdlib-2.1.0-Beta1",
|
||||
@@ -263,7 +270,6 @@ use_repo(
|
||||
"kotlin-stdlib-2.2.20-Beta2",
|
||||
"kotlin-stdlib-2.3.0",
|
||||
"kotlin-stdlib-2.3.20",
|
||||
"kotlin-stdlib-2.4.0",
|
||||
)
|
||||
|
||||
go_sdk = use_extension("@rules_go//go:extensions.bzl", "go_sdk")
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
Java,"Java 7 to 26 [6]_","javac (OpenJDK and Oracle JDK),
|
||||
|
||||
Eclipse compiler for Java (ECJ) [7]_",``.java``
|
||||
Kotlin,"Kotlin 2.0.0 to 2.4.\ *x*","kotlinc",``.kt``
|
||||
Kotlin,"Kotlin 1.8.0 to 2.3.2\ *x*","kotlinc",``.kt``
|
||||
JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [8]_"
|
||||
Python [9]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11, 3.12, 3.13",Not applicable,``.py``
|
||||
Ruby [10]_,"up to 3.3",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``"
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* More logging functions are now recognized as not returning or panicking.
|
||||
@@ -413,13 +413,17 @@ private class ExternalLoggerCall extends LoggerCall::Range, DataFlow::CallNode {
|
||||
}
|
||||
}
|
||||
|
||||
private class HeuristicLoggerFunction extends Method {
|
||||
string logFunctionPrefix;
|
||||
|
||||
HeuristicLoggerFunction() {
|
||||
exists(string tp, string name |
|
||||
this.hasQualifiedName(_, tp, name) and
|
||||
this.getReceiverBaseType().getUnderlyingType() instanceof InterfaceType
|
||||
/**
|
||||
* A call to an interface that looks like a logger. It is common to use a
|
||||
* locally-defined interface for logging to make it easy to changing logging
|
||||
* library.
|
||||
*/
|
||||
private class HeuristicLoggerCall extends LoggerCall::Range, DataFlow::CallNode {
|
||||
HeuristicLoggerCall() {
|
||||
exists(Method m, string tp, string logFunctionPrefix, string name |
|
||||
m = this.getTarget() and
|
||||
m.hasQualifiedName(_, tp, name) and
|
||||
m.getReceiverBaseType().getUnderlyingType() instanceof InterfaceType
|
||||
|
|
||||
tp.regexpMatch(".*[lL]ogger") and
|
||||
logFunctionPrefix =
|
||||
@@ -431,19 +435,6 @@ private class HeuristicLoggerFunction extends Method {
|
||||
)
|
||||
}
|
||||
|
||||
override predicate mayReturnNormally() { logFunctionPrefix != "Fatal" }
|
||||
|
||||
override predicate mustPanic() { logFunctionPrefix = "Panic" }
|
||||
}
|
||||
|
||||
/**
|
||||
* A call to an interface that looks like a logger. It is common to use a
|
||||
* locally-defined interface for logging to make it easy to change logging
|
||||
* library.
|
||||
*/
|
||||
private class HeuristicLoggerCall extends LoggerCall::Range, DataFlow::CallNode {
|
||||
HeuristicLoggerCall() { this.getTarget() instanceof HeuristicLoggerFunction }
|
||||
|
||||
override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() }
|
||||
}
|
||||
|
||||
|
||||
@@ -12,37 +12,17 @@ import go
|
||||
* forks.
|
||||
*/
|
||||
module Glog {
|
||||
/** Gets a package name for `glog` or `klog` (which is a fork). */
|
||||
string packagePath() {
|
||||
result =
|
||||
package([
|
||||
"github.com/golang/glog", "gopkg.in/glog", "k8s.io/klog", "github.com/barakmich/glog"
|
||||
], "")
|
||||
}
|
||||
|
||||
private class GlogFunction extends Function {
|
||||
int firstPrintedArg;
|
||||
string format;
|
||||
string level;
|
||||
|
||||
GlogFunction() {
|
||||
exists(string pkg, string context, int nContextArgs, string depth, int nDepthArgs, string fn |
|
||||
pkg = packagePath() and
|
||||
exists(string pkg, string fn, string level |
|
||||
pkg = package(["github.com/golang/glog", "gopkg.in/glog", "k8s.io/klog"], "") and
|
||||
level = ["Error", "Exit", "Fatal", "Info", "Warning"] and
|
||||
(
|
||||
context = "" and nContextArgs = 0
|
||||
fn = level + ["", "f", "ln"] and firstPrintedArg = 0
|
||||
or
|
||||
context = "Context" and nContextArgs = 1
|
||||
) and
|
||||
(
|
||||
depth = "" and nDepthArgs = 0
|
||||
or
|
||||
depth = "Depth" and nDepthArgs = 1
|
||||
) and
|
||||
format = ["", "f", "ln"] and
|
||||
(
|
||||
fn = level + context + depth + format and
|
||||
firstPrintedArg = nContextArgs + nDepthArgs
|
||||
fn = level + "Depth" and firstPrintedArg = 1
|
||||
)
|
||||
|
|
||||
this.hasQualifiedName(pkg, fn)
|
||||
@@ -55,15 +35,10 @@ module Glog {
|
||||
* Gets the index of the first argument that may be output, including a format string if one is present.
|
||||
*/
|
||||
int getFirstPrintedArg() { result = firstPrintedArg }
|
||||
|
||||
/** Holds if this function takes a format string. */
|
||||
predicate formatter() { format = "f" }
|
||||
|
||||
override predicate mayReturnNormally() { level != "Fatal" and level != "Exit" }
|
||||
}
|
||||
|
||||
private class StringFormatter extends StringOps::Formatting::Range instanceof GlogFunction {
|
||||
StringFormatter() { this.formatter() }
|
||||
StringFormatter() { this.getName().matches("%f") }
|
||||
|
||||
override int getFormatStringIndex() { result = super.getFirstPrintedArg() }
|
||||
}
|
||||
|
||||
@@ -28,12 +28,6 @@ module Logrus {
|
||||
this.(Method).hasQualifiedName(packagePath(), ["Entry", "Logger"], name)
|
||||
)
|
||||
}
|
||||
|
||||
override predicate mayReturnNormally() {
|
||||
not exists(string level, string suffix | level = ["Fatal", "Panic"] |
|
||||
this.getName() = level + suffix
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private class StringFormatters extends StringOps::Formatting::Range instanceof LogFunction {
|
||||
|
||||
@@ -47,7 +47,7 @@ module Zap {
|
||||
}
|
||||
|
||||
/** A Zap logging function which always panics. */
|
||||
private class FatalLogMethod extends ZapFunction {
|
||||
private class FatalLogMethod extends Method {
|
||||
FatalLogMethod() {
|
||||
this.hasQualifiedName(packagePath(), "Logger", "Fatal")
|
||||
or
|
||||
@@ -58,7 +58,7 @@ module Zap {
|
||||
}
|
||||
|
||||
/** A Zap logging function which always panics. */
|
||||
private class MustPanicLogMethod extends ZapFunction {
|
||||
private class MustPanicLogMethod extends Method {
|
||||
MustPanicLogMethod() {
|
||||
this.hasQualifiedName(packagePath(), "Logger", "Panic")
|
||||
or
|
||||
|
||||
@@ -29,37 +29,18 @@ module Log {
|
||||
}
|
||||
|
||||
private class LogFormatter extends StringOps::Formatting::Range instanceof LogFunction {
|
||||
LogFormatter() { this.getName() = ["Fatalf", "Panicf", "Printf", "Panic", "Panicf", "Panicln"] }
|
||||
LogFormatter() { this.getName() = ["Fatalf", "Panicf", "Printf"] }
|
||||
|
||||
override int getFormatStringIndex() { result = 0 }
|
||||
}
|
||||
|
||||
/** A fatal log function, which calls `os.Exit`. */
|
||||
private class FatalLogFunction extends Function {
|
||||
FatalLogFunction() {
|
||||
exists(string fn | fn = ["Fatal", "Fatalf", "Fatalln"] |
|
||||
this.hasQualifiedName("log", fn)
|
||||
or
|
||||
this.(Method).hasQualifiedName("log", "Logger", fn)
|
||||
)
|
||||
}
|
||||
FatalLogFunction() { this.hasQualifiedName("log", ["Fatal", "Fatalf", "Fatalln"]) }
|
||||
|
||||
override predicate mayReturnNormally() { none() }
|
||||
}
|
||||
|
||||
/** A log function which must panic. */
|
||||
private class PanicLogFunction extends Function {
|
||||
PanicLogFunction() {
|
||||
exists(string fn | fn = ["Panic", "Panicf", "Panicln"] |
|
||||
this.hasQualifiedName("log", fn)
|
||||
or
|
||||
this.(Method).hasQualifiedName("log", "Logger", fn)
|
||||
)
|
||||
}
|
||||
|
||||
override predicate mustPanic() { any() }
|
||||
}
|
||||
|
||||
// These models are not implemented using Models-as-Data because they represent reverse flow.
|
||||
private class FunctionModels extends TaintTracking::FunctionModel {
|
||||
FunctionInput inp;
|
||||
@@ -82,6 +63,30 @@ module Log {
|
||||
FunctionOutput outp;
|
||||
|
||||
MethodModels() {
|
||||
// signature: func (*Logger) Fatal(v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Fatal") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Fatalf(format string, v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Fatalf") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Fatalln(v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Fatalln") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Panic(v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Panic") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Panicf(format string, v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Panicf") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Panicln(v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Panicln") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
or
|
||||
// signature: func (*Logger) Print(v ...interface{})
|
||||
this.hasQualifiedName("log", "Logger", "Print") and
|
||||
(inp.isParameter(_) and outp.isReceiver())
|
||||
|
||||
@@ -1,181 +1,54 @@
|
||||
//go:generate depstubber -vendor github.com/golang/glog Level,Verbose Error,ErrorContext,ErrorContextDepth,ErrorContextDepthf,ErrorContextf,ErrorDepth,ErrorDepthf,Errorf,Errorln,Exit,ExitContext,ExitContextDepth,ExitContextDepthf,ExitContextf,ExitDepth,ExitDepthf,Exitf,Exitln,Fatal,FatalContext,FatalContextDepth,FatalContextDepthf,FatalContextf,FatalDepth,FatalDepthf,Fatalf,Fatalln,Info,InfoContext,InfoContextDepth,InfoContextDepthf,InfoContextf,InfoDepth,InfoDepthf,Infof,Infoln,V,VDepth,Warning,WarningContext,WarningContextDepth,WarningContextDepthf,WarningContextf,WarningDepth,WarningDepthf,Warningf,Warningln
|
||||
//go:generate depstubber -vendor k8s.io/klog Level,Verbose Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,V,Warning,WarningDepth,Warningf,Warningln
|
||||
//go:generate depstubber -vendor github.com/golang/glog "" Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,Warning,WarningDepth,Warningf,Warningln
|
||||
//go:generate depstubber -vendor k8s.io/klog "" Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,Warning,WarningDepth,Warningf,Warningln
|
||||
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/golang/glog"
|
||||
"k8s.io/klog"
|
||||
)
|
||||
|
||||
func glogTest(selector int) {
|
||||
ctx := context.Background()
|
||||
|
||||
glog.Error(text) // $ logger=text
|
||||
glog.ErrorContext(ctx, text) // $ logger=text
|
||||
glog.ErrorContextDepth(ctx, 0, text) // $ logger=text
|
||||
glog.ErrorContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.ErrorContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
glog.ErrorDepth(0, text) // $ logger=text
|
||||
glog.ErrorDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.Errorf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Errorln(text) // $ logger=text
|
||||
if selector == 1 {
|
||||
glog.Exit(text) // $ logger=text
|
||||
}
|
||||
if selector == 2 {
|
||||
glog.ExitContext(ctx, text) // $ logger=text
|
||||
}
|
||||
if selector == 3 {
|
||||
glog.ExitContextDepth(ctx, 0, text) // $ logger=text
|
||||
}
|
||||
if selector == 4 {
|
||||
glog.ExitContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 5 {
|
||||
glog.ExitContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 6 {
|
||||
glog.ExitDepth(0, text) // $ logger=text
|
||||
}
|
||||
if selector == 7 {
|
||||
glog.ExitDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 8 {
|
||||
glog.Exitf(fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 9 {
|
||||
glog.Exitln(text) // $ logger=text
|
||||
}
|
||||
if selector == 10 {
|
||||
glog.Fatal(text) // $ logger=text
|
||||
}
|
||||
if selector == 11 {
|
||||
glog.FatalContext(ctx, text) // $ logger=text
|
||||
}
|
||||
if selector == 12 {
|
||||
glog.FatalContextDepth(ctx, 0, text) // $ logger=text
|
||||
}
|
||||
if selector == 13 {
|
||||
glog.FatalContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 14 {
|
||||
glog.FatalContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 15 {
|
||||
glog.FatalDepth(0, text) // $ logger=text
|
||||
}
|
||||
if selector == 16 {
|
||||
glog.FatalDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 17 {
|
||||
glog.Fatalf(fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 18 {
|
||||
glog.Fatalln(text) // $ logger=text
|
||||
}
|
||||
glog.Info(text) // $ logger=text
|
||||
glog.InfoContext(ctx, text) // $ logger=text
|
||||
glog.InfoContextDepth(ctx, 0, text) // $ logger=text
|
||||
glog.InfoContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.InfoContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
glog.InfoDepth(0, text) // $ logger=text
|
||||
glog.InfoDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.Infof(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Infoln(text) // $ logger=text
|
||||
glog.Warning(text) // $ logger=text
|
||||
glog.WarningContext(ctx, text) // $ logger=text
|
||||
glog.WarningContextDepth(ctx, 0, text) // $ logger=text
|
||||
glog.WarningContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.WarningContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
glog.WarningDepth(0, text) // $ logger=text
|
||||
glog.WarningDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.Warningf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Warningln(text) // $ logger=text
|
||||
|
||||
glog.V(0).Info(text) // $ logger=text
|
||||
glog.V(0).InfoContext(ctx, text) // $ logger=text
|
||||
glog.V(0).InfoContextDepth(ctx, 0, text) // $ logger=text
|
||||
glog.V(0).InfoContextDepthf(ctx, 0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.V(0).InfoContextf(ctx, fmt, text) // $ logger=fmt logger=text
|
||||
glog.V(0).InfoDepth(0, text) // $ logger=text
|
||||
glog.V(0).InfoDepthf(0, fmt, text) // $ logger=fmt logger=text
|
||||
glog.V(0).Infof(fmt, text) // $ logger=fmt logger=text
|
||||
glog.V(0).Infoln(text) // $ logger=text
|
||||
glog.VDepth(0, 0).Info(text) // $ logger=text
|
||||
func glogTest() {
|
||||
glog.Error(text) // $ logger=text
|
||||
glog.ErrorDepth(0, text) // $ logger=text
|
||||
glog.Errorf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Errorln(text) // $ logger=text
|
||||
glog.Exit(text) // $ logger=text
|
||||
glog.ExitDepth(0, text) // $ logger=text
|
||||
glog.Exitf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Exitln(text) // $ logger=text
|
||||
glog.Fatal(text) // $ logger=text
|
||||
glog.FatalDepth(0, text) // $ logger=text
|
||||
glog.Fatalf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Fatalln(text) // $ logger=text
|
||||
glog.Info(text) // $ logger=text
|
||||
glog.InfoDepth(0, text) // $ logger=text
|
||||
glog.Infof(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Infoln(text) // $ logger=text
|
||||
glog.Warning(text) // $ logger=text
|
||||
glog.WarningDepth(0, text) // $ logger=text
|
||||
glog.Warningf(fmt, text) // $ logger=fmt logger=text
|
||||
glog.Warningln(text) // $ logger=text
|
||||
|
||||
// components corresponding to the format specifier "%T" are not considered vulnerable
|
||||
glog.ErrorContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.ErrorContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.ErrorDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Errorf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
if selector == 19 {
|
||||
glog.ExitContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 20 {
|
||||
glog.ExitContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 21 {
|
||||
glog.ExitDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 22 {
|
||||
glog.Exitf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 23 {
|
||||
glog.FatalContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 24 {
|
||||
glog.FatalContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 25 {
|
||||
glog.FatalDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 26 {
|
||||
glog.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
glog.InfoContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.InfoContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.InfoDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.WarningContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.WarningContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.WarningDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Warningf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.V(0).InfoContextDepthf(ctx, 0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.V(0).InfoContextf(ctx, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.V(0).InfoDepthf(0, "%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.V(0).Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Errorf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Exitf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
glog.Warningf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
|
||||
klog.Error(text) // $ logger=text
|
||||
klog.ErrorDepth(0, text) // $ logger=text
|
||||
klog.Errorf(fmt, text) // $ logger=fmt logger=text
|
||||
klog.Errorln(text) // $ logger=text
|
||||
if selector == 27 {
|
||||
klog.Exit(text) // $ logger=text
|
||||
}
|
||||
if selector == 28 {
|
||||
klog.ExitDepth(0, text) // $ logger=text
|
||||
}
|
||||
if selector == 29 {
|
||||
klog.Exitf(fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 30 {
|
||||
klog.Exitln(text) // $ logger=text
|
||||
}
|
||||
if selector == 31 {
|
||||
klog.Fatal(text) // $ logger=text
|
||||
}
|
||||
if selector == 32 {
|
||||
klog.FatalDepth(0, text) // $ logger=text
|
||||
}
|
||||
if selector == 33 {
|
||||
klog.Fatalf(fmt, text) // $ logger=fmt logger=text
|
||||
}
|
||||
if selector == 34 {
|
||||
klog.Fatalln(text) // $ logger=text
|
||||
}
|
||||
klog.Error(text) // $ logger=text
|
||||
klog.ErrorDepth(0, text) // $ logger=text
|
||||
klog.Errorf(fmt, text) // $ logger=fmt logger=text
|
||||
klog.Errorln(text) // $ logger=text
|
||||
klog.Exit(text) // $ logger=text
|
||||
klog.ExitDepth(0, text) // $ logger=text
|
||||
klog.Exitf(fmt, text) // $ logger=fmt logger=text
|
||||
klog.Exitln(text) // $ logger=text
|
||||
klog.Fatal(text) // $ logger=text
|
||||
klog.FatalDepth(0, text) // $ logger=text
|
||||
klog.Fatalf(fmt, text) // $ logger=fmt logger=text
|
||||
klog.Fatalln(text) // $ logger=text
|
||||
klog.Info(text) // $ logger=text
|
||||
klog.InfoDepth(0, text) // $ logger=text
|
||||
klog.Infof(fmt, text) // $ logger=fmt logger=text
|
||||
@@ -184,19 +57,11 @@ func glogTest(selector int) {
|
||||
klog.WarningDepth(0, text) // $ logger=text
|
||||
klog.Warningf(fmt, text) // $ logger=fmt logger=text
|
||||
klog.Warningln(text) // $ logger=text
|
||||
klog.V(0).Info(text) // $ logger=text
|
||||
klog.V(0).Infof(fmt, text) // $ logger=fmt logger=text
|
||||
klog.V(0).Infoln(text) // $ logger=text
|
||||
|
||||
// components corresponding to the format specifier "%T" are not considered vulnerable
|
||||
klog.Errorf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
if selector == 35 {
|
||||
klog.Exitf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
if selector == 36 {
|
||||
klog.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
klog.Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Warningf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.V(0).Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Errorf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Exitf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
klog.Warningf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
|
||||
}
|
||||
|
||||
@@ -3,7 +3,7 @@ module codeql-go-tests/concepts/loggercall
|
||||
go 1.15
|
||||
|
||||
require (
|
||||
github.com/golang/glog v1.2.5
|
||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
|
||||
github.com/sirupsen/logrus v1.7.0
|
||||
k8s.io/klog v1.0.0
|
||||
)
|
||||
|
||||
@@ -6,6 +6,5 @@ const text = "test"
|
||||
var v []byte
|
||||
|
||||
func main() {
|
||||
glogTest(len(v))
|
||||
stdlib()
|
||||
}
|
||||
|
||||
@@ -2,125 +2,47 @@
|
||||
// This is a simple stub for github.com/golang/glog, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/golang/glog (exports: Level,Verbose; functions: Error,ErrorContext,ErrorContextDepth,ErrorContextDepthf,ErrorContextf,ErrorDepth,ErrorDepthf,Errorf,Errorln,Exit,ExitContext,ExitContextDepth,ExitContextDepthf,ExitContextf,ExitDepth,ExitDepthf,Exitf,Exitln,Fatal,FatalContext,FatalContextDepth,FatalContextDepthf,FatalContextf,FatalDepth,FatalDepthf,Fatalf,Fatalln,Info,InfoContext,InfoContextDepth,InfoContextDepthf,InfoContextf,InfoDepth,InfoDepthf,Infof,Infoln,V,VDepth,Warning,WarningContext,WarningContextDepth,WarningContextDepthf,WarningContextf,WarningDepth,WarningDepthf,Warningf,Warningln)
|
||||
// Source: github.com/golang/glog (exports: ; functions: Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,Warning,WarningDepth,Warningf,Warningln)
|
||||
|
||||
// Package glog is a stub of github.com/golang/glog, generated by depstubber.
|
||||
package glog
|
||||
|
||||
import "context"
|
||||
|
||||
type Level int32
|
||||
|
||||
type Verbose bool
|
||||
|
||||
func Error(_ ...interface{}) {}
|
||||
|
||||
func ErrorContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func ErrorContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func ErrorContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func ErrorContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func ErrorDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func ErrorDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func Errorln(_ ...interface{}) {}
|
||||
|
||||
func Exit(_ ...interface{}) {}
|
||||
|
||||
func ExitContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func ExitContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func ExitContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func ExitContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func ExitDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func ExitDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func Exitf(_ string, _ ...interface{}) {}
|
||||
|
||||
func Exitln(_ ...interface{}) {}
|
||||
|
||||
func Fatal(_ ...interface{}) {}
|
||||
|
||||
func FatalContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func FatalContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func FatalContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func FatalContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func FatalDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func FatalDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func Fatalln(_ ...interface{}) {}
|
||||
|
||||
func Info(_ ...interface{}) {}
|
||||
|
||||
func InfoContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func InfoContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func InfoContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func InfoContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func InfoDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func InfoDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func Infoln(_ ...interface{}) {}
|
||||
|
||||
func V(_ Level) Verbose { return false }
|
||||
|
||||
func VDepth(_ int, _ Level) Verbose { return false }
|
||||
|
||||
func Warning(_ ...interface{}) {}
|
||||
|
||||
func WarningContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func WarningContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func WarningContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func WarningContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func WarningDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func WarningDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoContext(_ context.Context, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoContextDepth(_ context.Context, _ int, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoContextDepthf(_ context.Context, _ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoContextf(_ context.Context, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoDepth(_ int, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) InfoDepthf(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Infoln(_ ...interface{}) {}
|
||||
|
||||
14
go/ql/test/library-tests/semmle/go/concepts/LoggerCall/vendor/k8s.io/klog/stub.go
generated
vendored
14
go/ql/test/library-tests/semmle/go/concepts/LoggerCall/vendor/k8s.io/klog/stub.go
generated
vendored
@@ -2,15 +2,11 @@
|
||||
// This is a simple stub for k8s.io/klog, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: k8s.io/klog (exports: Level,Verbose; functions: Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,V,Warning,WarningDepth,Warningf,Warningln)
|
||||
// Source: k8s.io/klog (exports: ; functions: Error,ErrorDepth,Errorf,Errorln,Exit,ExitDepth,Exitf,Exitln,Fatal,FatalDepth,Fatalf,Fatalln,Info,InfoDepth,Infof,Infoln,Warning,WarningDepth,Warningf,Warningln)
|
||||
|
||||
// Package klog is a stub of k8s.io/klog, generated by depstubber.
|
||||
package klog
|
||||
|
||||
type Level int32
|
||||
|
||||
type Verbose bool
|
||||
|
||||
func Error(_ ...interface{}) {}
|
||||
|
||||
func ErrorDepth(_ int, _ ...interface{}) {}
|
||||
@@ -43,8 +39,6 @@ func Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func Infoln(_ ...interface{}) {}
|
||||
|
||||
func V(_ Level) Verbose { return false }
|
||||
|
||||
func Warning(_ ...interface{}) {}
|
||||
|
||||
func WarningDepth(_ int, _ ...interface{}) {}
|
||||
@@ -52,9 +46,3 @@ func WarningDepth(_ int, _ ...interface{}) {}
|
||||
func Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ Verbose) Infoln(_ ...interface{}) {}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# github.com/golang/glog v1.2.5
|
||||
# github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
|
||||
## explicit
|
||||
github.com/golang/glog
|
||||
# github.com/sirupsen/logrus v1.7.0
|
||||
|
||||
@@ -1,21 +1,11 @@
|
||||
| file://:0:0:0:0 | Exit | os.Exit |
|
||||
| file://:0:0:0:0 | Fatal | log.Fatal |
|
||||
| file://:0:0:0:0 | Fatal | log.Logger.Fatal |
|
||||
| file://:0:0:0:0 | Fatalf | log.Fatalf |
|
||||
| file://:0:0:0:0 | Fatalf | log.Logger.Fatalf |
|
||||
| file://:0:0:0:0 | Fatalln | log.Fatalln |
|
||||
| file://:0:0:0:0 | Fatalln | log.Logger.Fatalln |
|
||||
| file://:0:0:0:0 | Panic | log.Logger.Panic |
|
||||
| file://:0:0:0:0 | Panic | log.Panic |
|
||||
| file://:0:0:0:0 | Panicf | log.Logger.Panicf |
|
||||
| file://:0:0:0:0 | Panicf | log.Panicf |
|
||||
| file://:0:0:0:0 | Panicln | log.Logger.Panicln |
|
||||
| file://:0:0:0:0 | Panicln | log.Panicln |
|
||||
| file://:0:0:0:0 | panic | panic |
|
||||
| noretfunctions.go:8:6:8:12 | isNoRet | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.isNoRet |
|
||||
| noretfunctions.go:20:6:20:22 | noRetUsesLogFatal | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.noRetUsesLogFatal |
|
||||
| noretfunctions.go:24:6:24:23 | noRetUsesLogFatalf | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.noRetUsesLogFatalf |
|
||||
| stmts7.go:10:6:10:15 | canRecover | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.canRecover |
|
||||
| stmts.go:10:6:10:10 | test5 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.test5 |
|
||||
| stmts.go:46:6:46:10 | test6 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.test6 |
|
||||
| stmts.go:112:6:112:10 | test9 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph.test9 |
|
||||
| file://:0:0:0:0 | Exit | package os |
|
||||
| file://:0:0:0:0 | Fatal | package log |
|
||||
| file://:0:0:0:0 | Fatalf | package log |
|
||||
| file://:0:0:0:0 | Fatalln | package log |
|
||||
| noretfunctions.go:8:6:8:12 | isNoRet | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| noretfunctions.go:20:6:20:22 | noRetUsesLogFatal | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| noretfunctions.go:24:6:24:23 | noRetUsesLogFatalf | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| stmts7.go:10:6:10:15 | canRecover | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| stmts.go:10:6:10:10 | test5 | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| stmts.go:46:6:46:10 | test6 | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
| stmts.go:112:6:112:10 | test9 | package github.com/github/codeql-go/ql/test/library-tests/semmle/go/controlflow/ControlFlowGraph |
|
||||
|
||||
@@ -2,4 +2,4 @@ import go
|
||||
|
||||
from Function f
|
||||
where not f.mayReturnNormally()
|
||||
select f, f.getQualifiedName()
|
||||
select f, f.getPackage()
|
||||
|
||||
@@ -9,9 +9,9 @@ import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
|
||||
import utils.test.InlineFlowTest
|
||||
|
||||
module Config implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { sourceNode(source, "qltest") }
|
||||
predicate isSource(DataFlow::Node src) { sourceNode(src, "qltest") }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sinkNode(sink, "qltest") }
|
||||
predicate isSink(DataFlow::Node src) { sinkNode(src, "qltest") }
|
||||
}
|
||||
|
||||
import ValueFlowTest<Config>
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
reverseRead
|
||||
| main.go:23:3:23:5 | out | Origin of readStep is missing a PostUpdateNode. |
|
||||
@@ -4,7 +4,7 @@ func source() string {
|
||||
return "untrusted data"
|
||||
}
|
||||
|
||||
func sink(any) {
|
||||
func sink(string) {
|
||||
}
|
||||
|
||||
type A struct {
|
||||
@@ -19,10 +19,6 @@ func functionWithVarArgsParameter(s ...string) string {
|
||||
return s[1]
|
||||
}
|
||||
|
||||
func functionWithVarArgsOutParameter(in string, out ...*string) {
|
||||
*out[0] = in
|
||||
}
|
||||
|
||||
func functionWithSliceOfStructsParameter(s []A) string {
|
||||
return s[1].f
|
||||
}
|
||||
@@ -42,12 +38,6 @@ func main() {
|
||||
sink(functionWithVarArgsParameter(sSlice...)) // $ hasValueFlow="call to functionWithVarArgsParameter"
|
||||
sink(functionWithVarArgsParameter(s0, s1)) // $ hasValueFlow="call to functionWithVarArgsParameter"
|
||||
|
||||
var out1 *string
|
||||
var out2 *string
|
||||
functionWithVarArgsOutParameter(source(), out1, out2)
|
||||
sink(out1) // $ MISSING: hasValueFlow="out1"
|
||||
sink(out2) // $ MISSING: hasValueFlow="out2"
|
||||
|
||||
sliceOfStructs := []A{{f: source()}}
|
||||
sink(sliceOfStructs[0].f) // $ hasValueFlow="selection of f"
|
||||
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
invalidModelRow
|
||||
testFailures
|
||||
@@ -1,21 +0,0 @@
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/go-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithParameter", "", "", "Argument[0]", "ReturnValue", "value", "manual"]
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithSliceParameter", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"]
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithVarArgsParameter", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"]
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithVarArgsOutParameter", "", "", "Argument[0]", "Argument[1].ArrayElement", "value", "manual"]
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithSliceOfStructsParameter", "", "", "Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field]", "ReturnValue", "value", "manual"]
|
||||
- ["github.com/nonexistent/test", "", False, "FunctionWithVarArgsOfStructsParameter", "", "", "Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field]", "ReturnValue", "value", "manual"]
|
||||
- addsTo:
|
||||
pack: codeql/go-all
|
||||
extensible: sourceModel
|
||||
data:
|
||||
- ["github.com/nonexistent/test", "", False, "VariadicSource", "", "", "Argument[0]", "qltest", "manual"]
|
||||
- addsTo:
|
||||
pack: codeql/go-all
|
||||
extensible: sinkModel
|
||||
data:
|
||||
- ["github.com/nonexistent/test", "", False, "VariadicSink", "", "", "Argument[0]", "qltest", "manual"]
|
||||
@@ -1,22 +0,0 @@
|
||||
import go
|
||||
import semmle.go.dataflow.ExternalFlow
|
||||
import ModelValidation
|
||||
import utils.test.InlineFlowTest
|
||||
|
||||
module Config implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
sourceNode(source, "qltest")
|
||||
or
|
||||
exists(Function fn | fn.hasQualifiedName(_, ["source", "taint"]) |
|
||||
source = fn.getACall().getResult()
|
||||
)
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
sinkNode(sink, "qltest")
|
||||
or
|
||||
exists(Function fn | fn.hasQualifiedName(_, "sink") | sink = fn.getACall().getAnArgument())
|
||||
}
|
||||
}
|
||||
|
||||
import FlowTest<Config, Config>
|
||||
@@ -1,5 +0,0 @@
|
||||
module semmle.go.Packages
|
||||
|
||||
go 1.25
|
||||
|
||||
require github.com/nonexistent/test v0.0.0-20200203000000-0000000000000
|
||||
@@ -1,56 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"github.com/nonexistent/test"
|
||||
)
|
||||
|
||||
func source() string {
|
||||
return "untrusted data"
|
||||
}
|
||||
|
||||
func sink(any) {
|
||||
}
|
||||
|
||||
func main() {
|
||||
s := source()
|
||||
sink(test.FunctionWithParameter(s)) // $ hasValueFlow="call to FunctionWithParameter"
|
||||
|
||||
stringSlice := []string{source()}
|
||||
sink(stringSlice[0]) // $ hasValueFlow="index expression"
|
||||
|
||||
s0 := ""
|
||||
s1 := source()
|
||||
sSlice := []string{s0, s1}
|
||||
sink(test.FunctionWithParameter(sSlice[1])) // $ hasValueFlow="call to FunctionWithParameter"
|
||||
sink(test.FunctionWithSliceParameter(sSlice)) // $ hasValueFlow="call to FunctionWithSliceParameter"
|
||||
sink(test.FunctionWithVarArgsParameter(sSlice...)) // $ hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
sink(test.FunctionWithVarArgsParameter(s0, s1)) // $ hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
|
||||
var out1 *string
|
||||
var out2 *string
|
||||
test.FunctionWithVarArgsOutParameter(source(), out1, out2)
|
||||
sink(out1) // $ MISSING: hasValueFlow="out1"
|
||||
sink(out2) // $ MISSING: hasValueFlow="out2"
|
||||
|
||||
sliceOfStructs := []test.A{{Field: source()}}
|
||||
sink(sliceOfStructs[0].Field) // $ hasValueFlow="selection of Field"
|
||||
|
||||
a0 := test.A{Field: ""}
|
||||
a1 := test.A{Field: source()}
|
||||
aSlice := []test.A{a0, a1}
|
||||
sink(test.FunctionWithSliceOfStructsParameter(aSlice)) // $ hasValueFlow="call to FunctionWithSliceOfStructsParameter"
|
||||
sink(test.FunctionWithVarArgsOfStructsParameter(aSlice...)) // $ hasValueFlow="call to FunctionWithVarArgsOfStructsParameter"
|
||||
sink(test.FunctionWithVarArgsOfStructsParameter(a0, a1)) // $ hasValueFlow="call to FunctionWithVarArgsOfStructsParameter"
|
||||
|
||||
var variadicSource string
|
||||
test.VariadicSource(&variadicSource)
|
||||
sink(variadicSource) // $ MISSING: hasTaintFlow="variadicSource"
|
||||
sink(&variadicSource) // $ MISSING: hasTaintFlow="&..."
|
||||
|
||||
var variadicSourcePtr *string
|
||||
test.VariadicSource(variadicSourcePtr)
|
||||
sink(variadicSourcePtr) // $ MISSING: hasTaintFlow="variadicSourcePtr"
|
||||
sink(*variadicSourcePtr) // $ MISSING: hasTaintFlow="star expression"
|
||||
|
||||
test.VariadicSink(source()) // $ hasTaintFlow="[]type{args}"
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
package test
|
||||
|
||||
type A struct {
|
||||
Field string
|
||||
}
|
||||
|
||||
func FunctionWithParameter(s string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func FunctionWithSliceParameter(s []string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func FunctionWithVarArgsParameter(s ...string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func FunctionWithVarArgsOutParameter(in string, out ...*string) {
|
||||
}
|
||||
|
||||
func FunctionWithSliceOfStructsParameter(s []A) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func FunctionWithVarArgsOfStructsParameter(s ...A) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func VariadicSource(s ...*string) {}
|
||||
|
||||
func VariadicSink(s ...string) {}
|
||||
@@ -1,3 +0,0 @@
|
||||
# github.com/nonexistent/test v0.0.0-20200203000000-0000000000000
|
||||
## explicit
|
||||
github.com/nonexistent/test
|
||||
@@ -20,9 +20,6 @@ class SummaryModelTest extends DataFlow::FunctionModel {
|
||||
this.hasQualifiedName("github.com/nonexistent/test", "FunctionWithVarArgsParameter") and
|
||||
(inp.isParameter(_) and outp.isResult())
|
||||
or
|
||||
this.hasQualifiedName("github.com/nonexistent/test", "FunctionWithVarArgsOutParameter") and
|
||||
(inp.isParameter(0) and outp.isParameter(any(int i | i >= 1)))
|
||||
or
|
||||
this.hasQualifiedName("github.com/nonexistent/test", "FunctionWithSliceOfStructsParameter") and
|
||||
(inp.isParameter(0) and outp.isResult())
|
||||
or
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
module semmle.go.Packages
|
||||
|
||||
go 1.25
|
||||
go 1.17
|
||||
|
||||
require github.com/nonexistent/test v0.0.0-20200203000000-0000000000000
|
||||
|
||||
@@ -8,7 +8,7 @@ func source() string {
|
||||
return "untrusted data"
|
||||
}
|
||||
|
||||
func sink(any) {
|
||||
func sink(string) {
|
||||
}
|
||||
|
||||
func main() {
|
||||
@@ -21,17 +21,10 @@ func main() {
|
||||
s0 := ""
|
||||
s1 := source()
|
||||
sSlice := []string{s0, s1}
|
||||
sink(test.FunctionWithParameter(sSlice[1])) // $ hasValueFlow="call to FunctionWithParameter"
|
||||
sink(test.FunctionWithSliceParameter(sSlice)) // $ hasTaintFlow="call to FunctionWithSliceParameter" MISSING: hasValueFlow="call to FunctionWithSliceParameter"
|
||||
sink(test.FunctionWithVarArgsParameter(sSlice...)) // $ hasTaintFlow="call to FunctionWithVarArgsParameter" MISSING: hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
randomFunctionWithMoreThanOneParameter(1, 2, 3, 4, 5) // This is needed to make the next line pass, because we need to have seen a call to a function with at least 2 parameters for ParameterInput to exist with index 1.
|
||||
sink(test.FunctionWithVarArgsParameter(s0, s1)) // $ hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
|
||||
var out1 *string
|
||||
var out2 *string
|
||||
test.FunctionWithVarArgsOutParameter(source(), out1, out2)
|
||||
sink(out1) // $ hasValueFlow="out1"
|
||||
sink(out2) // $ hasValueFlow="out2"
|
||||
sink(test.FunctionWithParameter(sSlice[1])) // $ hasValueFlow="call to FunctionWithParameter"
|
||||
sink(test.FunctionWithSliceParameter(sSlice)) // $ hasTaintFlow="call to FunctionWithSliceParameter" MISSING: hasValueFlow="call to FunctionWithSliceParameter"
|
||||
sink(test.FunctionWithVarArgsParameter(sSlice...)) // $ hasTaintFlow="call to FunctionWithVarArgsParameter" MISSING: hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
sink(test.FunctionWithVarArgsParameter(s0, s1)) // $ MISSING: hasValueFlow="call to FunctionWithVarArgsParameter"
|
||||
|
||||
sliceOfStructs := []test.A{{Field: source()}}
|
||||
sink(sliceOfStructs[0].Field) // $ hasValueFlow="selection of Field"
|
||||
@@ -44,6 +37,3 @@ func main() {
|
||||
sink(test.FunctionWithVarArgsOfStructsParameter(aSlice...)) // $ MISSING: hasValueFlow="call to FunctionWithVarArgsOfStructsParameter"
|
||||
sink(test.FunctionWithVarArgsOfStructsParameter(a0, a1)) // $ MISSING: hasValueFlow="call to FunctionWithVarArgsOfStructsParameter"
|
||||
}
|
||||
|
||||
func randomFunctionWithMoreThanOneParameter(i1, i2, i3, i4, i5 int) {
|
||||
}
|
||||
|
||||
Binary file not shown.
@@ -16,9 +16,6 @@ func FunctionWithVarArgsParameter(s ...string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func FunctionWithVarArgsOutParameter(in string, out ...*string) {
|
||||
}
|
||||
|
||||
func FunctionWithSliceOfStructsParameter(s []A) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
@@ -15,6 +15,62 @@ func TaintStepTest_LogNew_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
return intoWriter414
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerFatal_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface518 := sourceCQL.(interface{})
|
||||
var intoLogger650 log.Logger
|
||||
intoLogger650.Fatal(fromInterface518)
|
||||
return intoLogger650
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerFatalf_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromString784 := sourceCQL.(string)
|
||||
var intoLogger957 log.Logger
|
||||
intoLogger957.Fatalf(fromString784, nil)
|
||||
return intoLogger957
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerFatalf_B0I1O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface520 := sourceCQL.(interface{})
|
||||
var intoLogger443 log.Logger
|
||||
intoLogger443.Fatalf("", fromInterface520)
|
||||
return intoLogger443
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerFatalln_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface127 := sourceCQL.(interface{})
|
||||
var intoLogger483 log.Logger
|
||||
intoLogger483.Fatalln(fromInterface127)
|
||||
return intoLogger483
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerPanic_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface989 := sourceCQL.(interface{})
|
||||
var intoLogger982 log.Logger
|
||||
intoLogger982.Panic(fromInterface989)
|
||||
return intoLogger982
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerPanicf_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromString417 := sourceCQL.(string)
|
||||
var intoLogger584 log.Logger
|
||||
intoLogger584.Panicf(fromString417, nil)
|
||||
return intoLogger584
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerPanicf_B0I1O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface991 := sourceCQL.(interface{})
|
||||
var intoLogger881 log.Logger
|
||||
intoLogger881.Panicf("", fromInterface991)
|
||||
return intoLogger881
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerPanicln_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface186 := sourceCQL.(interface{})
|
||||
var intoLogger284 log.Logger
|
||||
intoLogger284.Panicln(fromInterface186)
|
||||
return intoLogger284
|
||||
}
|
||||
|
||||
func TaintStepTest_LogLoggerPrint_B0I0O0(sourceCQL interface{}) interface{} {
|
||||
fromInterface908 := sourceCQL.(interface{})
|
||||
var intoLogger137 log.Logger
|
||||
@@ -69,6 +125,46 @@ func RunAllTaints_Log() {
|
||||
out := TaintStepTest_LogNew_B0I0O0(source)
|
||||
sink(0, out)
|
||||
}
|
||||
{
|
||||
source := newSource(1)
|
||||
out := TaintStepTest_LogLoggerFatal_B0I0O0(source)
|
||||
sink(1, out)
|
||||
}
|
||||
{
|
||||
source := newSource(2)
|
||||
out := TaintStepTest_LogLoggerFatalf_B0I0O0(source)
|
||||
sink(2, out)
|
||||
}
|
||||
{
|
||||
source := newSource(3)
|
||||
out := TaintStepTest_LogLoggerFatalf_B0I1O0(source)
|
||||
sink(3, out)
|
||||
}
|
||||
{
|
||||
source := newSource(4)
|
||||
out := TaintStepTest_LogLoggerFatalln_B0I0O0(source)
|
||||
sink(4, out)
|
||||
}
|
||||
{
|
||||
source := newSource(5)
|
||||
out := TaintStepTest_LogLoggerPanic_B0I0O0(source)
|
||||
sink(5, out)
|
||||
}
|
||||
{
|
||||
source := newSource(6)
|
||||
out := TaintStepTest_LogLoggerPanicf_B0I0O0(source)
|
||||
sink(6, out)
|
||||
}
|
||||
{
|
||||
source := newSource(7)
|
||||
out := TaintStepTest_LogLoggerPanicf_B0I1O0(source)
|
||||
sink(7, out)
|
||||
}
|
||||
{
|
||||
source := newSource(8)
|
||||
out := TaintStepTest_LogLoggerPanicln_B0I0O0(source)
|
||||
sink(8, out)
|
||||
}
|
||||
{
|
||||
source := newSource(9)
|
||||
out := TaintStepTest_LogLoggerPrint_B0I0O0(source)
|
||||
|
||||
@@ -3,9 +3,9 @@ reverseRead
|
||||
| LogInjection.go:33:14:33:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:34:18:34:20 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:35:14:35:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:551:14:551:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:559:14:559:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:567:14:567:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:602:14:602:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:603:14:603:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:828:12:828:14 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:447:14:447:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:455:14:455:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:463:14:463:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:498:14:498:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:499:14:499:16 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
| LogInjection.go:724:12:724:14 | implicit dereference | Origin of readStep is missing a PostUpdateNode. |
|
||||
|
||||
@@ -49,22 +49,22 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
log.Printf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
log.Println("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
|
||||
if testFlag == "1" {
|
||||
if testFlag == "true" {
|
||||
log.Fatal("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "2" {
|
||||
if testFlag == "true" {
|
||||
log.Fatalf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "3" {
|
||||
if testFlag == "true" {
|
||||
log.Fatalln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "4" {
|
||||
if testFlag == "true" {
|
||||
log.Panic("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "5" {
|
||||
if testFlag == "true" {
|
||||
log.Panicf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "6" {
|
||||
if testFlag == "true" {
|
||||
log.Panicln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
|
||||
@@ -72,24 +72,12 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger.Print("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Printf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Println("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
if testFlag == "7" {
|
||||
logger.Fatal("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "8" {
|
||||
logger.Fatalf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "9" {
|
||||
logger.Fatalln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "10" {
|
||||
logger.Panic("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "11" {
|
||||
logger.Panicf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
if testFlag == "12" {
|
||||
logger.Panicln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
logger.Fatal("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Fatalf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Fatalln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Panic("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Panicf(formatString, username, password) // $ hasTaintFlow="formatString" hasTaintFlow="username" hasTaintFlow="password"
|
||||
logger.Panicln("user is logged in:", username, password) // $ hasTaintFlow="username" hasTaintFlow="password"
|
||||
}
|
||||
// k8s.io/klog
|
||||
{
|
||||
@@ -103,24 +91,12 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
klog.Error(username) // $ hasTaintFlow="username"
|
||||
klog.Errorf(username) // $ hasTaintFlow="username"
|
||||
klog.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "77" {
|
||||
klog.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "78" {
|
||||
klog.Fatalf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "79" {
|
||||
klog.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "80" {
|
||||
klog.Exit(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "81" {
|
||||
klog.Exitf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "82" {
|
||||
klog.Exitln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
klog.Fatal(username) // $ hasTaintFlow="username"
|
||||
klog.Fatalf(username) // $ hasTaintFlow="username"
|
||||
klog.Fatalln(username) // $ hasTaintFlow="username"
|
||||
klog.Exit(username) // $ hasTaintFlow="username"
|
||||
klog.Exitf(username) // $ hasTaintFlow="username"
|
||||
klog.Exitln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
// astaxie/beego
|
||||
{
|
||||
@@ -185,30 +161,14 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
glog.ErrorDepth(0, username) // $ hasTaintFlow="username"
|
||||
glog.Errorf(username) // $ hasTaintFlow="username"
|
||||
glog.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "83" {
|
||||
glog.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "84" {
|
||||
glog.FatalDepth(0, username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "85" {
|
||||
glog.Fatalf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "86" {
|
||||
glog.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "87" {
|
||||
glog.Exit(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "88" {
|
||||
glog.ExitDepth(0, username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "89" {
|
||||
glog.Exitf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "90" {
|
||||
glog.Exitln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
glog.Fatal(username) // $ hasTaintFlow="username"
|
||||
glog.FatalDepth(0, username) // $ hasTaintFlow="username"
|
||||
glog.Fatalf(username) // $ hasTaintFlow="username"
|
||||
glog.Fatalln(username) // $ hasTaintFlow="username"
|
||||
glog.Exit(username) // $ hasTaintFlow="username"
|
||||
glog.ExitDepth(0, username) // $ hasTaintFlow="username"
|
||||
glog.Exitf(username) // $ hasTaintFlow="username"
|
||||
glog.Exitln(username) // $ hasTaintFlow="username"
|
||||
|
||||
}
|
||||
// sirupsen/logrus
|
||||
@@ -219,42 +179,26 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger := logrus.New()
|
||||
entry := logrus.NewEntry(logger)
|
||||
|
||||
logrus.Debug(username) // $ hasTaintFlow="username"
|
||||
logrus.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Debugf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Debugln(username) // $ hasTaintFlow="username"
|
||||
logrus.Error(username) // $ hasTaintFlow="username"
|
||||
logrus.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Errorf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "13" {
|
||||
logrus.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "14" {
|
||||
logrus.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "15" {
|
||||
logrus.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "16" {
|
||||
logrus.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logrus.Info(username) // $ hasTaintFlow="username"
|
||||
logrus.Infof(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Infof("", username) // $ hasTaintFlow="username"
|
||||
logrus.Infoln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "17" {
|
||||
logrus.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "18" {
|
||||
logrus.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "19" {
|
||||
logrus.Panicf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "20" {
|
||||
logrus.Panicln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logrus.Debug(username) // $ hasTaintFlow="username"
|
||||
logrus.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Debugf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Debugln(username) // $ hasTaintFlow="username"
|
||||
logrus.Error(username) // $ hasTaintFlow="username"
|
||||
logrus.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Errorf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Errorln(username) // $ hasTaintFlow="username"
|
||||
logrus.Fatal(username) // $ hasTaintFlow="username"
|
||||
logrus.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Fatalln(username) // $ hasTaintFlow="username"
|
||||
logrus.Info(username) // $ hasTaintFlow="username"
|
||||
logrus.Infof(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Infof("", username) // $ hasTaintFlow="username"
|
||||
logrus.Infoln(username) // $ hasTaintFlow="username"
|
||||
logrus.Panic(username) // $ hasTaintFlow="username"
|
||||
logrus.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Panicf("", username) // $ hasTaintFlow="username"
|
||||
logrus.Panicln(username) // $ hasTaintFlow="username"
|
||||
logrus.Print(username) // $ hasTaintFlow="username"
|
||||
logrus.Printf(username, "") // $ hasTaintFlow="username"
|
||||
logrus.Printf("", username) // $ hasTaintFlow="username"
|
||||
@@ -276,46 +220,30 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logrus.WithField("", username) // $ hasTaintFlow="username"
|
||||
logrus.WithFields(fields) // $ hasTaintFlow="fields"
|
||||
|
||||
entry.Debug(username) // $ hasTaintFlow="username"
|
||||
entry.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Debugf("", username) // $ hasTaintFlow="username"
|
||||
entry.Debugln(username) // $ hasTaintFlow="username"
|
||||
entry.Error(username) // $ hasTaintFlow="username"
|
||||
entry.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Errorf("", username) // $ hasTaintFlow="username"
|
||||
entry.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "21" {
|
||||
entry.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "22" {
|
||||
entry.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "23" {
|
||||
entry.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "24" {
|
||||
entry.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
entry.Info(username) // $ hasTaintFlow="username"
|
||||
entry.Infof(username, "") // $ hasTaintFlow="username"
|
||||
entry.Infof("", username) // $ hasTaintFlow="username"
|
||||
entry.Infoln(username) // $ hasTaintFlow="username"
|
||||
entry.Log(0, username) // $ hasTaintFlow="username"
|
||||
entry.Logf(0, username, "") // $ hasTaintFlow="username"
|
||||
entry.Logf(0, "", username) // $ hasTaintFlow="username"
|
||||
entry.Logln(0, username) // $ hasTaintFlow="username"
|
||||
if testFlag == "25" {
|
||||
entry.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "26" {
|
||||
entry.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "27" {
|
||||
entry.Panicf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "28" {
|
||||
entry.Panicln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
entry.Debug(username) // $ hasTaintFlow="username"
|
||||
entry.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Debugf("", username) // $ hasTaintFlow="username"
|
||||
entry.Debugln(username) // $ hasTaintFlow="username"
|
||||
entry.Error(username) // $ hasTaintFlow="username"
|
||||
entry.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Errorf("", username) // $ hasTaintFlow="username"
|
||||
entry.Errorln(username) // $ hasTaintFlow="username"
|
||||
entry.Fatal(username) // $ hasTaintFlow="username"
|
||||
entry.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
entry.Fatalln(username) // $ hasTaintFlow="username"
|
||||
entry.Info(username) // $ hasTaintFlow="username"
|
||||
entry.Infof(username, "") // $ hasTaintFlow="username"
|
||||
entry.Infof("", username) // $ hasTaintFlow="username"
|
||||
entry.Infoln(username) // $ hasTaintFlow="username"
|
||||
entry.Log(0, username) // $ hasTaintFlow="username"
|
||||
entry.Logf(0, username, "") // $ hasTaintFlow="username"
|
||||
entry.Logf(0, "", username) // $ hasTaintFlow="username"
|
||||
entry.Logln(0, username) // $ hasTaintFlow="username"
|
||||
entry.Panic(username) // $ hasTaintFlow="username"
|
||||
entry.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Panicf("", username) // $ hasTaintFlow="username"
|
||||
entry.Panicln(username) // $ hasTaintFlow="username"
|
||||
entry.Print(username) // $ hasTaintFlow="username"
|
||||
entry.Printf(username, "") // $ hasTaintFlow="username"
|
||||
entry.Printf("", username) // $ hasTaintFlow="username"
|
||||
@@ -337,46 +265,30 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
entry.WithField("", username) // $ hasTaintFlow="username"
|
||||
entry.WithFields(fields) // $ hasTaintFlow="fields"
|
||||
|
||||
logger.Debug(username) // $ hasTaintFlow="username"
|
||||
logger.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Debugf("", username) // $ hasTaintFlow="username"
|
||||
logger.Debugln(username) // $ hasTaintFlow="username"
|
||||
logger.Error(username) // $ hasTaintFlow="username"
|
||||
logger.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Errorf("", username) // $ hasTaintFlow="username"
|
||||
logger.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "29" {
|
||||
logger.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "30" {
|
||||
logger.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "31" {
|
||||
logger.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "32" {
|
||||
logger.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Info(username) // $ hasTaintFlow="username"
|
||||
logger.Infof(username, "") // $ hasTaintFlow="username"
|
||||
logger.Infof("", username) // $ hasTaintFlow="username"
|
||||
logger.Infoln(username) // $ hasTaintFlow="username"
|
||||
logger.Log(0, username) // $ hasTaintFlow="username"
|
||||
logger.Logf(0, username, "") // $ hasTaintFlow="username"
|
||||
logger.Logf(0, "", username) // $ hasTaintFlow="username"
|
||||
logger.Logln(0, username) // $ hasTaintFlow="username"
|
||||
if testFlag == "33" {
|
||||
logger.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "34" {
|
||||
logger.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "35" {
|
||||
logger.Panicf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "36" {
|
||||
logger.Panicln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Debug(username) // $ hasTaintFlow="username"
|
||||
logger.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Debugf("", username) // $ hasTaintFlow="username"
|
||||
logger.Debugln(username) // $ hasTaintFlow="username"
|
||||
logger.Error(username) // $ hasTaintFlow="username"
|
||||
logger.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Errorf("", username) // $ hasTaintFlow="username"
|
||||
logger.Errorln(username) // $ hasTaintFlow="username"
|
||||
logger.Fatal(username) // $ hasTaintFlow="username"
|
||||
logger.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
logger.Fatalln(username) // $ hasTaintFlow="username"
|
||||
logger.Info(username) // $ hasTaintFlow="username"
|
||||
logger.Infof(username, "") // $ hasTaintFlow="username"
|
||||
logger.Infof("", username) // $ hasTaintFlow="username"
|
||||
logger.Infoln(username) // $ hasTaintFlow="username"
|
||||
logger.Log(0, username) // $ hasTaintFlow="username"
|
||||
logger.Logf(0, username, "") // $ hasTaintFlow="username"
|
||||
logger.Logf(0, "", username) // $ hasTaintFlow="username"
|
||||
logger.Logln(0, username) // $ hasTaintFlow="username"
|
||||
logger.Panic(username) // $ hasTaintFlow="username"
|
||||
logger.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Panicf("", username) // $ hasTaintFlow="username"
|
||||
logger.Panicln(username) // $ hasTaintFlow="username"
|
||||
logger.Print(username) // $ hasTaintFlow="username"
|
||||
logger.Printf(username, "") // $ hasTaintFlow="username"
|
||||
logger.Printf("", username) // $ hasTaintFlow="username"
|
||||
@@ -399,42 +311,26 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger.WithFields(fields) // $ hasTaintFlow="fields"
|
||||
|
||||
var fieldlogger logrus.FieldLogger = entry
|
||||
fieldlogger.Debug(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Error(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "37" {
|
||||
fieldlogger.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "38" {
|
||||
fieldlogger.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "39" {
|
||||
fieldlogger.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "40" {
|
||||
fieldlogger.Fatalln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
fieldlogger.Info(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Infof(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Infof("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Infoln(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "41" {
|
||||
fieldlogger.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "42" {
|
||||
fieldlogger.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "43" {
|
||||
fieldlogger.Panicf("", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "44" {
|
||||
fieldlogger.Panicln(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
fieldlogger.Debug(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Debugln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Error(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Errorln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Fatal(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Fatalf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Fatalf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Fatalln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Info(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Infof(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Infof("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Infoln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Panic(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Panicf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Panicf("", username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Panicln(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Print(username) // $ hasTaintFlow="username"
|
||||
fieldlogger.Printf(username, "") // $ hasTaintFlow="username"
|
||||
fieldlogger.Printf("", username) // $ hasTaintFlow="username"
|
||||
@@ -470,11 +366,11 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger.DPanic(username) // $ hasTaintFlow="username"
|
||||
logger.Debug(username) // $ hasTaintFlow="username"
|
||||
logger.Error(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "45" {
|
||||
if testFlag == " true" {
|
||||
logger.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Info(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "46" {
|
||||
if testFlag == " true" {
|
||||
logger.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Warn(username) // $ hasTaintFlow="username"
|
||||
@@ -486,33 +382,33 @@ func handler(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
sLogger.DPanic(username) // $ hasTaintFlow="username"
|
||||
sLogger.Debug(username) // $ hasTaintFlow="username"
|
||||
sLogger.Error(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "47" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Fatal(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Info(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "48" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Panic(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Warn(username) // $ hasTaintFlow="username"
|
||||
sLogger.DPanicf(username) // $ hasTaintFlow="username"
|
||||
sLogger.Debugf(username) // $ hasTaintFlow="username"
|
||||
sLogger.Errorf(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "49" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Fatalf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Infof(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "50" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Panicf(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Warnf(username) // $ hasTaintFlow="username"
|
||||
sLogger.DPanicw(username) // $ hasTaintFlow="username"
|
||||
sLogger.Debugw(username) // $ hasTaintFlow="username"
|
||||
sLogger.Errorw(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "51" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Fatalw(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Infow(username) // $ hasTaintFlow="username"
|
||||
if testFlag == "52" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Panicw(username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Warnw(username) // $ hasTaintFlow="username"
|
||||
@@ -619,10 +515,10 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
verbose.Infof("user %q logged in.\n", username)
|
||||
klog.Infof("user %q logged in.\n", username)
|
||||
klog.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "53" {
|
||||
if testFlag == " true" {
|
||||
klog.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
if testFlag == "54" {
|
||||
if testFlag == " true" {
|
||||
klog.Exitf("user %q logged in.\n", username)
|
||||
}
|
||||
}
|
||||
@@ -638,10 +534,10 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
|
||||
glog.Infof("user %q logged in.\n", username)
|
||||
glog.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "55" {
|
||||
if testFlag == " true" {
|
||||
glog.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
if testFlag == "56" {
|
||||
if testFlag == " true" {
|
||||
glog.Exitf("user %q logged in.\n", username)
|
||||
}
|
||||
}
|
||||
@@ -649,11 +545,11 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
{
|
||||
logrus.Debugf("user %q logged in.\n", username)
|
||||
logrus.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "57" {
|
||||
if testFlag == " true" {
|
||||
logrus.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
logrus.Infof("user %q logged in.\n", username)
|
||||
if testFlag == "58" {
|
||||
if testFlag == " true" {
|
||||
logrus.Panicf("user %q logged in.\n", username)
|
||||
}
|
||||
logrus.Printf("user %q logged in.\n", username)
|
||||
@@ -665,12 +561,12 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
entry := logrus.WithFields(fields)
|
||||
entry.Debugf("user %q logged in.\n", username)
|
||||
entry.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "59" {
|
||||
if testFlag == " true" {
|
||||
entry.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
entry.Infof("user %q logged in.\n", username)
|
||||
entry.Logf(0, "user %q logged in.\n", username)
|
||||
if testFlag == "60" {
|
||||
if testFlag == " true" {
|
||||
entry.Panicf("user %q logged in.\n", username)
|
||||
}
|
||||
entry.Printf("user %q logged in.\n", username)
|
||||
@@ -681,12 +577,12 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger := entry.Logger
|
||||
logger.Debugf("user %q logged in.\n", username)
|
||||
logger.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "61" {
|
||||
if testFlag == " true" {
|
||||
logger.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
logger.Infof("user %q logged in.\n", username)
|
||||
logger.Logf(0, "user %q logged in.\n", username)
|
||||
if testFlag == "62" {
|
||||
if testFlag == " true" {
|
||||
logger.Panicf("user %q logged in.\n", username)
|
||||
}
|
||||
logger.Printf("user %q logged in.\n", username)
|
||||
@@ -707,11 +603,11 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
sLogger.DPanicf("user %q logged in.\n", username)
|
||||
sLogger.Debugf("user %q logged in.\n", username)
|
||||
sLogger.Errorf("user %q logged in.\n", username)
|
||||
if testFlag == "63" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Fatalf("user %q logged in.\n", username)
|
||||
}
|
||||
sLogger.Infof("user %q logged in.\n", username)
|
||||
if testFlag == "64" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Panicf("user %q logged in.\n", username)
|
||||
}
|
||||
sLogger.Warnf("user %q logged in.\n", username)
|
||||
@@ -724,10 +620,10 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
verbose.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
klog.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
klog.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "65" {
|
||||
if testFlag == " true" {
|
||||
klog.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "66" {
|
||||
if testFlag == " true" {
|
||||
klog.Exitf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
}
|
||||
@@ -743,10 +639,10 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
|
||||
glog.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
glog.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "67" {
|
||||
if testFlag == " true" {
|
||||
glog.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
if testFlag == "68" {
|
||||
if testFlag == " true" {
|
||||
glog.Exitf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
}
|
||||
@@ -754,11 +650,11 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
{
|
||||
logrus.Debugf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
logrus.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "69" {
|
||||
if testFlag == " true" {
|
||||
logrus.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logrus.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "70" {
|
||||
if testFlag == " true" {
|
||||
logrus.Panicf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logrus.Printf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
@@ -770,12 +666,12 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
entry := logrus.WithFields(fields)
|
||||
entry.Debugf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
entry.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "71" {
|
||||
if testFlag == " true" {
|
||||
entry.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
entry.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
entry.Logf(0, "user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "72" {
|
||||
if testFlag == " true" {
|
||||
entry.Panicf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
entry.Printf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
@@ -786,12 +682,12 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
logger := entry.Logger
|
||||
logger.Debugf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
logger.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "73" {
|
||||
if testFlag == " true" {
|
||||
logger.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
logger.Logf(0, "user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "74" {
|
||||
if testFlag == " true" {
|
||||
logger.Panicf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
logger.Printf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
@@ -812,11 +708,11 @@ func handlerGood4(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
sLogger.DPanicf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
sLogger.Debugf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
sLogger.Errorf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "75" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Fatalf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Infof("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
if testFlag == "76" {
|
||||
if testFlag == " true" {
|
||||
sLogger.Panicf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
}
|
||||
sLogger.Warnf("user %#q logged in.\n", username) // $ hasTaintFlow="username"
|
||||
|
||||
@@ -37,22 +37,22 @@
|
||||
| passwords.go:26:14:26:23 | selection of password | passwords.go:26:14:26:23 | selection of password | passwords.go:26:14:26:23 | selection of password | $@ flows to a logging call. | passwords.go:26:14:26:23 | selection of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:27:14:27:26 | call to getPassword | passwords.go:27:14:27:26 | call to getPassword | passwords.go:27:14:27:26 | call to getPassword | $@ flows to a logging call. | passwords.go:27:14:27:26 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| passwords.go:28:14:28:28 | call to getPassword | passwords.go:28:14:28:28 | call to getPassword | passwords.go:28:14:28:28 | call to getPassword | $@ flows to a logging call. | passwords.go:28:14:28:28 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| passwords.go:33:13:33:20 | password | passwords.go:21:2:21:9 | definition of password | passwords.go:33:13:33:20 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:36:14:36:35 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:36:14:36:35 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:41:14:41:17 | obj1 | passwords.go:39:13:39:13 | x | passwords.go:41:14:41:17 | obj1 | $@ flows to a logging call. | passwords.go:39:13:39:13 | x | Sensitive data returned by an access to password |
|
||||
| passwords.go:46:14:46:17 | obj2 | passwords.go:21:2:21:9 | definition of password | passwords.go:46:14:46:17 | obj2 | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:53:14:53:27 | fixed_password | passwords.go:52:2:52:15 | definition of fixed_password | passwords.go:53:14:53:27 | fixed_password | $@ flows to a logging call. | passwords.go:52:2:52:15 | definition of fixed_password | Sensitive data returned by an access to fixed_password |
|
||||
| passwords.go:91:14:91:26 | utilityObject | passwords.go:89:16:89:36 | call to make | passwords.go:91:14:91:26 | utilityObject | $@ flows to a logging call. | passwords.go:89:16:89:36 | call to make | Sensitive data returned by an access to passwordSet |
|
||||
| passwords.go:94:23:94:28 | secret | passwords.go:21:2:21:9 | definition of password | passwords.go:94:23:94:28 | secret | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:104:15:104:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:104:15:104:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:110:16:110:41 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:110:16:110:41 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:115:15:115:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:115:15:115:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:119:14:119:45 | ...+... | passwords.go:118:6:118:14 | definition of password1 | passwords.go:119:14:119:45 | ...+... | $@ flows to a logging call. | passwords.go:118:6:118:14 | definition of password1 | Sensitive data returned by an access to password1 |
|
||||
| passwords.go:129:14:129:19 | config | passwords.go:21:2:21:9 | definition of password | passwords.go:129:14:129:19 | config | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:129:14:129:19 | config | passwords.go:123:13:123:14 | x3 | passwords.go:129:14:129:19 | config | $@ flows to a logging call. | passwords.go:123:13:123:14 | x3 | Sensitive data returned by an access to password |
|
||||
| passwords.go:129:14:129:19 | config | passwords.go:126:13:126:25 | call to getPassword | passwords.go:129:14:129:19 | config | $@ flows to a logging call. | passwords.go:126:13:126:25 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| passwords.go:130:14:130:21 | selection of x | passwords.go:21:2:21:9 | definition of password | passwords.go:130:14:130:21 | selection of x | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:131:14:131:21 | selection of y | passwords.go:126:13:126:25 | call to getPassword | passwords.go:131:14:131:21 | selection of y | $@ flows to a logging call. | passwords.go:126:13:126:25 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| passwords.go:32:12:32:19 | password | passwords.go:21:2:21:9 | definition of password | passwords.go:32:12:32:19 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:34:14:34:35 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:34:14:34:35 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:39:14:39:17 | obj1 | passwords.go:37:13:37:13 | x | passwords.go:39:14:39:17 | obj1 | $@ flows to a logging call. | passwords.go:37:13:37:13 | x | Sensitive data returned by an access to password |
|
||||
| passwords.go:44:14:44:17 | obj2 | passwords.go:21:2:21:9 | definition of password | passwords.go:44:14:44:17 | obj2 | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:51:14:51:27 | fixed_password | passwords.go:50:2:50:15 | definition of fixed_password | passwords.go:51:14:51:27 | fixed_password | $@ flows to a logging call. | passwords.go:50:2:50:15 | definition of fixed_password | Sensitive data returned by an access to fixed_password |
|
||||
| passwords.go:89:14:89:26 | utilityObject | passwords.go:87:16:87:36 | call to make | passwords.go:89:14:89:26 | utilityObject | $@ flows to a logging call. | passwords.go:87:16:87:36 | call to make | Sensitive data returned by an access to passwordSet |
|
||||
| passwords.go:92:23:92:28 | secret | passwords.go:21:2:21:9 | definition of password | passwords.go:92:23:92:28 | secret | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:102:15:102:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:102:15:102:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:108:16:108:41 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:108:16:108:41 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:113:15:113:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:113:15:113:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:117:14:117:45 | ...+... | passwords.go:116:6:116:14 | definition of password1 | passwords.go:117:14:117:45 | ...+... | $@ flows to a logging call. | passwords.go:116:6:116:14 | definition of password1 | Sensitive data returned by an access to password1 |
|
||||
| passwords.go:127:14:127:19 | config | passwords.go:21:2:21:9 | definition of password | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:127:14:127:19 | config | passwords.go:121:13:121:14 | x3 | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:121:13:121:14 | x3 | Sensitive data returned by an access to password |
|
||||
| passwords.go:127:14:127:19 | config | passwords.go:124:13:124:25 | call to getPassword | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:124:13:124:25 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| passwords.go:128:14:128:21 | selection of x | passwords.go:21:2:21:9 | definition of password | passwords.go:128:14:128:21 | selection of x | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
|
||||
| passwords.go:129:14:129:21 | selection of y | passwords.go:124:13:124:25 | call to getPassword | passwords.go:129:14:129:21 | selection of y | $@ flows to a logging call. | passwords.go:124:13:124:25 | call to getPassword | Sensitive data returned by a call to getPassword |
|
||||
| protobuf.go:14:14:14:35 | call to GetDescription | protobuf.go:9:2:9:9 | definition of password | protobuf.go:14:14:14:35 | call to GetDescription | $@ flows to a logging call. | protobuf.go:9:2:9:9 | definition of password | Sensitive data returned by an access to password |
|
||||
edges
|
||||
| klog.go:21:3:26:3 | range statement[1] | klog.go:22:27:22:33 | headers | provenance | |
|
||||
@@ -82,15 +82,95 @@ edges
|
||||
| main.go:53:11:53:18 | password | main.go:54:12:54:19 | password | provenance | |
|
||||
| main.go:53:11:53:18 | password | main.go:54:12:54:19 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:56:11:56:18 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:56:11:56:18 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:59:18:59:25 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:59:18:59:25 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:62:12:62:19 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:62:12:62:19 | password | provenance | Sink:MaD:7 |
|
||||
| main.go:54:12:54:19 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:54:12:54:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:54:12:54:19 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:54:12:54:19 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:59:18:59:25 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:59:18:59:25 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:62:12:62:19 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:62:12:62:19 | password | provenance | Sink:MaD:7 |
|
||||
| main.go:56:11:56:18 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:56:11:56:18 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:56:11:56:18 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:56:11:56:18 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:62:12:62:19 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:62:12:62:19 | password | provenance | Sink:MaD:7 |
|
||||
| main.go:59:18:59:25 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:59:18:59:25 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:59:18:59:25 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:59:18:59:25 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:65:13:65:20 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:62:12:62:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:62:12:62:19 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:62:12:62:19 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:68:11:68:18 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:65:13:65:20 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:65:13:65:20 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:65:13:65:20 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:71:18:71:25 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:68:11:68:18 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:68:11:68:18 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:68:11:68:18 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:71:18:71:25 | password | main.go:74:12:74:19 | password | provenance | |
|
||||
| main.go:71:18:71:25 | password | main.go:74:12:74:19 | password | provenance | Sink:MaD:9 |
|
||||
| main.go:71:18:71:25 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:71:18:71:25 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:71:18:71:25 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:71:18:71:25 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:74:12:74:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:74:12:74:19 | password | main.go:77:13:77:20 | password | provenance | |
|
||||
| main.go:74:12:74:19 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:74:12:74:19 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:77:13:77:20 | password | main.go:79:14:79:21 | password | provenance | Sink:MaD:8 |
|
||||
| main.go:77:13:77:20 | password | main.go:80:17:80:24 | password | provenance | |
|
||||
| main.go:80:17:80:24 | password | main.go:82:12:82:19 | password | provenance | |
|
||||
| main.go:80:17:80:24 | password | main.go:83:17:83:24 | password | provenance | |
|
||||
| main.go:80:17:80:24 | password | main.go:86:19:86:26 | password | provenance | |
|
||||
@@ -102,46 +182,46 @@ edges
|
||||
| passwords.go:8:12:8:12 | definition of x | passwords.go:9:14:9:14 | x | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:25:14:25:21 | password | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:30:8:30:15 | password | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:33:13:33:20 | password | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:36:28:36:35 | password | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:32:12:32:19 | password | provenance | |
|
||||
| passwords.go:21:2:21:9 | definition of password | passwords.go:34:28:34:35 | password | provenance | |
|
||||
| passwords.go:30:8:30:15 | password | passwords.go:8:12:8:12 | definition of x | provenance | |
|
||||
| passwords.go:36:28:36:35 | password | passwords.go:36:14:36:35 | ...+... | provenance | Config |
|
||||
| passwords.go:36:28:36:35 | password | passwords.go:44:6:44:13 | password | provenance | |
|
||||
| passwords.go:38:10:40:2 | struct literal | passwords.go:41:14:41:17 | obj1 | provenance | |
|
||||
| passwords.go:39:13:39:13 | x | passwords.go:38:10:40:2 | struct literal | provenance | Config |
|
||||
| passwords.go:43:10:45:2 | struct literal | passwords.go:46:14:46:17 | obj2 | provenance | |
|
||||
| passwords.go:44:6:44:13 | password | passwords.go:43:10:45:2 | struct literal | provenance | Config |
|
||||
| passwords.go:44:6:44:13 | password | passwords.go:50:11:50:18 | password | provenance | |
|
||||
| passwords.go:50:11:50:18 | password | passwords.go:94:23:94:28 | secret | provenance | |
|
||||
| passwords.go:50:11:50:18 | password | passwords.go:104:33:104:40 | password | provenance | |
|
||||
| passwords.go:50:11:50:18 | password | passwords.go:110:34:110:41 | password | provenance | |
|
||||
| passwords.go:50:11:50:18 | password | passwords.go:115:33:115:40 | password | provenance | |
|
||||
| passwords.go:50:11:50:18 | password | passwords.go:125:13:125:20 | password | provenance | |
|
||||
| passwords.go:52:2:52:15 | definition of fixed_password | passwords.go:53:14:53:27 | fixed_password | provenance | |
|
||||
| passwords.go:88:19:90:2 | struct literal | passwords.go:91:14:91:26 | utilityObject | provenance | |
|
||||
| passwords.go:89:16:89:36 | call to make | passwords.go:88:19:90:2 | struct literal | provenance | Config |
|
||||
| passwords.go:104:33:104:40 | password | passwords.go:104:15:104:40 | ...+... | provenance | Config |
|
||||
| passwords.go:104:33:104:40 | password | passwords.go:110:34:110:41 | password | provenance | |
|
||||
| passwords.go:104:33:104:40 | password | passwords.go:115:33:115:40 | password | provenance | |
|
||||
| passwords.go:104:33:104:40 | password | passwords.go:125:13:125:20 | password | provenance | |
|
||||
| passwords.go:110:34:110:41 | password | passwords.go:110:16:110:41 | ...+... | provenance | Config |
|
||||
| passwords.go:110:34:110:41 | password | passwords.go:115:33:115:40 | password | provenance | |
|
||||
| passwords.go:110:34:110:41 | password | passwords.go:125:13:125:20 | password | provenance | |
|
||||
| passwords.go:115:33:115:40 | password | passwords.go:115:15:115:40 | ...+... | provenance | Config |
|
||||
| passwords.go:115:33:115:40 | password | passwords.go:125:13:125:20 | password | provenance | |
|
||||
| passwords.go:118:6:118:14 | definition of password1 | passwords.go:119:28:119:36 | password1 | provenance | |
|
||||
| passwords.go:119:28:119:36 | password1 | passwords.go:119:28:119:45 | call to String | provenance | Config |
|
||||
| passwords.go:119:28:119:45 | call to String | passwords.go:119:14:119:45 | ...+... | provenance | Config |
|
||||
| passwords.go:122:12:127:2 | struct literal | passwords.go:129:14:129:19 | config | provenance | |
|
||||
| passwords.go:122:12:127:2 | struct literal [x] | passwords.go:130:14:130:19 | config [x] | provenance | |
|
||||
| passwords.go:122:12:127:2 | struct literal [y] | passwords.go:131:14:131:19 | config [y] | provenance | |
|
||||
| passwords.go:123:13:123:14 | x3 | passwords.go:122:12:127:2 | struct literal | provenance | Config |
|
||||
| passwords.go:125:13:125:20 | password | passwords.go:122:12:127:2 | struct literal | provenance | Config |
|
||||
| passwords.go:125:13:125:20 | password | passwords.go:122:12:127:2 | struct literal [x] | provenance | |
|
||||
| passwords.go:126:13:126:25 | call to getPassword | passwords.go:122:12:127:2 | struct literal | provenance | Config |
|
||||
| passwords.go:126:13:126:25 | call to getPassword | passwords.go:122:12:127:2 | struct literal [y] | provenance | |
|
||||
| passwords.go:130:14:130:19 | config [x] | passwords.go:130:14:130:21 | selection of x | provenance | |
|
||||
| passwords.go:131:14:131:19 | config [y] | passwords.go:131:14:131:21 | selection of y | provenance | |
|
||||
| passwords.go:34:28:34:35 | password | passwords.go:34:14:34:35 | ...+... | provenance | Config |
|
||||
| passwords.go:34:28:34:35 | password | passwords.go:42:6:42:13 | password | provenance | |
|
||||
| passwords.go:36:10:38:2 | struct literal | passwords.go:39:14:39:17 | obj1 | provenance | |
|
||||
| passwords.go:37:13:37:13 | x | passwords.go:36:10:38:2 | struct literal | provenance | Config |
|
||||
| passwords.go:41:10:43:2 | struct literal | passwords.go:44:14:44:17 | obj2 | provenance | |
|
||||
| passwords.go:42:6:42:13 | password | passwords.go:41:10:43:2 | struct literal | provenance | Config |
|
||||
| passwords.go:42:6:42:13 | password | passwords.go:48:11:48:18 | password | provenance | |
|
||||
| passwords.go:48:11:48:18 | password | passwords.go:92:23:92:28 | secret | provenance | |
|
||||
| passwords.go:48:11:48:18 | password | passwords.go:102:33:102:40 | password | provenance | |
|
||||
| passwords.go:48:11:48:18 | password | passwords.go:108:34:108:41 | password | provenance | |
|
||||
| passwords.go:48:11:48:18 | password | passwords.go:113:33:113:40 | password | provenance | |
|
||||
| passwords.go:48:11:48:18 | password | passwords.go:123:13:123:20 | password | provenance | |
|
||||
| passwords.go:50:2:50:15 | definition of fixed_password | passwords.go:51:14:51:27 | fixed_password | provenance | |
|
||||
| passwords.go:86:19:88:2 | struct literal | passwords.go:89:14:89:26 | utilityObject | provenance | |
|
||||
| passwords.go:87:16:87:36 | call to make | passwords.go:86:19:88:2 | struct literal | provenance | Config |
|
||||
| passwords.go:102:33:102:40 | password | passwords.go:102:15:102:40 | ...+... | provenance | Config |
|
||||
| passwords.go:102:33:102:40 | password | passwords.go:108:34:108:41 | password | provenance | |
|
||||
| passwords.go:102:33:102:40 | password | passwords.go:113:33:113:40 | password | provenance | |
|
||||
| passwords.go:102:33:102:40 | password | passwords.go:123:13:123:20 | password | provenance | |
|
||||
| passwords.go:108:34:108:41 | password | passwords.go:108:16:108:41 | ...+... | provenance | Config |
|
||||
| passwords.go:108:34:108:41 | password | passwords.go:113:33:113:40 | password | provenance | |
|
||||
| passwords.go:108:34:108:41 | password | passwords.go:123:13:123:20 | password | provenance | |
|
||||
| passwords.go:113:33:113:40 | password | passwords.go:113:15:113:40 | ...+... | provenance | Config |
|
||||
| passwords.go:113:33:113:40 | password | passwords.go:123:13:123:20 | password | provenance | |
|
||||
| passwords.go:116:6:116:14 | definition of password1 | passwords.go:117:28:117:36 | password1 | provenance | |
|
||||
| passwords.go:117:28:117:36 | password1 | passwords.go:117:28:117:45 | call to String | provenance | Config |
|
||||
| passwords.go:117:28:117:45 | call to String | passwords.go:117:14:117:45 | ...+... | provenance | Config |
|
||||
| passwords.go:120:12:125:2 | struct literal | passwords.go:127:14:127:19 | config | provenance | |
|
||||
| passwords.go:120:12:125:2 | struct literal [x] | passwords.go:128:14:128:19 | config [x] | provenance | |
|
||||
| passwords.go:120:12:125:2 | struct literal [y] | passwords.go:129:14:129:19 | config [y] | provenance | |
|
||||
| passwords.go:121:13:121:14 | x3 | passwords.go:120:12:125:2 | struct literal | provenance | Config |
|
||||
| passwords.go:123:13:123:20 | password | passwords.go:120:12:125:2 | struct literal | provenance | Config |
|
||||
| passwords.go:123:13:123:20 | password | passwords.go:120:12:125:2 | struct literal [x] | provenance | |
|
||||
| passwords.go:124:13:124:25 | call to getPassword | passwords.go:120:12:125:2 | struct literal | provenance | Config |
|
||||
| passwords.go:124:13:124:25 | call to getPassword | passwords.go:120:12:125:2 | struct literal [y] | provenance | |
|
||||
| passwords.go:128:14:128:19 | config [x] | passwords.go:128:14:128:21 | selection of x | provenance | |
|
||||
| passwords.go:129:14:129:19 | config [y] | passwords.go:129:14:129:21 | selection of y | provenance | |
|
||||
| protobuf.go:9:2:9:9 | definition of password | protobuf.go:12:22:12:29 | password | provenance | |
|
||||
| protobuf.go:12:2:12:6 | implicit dereference [postupdate] [Description] | protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | provenance | |
|
||||
| protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | protobuf.go:14:14:14:18 | query [pointer, Description] | provenance | |
|
||||
@@ -194,12 +274,20 @@ nodes
|
||||
| main.go:54:12:54:19 | password | semmle.label | password |
|
||||
| main.go:54:12:54:19 | password | semmle.label | password |
|
||||
| main.go:56:11:56:18 | password | semmle.label | password |
|
||||
| main.go:56:11:56:18 | password | semmle.label | password |
|
||||
| main.go:59:18:59:25 | password | semmle.label | password |
|
||||
| main.go:59:18:59:25 | password | semmle.label | password |
|
||||
| main.go:62:12:62:19 | password | semmle.label | password |
|
||||
| main.go:62:12:62:19 | password | semmle.label | password |
|
||||
| main.go:65:13:65:20 | password | semmle.label | password |
|
||||
| main.go:65:13:65:20 | password | semmle.label | password |
|
||||
| main.go:68:11:68:18 | password | semmle.label | password |
|
||||
| main.go:68:11:68:18 | password | semmle.label | password |
|
||||
| main.go:71:18:71:25 | password | semmle.label | password |
|
||||
| main.go:71:18:71:25 | password | semmle.label | password |
|
||||
| main.go:74:12:74:19 | password | semmle.label | password |
|
||||
| main.go:74:12:74:19 | password | semmle.label | password |
|
||||
| main.go:77:13:77:20 | password | semmle.label | password |
|
||||
| main.go:77:13:77:20 | password | semmle.label | password |
|
||||
| main.go:79:14:79:21 | password | semmle.label | password |
|
||||
| main.go:80:17:80:24 | password | semmle.label | password |
|
||||
@@ -220,43 +308,43 @@ nodes
|
||||
| passwords.go:27:14:27:26 | call to getPassword | semmle.label | call to getPassword |
|
||||
| passwords.go:28:14:28:28 | call to getPassword | semmle.label | call to getPassword |
|
||||
| passwords.go:30:8:30:15 | password | semmle.label | password |
|
||||
| passwords.go:33:13:33:20 | password | semmle.label | password |
|
||||
| passwords.go:36:14:36:35 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:36:28:36:35 | password | semmle.label | password |
|
||||
| passwords.go:38:10:40:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:39:13:39:13 | x | semmle.label | x |
|
||||
| passwords.go:41:14:41:17 | obj1 | semmle.label | obj1 |
|
||||
| passwords.go:43:10:45:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:44:6:44:13 | password | semmle.label | password |
|
||||
| passwords.go:46:14:46:17 | obj2 | semmle.label | obj2 |
|
||||
| passwords.go:50:11:50:18 | password | semmle.label | password |
|
||||
| passwords.go:52:2:52:15 | definition of fixed_password | semmle.label | definition of fixed_password |
|
||||
| passwords.go:53:14:53:27 | fixed_password | semmle.label | fixed_password |
|
||||
| passwords.go:88:19:90:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:89:16:89:36 | call to make | semmle.label | call to make |
|
||||
| passwords.go:91:14:91:26 | utilityObject | semmle.label | utilityObject |
|
||||
| passwords.go:94:23:94:28 | secret | semmle.label | secret |
|
||||
| passwords.go:104:15:104:40 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:104:33:104:40 | password | semmle.label | password |
|
||||
| passwords.go:110:16:110:41 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:110:34:110:41 | password | semmle.label | password |
|
||||
| passwords.go:115:15:115:40 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:115:33:115:40 | password | semmle.label | password |
|
||||
| passwords.go:118:6:118:14 | definition of password1 | semmle.label | definition of password1 |
|
||||
| passwords.go:119:14:119:45 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:119:28:119:36 | password1 | semmle.label | password1 |
|
||||
| passwords.go:119:28:119:45 | call to String | semmle.label | call to String |
|
||||
| passwords.go:122:12:127:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:122:12:127:2 | struct literal [x] | semmle.label | struct literal [x] |
|
||||
| passwords.go:122:12:127:2 | struct literal [y] | semmle.label | struct literal [y] |
|
||||
| passwords.go:123:13:123:14 | x3 | semmle.label | x3 |
|
||||
| passwords.go:125:13:125:20 | password | semmle.label | password |
|
||||
| passwords.go:126:13:126:25 | call to getPassword | semmle.label | call to getPassword |
|
||||
| passwords.go:129:14:129:19 | config | semmle.label | config |
|
||||
| passwords.go:130:14:130:19 | config [x] | semmle.label | config [x] |
|
||||
| passwords.go:130:14:130:21 | selection of x | semmle.label | selection of x |
|
||||
| passwords.go:131:14:131:19 | config [y] | semmle.label | config [y] |
|
||||
| passwords.go:131:14:131:21 | selection of y | semmle.label | selection of y |
|
||||
| passwords.go:32:12:32:19 | password | semmle.label | password |
|
||||
| passwords.go:34:14:34:35 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:34:28:34:35 | password | semmle.label | password |
|
||||
| passwords.go:36:10:38:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:37:13:37:13 | x | semmle.label | x |
|
||||
| passwords.go:39:14:39:17 | obj1 | semmle.label | obj1 |
|
||||
| passwords.go:41:10:43:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:42:6:42:13 | password | semmle.label | password |
|
||||
| passwords.go:44:14:44:17 | obj2 | semmle.label | obj2 |
|
||||
| passwords.go:48:11:48:18 | password | semmle.label | password |
|
||||
| passwords.go:50:2:50:15 | definition of fixed_password | semmle.label | definition of fixed_password |
|
||||
| passwords.go:51:14:51:27 | fixed_password | semmle.label | fixed_password |
|
||||
| passwords.go:86:19:88:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:87:16:87:36 | call to make | semmle.label | call to make |
|
||||
| passwords.go:89:14:89:26 | utilityObject | semmle.label | utilityObject |
|
||||
| passwords.go:92:23:92:28 | secret | semmle.label | secret |
|
||||
| passwords.go:102:15:102:40 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:102:33:102:40 | password | semmle.label | password |
|
||||
| passwords.go:108:16:108:41 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:108:34:108:41 | password | semmle.label | password |
|
||||
| passwords.go:113:15:113:40 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:113:33:113:40 | password | semmle.label | password |
|
||||
| passwords.go:116:6:116:14 | definition of password1 | semmle.label | definition of password1 |
|
||||
| passwords.go:117:14:117:45 | ...+... | semmle.label | ...+... |
|
||||
| passwords.go:117:28:117:36 | password1 | semmle.label | password1 |
|
||||
| passwords.go:117:28:117:45 | call to String | semmle.label | call to String |
|
||||
| passwords.go:120:12:125:2 | struct literal | semmle.label | struct literal |
|
||||
| passwords.go:120:12:125:2 | struct literal [x] | semmle.label | struct literal [x] |
|
||||
| passwords.go:120:12:125:2 | struct literal [y] | semmle.label | struct literal [y] |
|
||||
| passwords.go:121:13:121:14 | x3 | semmle.label | x3 |
|
||||
| passwords.go:123:13:123:20 | password | semmle.label | password |
|
||||
| passwords.go:124:13:124:25 | call to getPassword | semmle.label | call to getPassword |
|
||||
| passwords.go:127:14:127:19 | config | semmle.label | config |
|
||||
| passwords.go:128:14:128:19 | config [x] | semmle.label | config [x] |
|
||||
| passwords.go:128:14:128:21 | selection of x | semmle.label | selection of x |
|
||||
| passwords.go:129:14:129:19 | config [y] | semmle.label | config [y] |
|
||||
| passwords.go:129:14:129:21 | selection of y | semmle.label | selection of y |
|
||||
| protobuf.go:9:2:9:9 | definition of password | semmle.label | definition of password |
|
||||
| protobuf.go:12:2:12:6 | implicit dereference [postupdate] [Description] | semmle.label | implicit dereference [postupdate] [Description] |
|
||||
| protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | semmle.label | query [postupdate] [pointer, Description] |
|
||||
|
||||
@@ -16,7 +16,7 @@ func redact(kind, value string) string {
|
||||
return value
|
||||
}
|
||||
|
||||
func test(selector int) {
|
||||
func test() {
|
||||
name := "user"
|
||||
password := "P@ssw0rd" // $ Source
|
||||
x := "horsebatterystapleincorrect"
|
||||
@@ -29,9 +29,7 @@ func test(selector int) {
|
||||
|
||||
myLog(password)
|
||||
|
||||
if selector == 1 {
|
||||
log.Panic(password) // $ Alert
|
||||
}
|
||||
log.Panic(password) // $ Alert
|
||||
|
||||
log.Println(name + ", " + password) // $ Alert
|
||||
|
||||
|
||||
@@ -64,14 +64,8 @@ _resources = [
|
||||
r[len("src/main/resources/"):],
|
||||
)
|
||||
for r in glob(["src/main/resources/**"])
|
||||
if r != "src/main/resources/META-INF/services/org.jetbrains.kotlin.compiler.plugin.CompilerPluginRegistrar"
|
||||
]
|
||||
|
||||
_compiler_plugin_registrar_service = (
|
||||
"src/main/resources/META-INF/services/org.jetbrains.kotlin.compiler.plugin.CompilerPluginRegistrar",
|
||||
"META-INF/services/org.jetbrains.kotlin.compiler.plugin.CompilerPluginRegistrar",
|
||||
)
|
||||
|
||||
kt_javac_options(
|
||||
name = "javac-options",
|
||||
release = "8",
|
||||
@@ -97,32 +91,19 @@ kt_javac_options(
|
||||
# * `resource_strip_prefix` is unique per jar, so we must also put other resources under the same version prefix
|
||||
genrule(
|
||||
name = "resources-%s" % v,
|
||||
srcs = [src for src, _ in _resources] + (
|
||||
[_compiler_plugin_registrar_service[0]] if not version_less(v, "2.4.0") else []
|
||||
),
|
||||
srcs = [src for src, _ in _resources],
|
||||
outs = [
|
||||
"%s/com/github/codeql/extractor.name" % v,
|
||||
] + [
|
||||
"%s/%s" % (v, target)
|
||||
for _, target in _resources
|
||||
] + (
|
||||
["%s/%s" % (
|
||||
v,
|
||||
_compiler_plugin_registrar_service[1],
|
||||
)] if not version_less(v, "2.4.0") else []
|
||||
),
|
||||
],
|
||||
cmd = "\n".join([
|
||||
"echo %s-%s > $(RULEDIR)/%s/com/github/codeql/extractor.name" % (_extractor_name_prefix, v, v),
|
||||
] + [
|
||||
"cp $(execpath %s) $(RULEDIR)/%s/%s" % (source, v, target)
|
||||
for source, target in _resources
|
||||
] + (
|
||||
["cp $(execpath %s) $(RULEDIR)/%s/%s" % (
|
||||
_compiler_plugin_registrar_service[0],
|
||||
v,
|
||||
_compiler_plugin_registrar_service[1],
|
||||
)] if not version_less(v, "2.4.0") else []
|
||||
)),
|
||||
]),
|
||||
),
|
||||
kt_jvm_library(
|
||||
name = "%s-%s" % (_extractor_name_prefix, v),
|
||||
|
||||
BIN
java/kotlin-extractor/deps/kotlin-compiler-2.4.0.jar
(Stored with Git LFS)
BIN
java/kotlin-extractor/deps/kotlin-compiler-2.4.0.jar
(Stored with Git LFS)
Binary file not shown.
BIN
java/kotlin-extractor/deps/kotlin-compiler-embeddable-2.4.0.jar
(Stored with Git LFS)
BIN
java/kotlin-extractor/deps/kotlin-compiler-embeddable-2.4.0.jar
(Stored with Git LFS)
Binary file not shown.
BIN
java/kotlin-extractor/deps/kotlin-stdlib-2.4.0.jar
(Stored with Git LFS)
BIN
java/kotlin-extractor/deps/kotlin-stdlib-2.4.0.jar
(Stored with Git LFS)
Binary file not shown.
@@ -27,7 +27,7 @@ import shutil
|
||||
import io
|
||||
import os
|
||||
|
||||
DEFAULT_VERSION = "2.4.0"
|
||||
DEFAULT_VERSION = "2.3.20"
|
||||
|
||||
|
||||
def options():
|
||||
|
||||
@@ -3,21 +3,32 @@
|
||||
|
||||
package com.github.codeql
|
||||
|
||||
import com.intellij.mock.MockProject
|
||||
import com.intellij.openapi.extensions.LoadingOrder
|
||||
import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension
|
||||
import org.jetbrains.kotlin.config.CompilerConfiguration
|
||||
|
||||
class KotlinExtractorComponentRegistrar : Kotlin2ComponentRegistrar() {
|
||||
override fun doRegisterExtensions(configuration: CompilerConfiguration) {
|
||||
override fun registerProjectComponents(
|
||||
project: MockProject,
|
||||
configuration: CompilerConfiguration
|
||||
) {
|
||||
val invocationTrapFile = configuration[KEY_INVOCATION_TRAP_FILE]
|
||||
if (invocationTrapFile == null) {
|
||||
throw Exception("Required argument for TRAP invocation file not given")
|
||||
}
|
||||
registerExtractorExtension(
|
||||
// Register with LoadingOrder.LAST to ensure the extractor runs after other
|
||||
// IR generation plugins (like kotlinx.serialization) have generated their code.
|
||||
val extensionPoint = project.extensionArea.getExtensionPoint(IrGenerationExtension.extensionPointName)
|
||||
extensionPoint.registerExtension(
|
||||
KotlinExtractorExtension(
|
||||
invocationTrapFile,
|
||||
configuration[KEY_CHECK_TRAP_IDENTICAL] ?: false,
|
||||
configuration[KEY_COMPILATION_STARTTIME],
|
||||
configuration[KEY_EXIT_AFTER_EXTRACTION] ?: false
|
||||
)
|
||||
),
|
||||
LoadingOrder.LAST,
|
||||
project
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -173,9 +173,9 @@ open class KotlinFileExtractor(
|
||||
when (d) {
|
||||
is IrFunction ->
|
||||
when (d.name.asString()) {
|
||||
"toString" -> d.codeQlValueParameters.isEmpty()
|
||||
"hashCode" -> d.codeQlValueParameters.isEmpty()
|
||||
"equals" -> d.codeQlValueParameters.singleOrNull()?.type?.isNullableAny() ?: false
|
||||
"toString" -> d.valueParameters.isEmpty()
|
||||
"hashCode" -> d.valueParameters.isEmpty()
|
||||
"equals" -> d.valueParameters.singleOrNull()?.type?.isNullableAny() ?: false
|
||||
else -> false
|
||||
} && isJavaBinaryDeclaration(d)
|
||||
else -> false
|
||||
@@ -721,7 +721,7 @@ open class KotlinFileExtractor(
|
||||
(it.type as? IrSimpleType)?.classFqName?.asString() != "kotlin.Deprecated"
|
||||
} +
|
||||
// Note we lose any arguments to @java.lang.Deprecated that were written in source.
|
||||
codeQlAnnotationFromSymbolOwner(
|
||||
IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
jldConstructor.returnType,
|
||||
@@ -781,13 +781,13 @@ open class KotlinFileExtractor(
|
||||
val locId = tw.getLocation(constructorCall)
|
||||
tw.writeHasLocation(id, locId)
|
||||
|
||||
for (i in 0 until constructorCall.codeQlValueArgumentsCount) {
|
||||
val param = constructorCall.symbol.owner.codeQlValueParameters[i]
|
||||
for (i in 0 until constructorCall.valueArgumentsCount) {
|
||||
val param = constructorCall.symbol.owner.valueParameters[i]
|
||||
val prop =
|
||||
constructorCall.symbol.owner.parentAsClass.declarations
|
||||
.filterIsInstance<IrProperty>()
|
||||
.first { it.name == param.name }
|
||||
val v = constructorCall.codeQlGetValueArgument(i) ?: param.defaultValue?.expression
|
||||
val v = constructorCall.getValueArgument(i) ?: param.defaultValue?.expression
|
||||
val getter = prop.getter
|
||||
if (getter == null) {
|
||||
logger.warnElement("Expected annotation property to define a getter", prop)
|
||||
@@ -1115,9 +1115,9 @@ open class KotlinFileExtractor(
|
||||
returnId,
|
||||
0,
|
||||
returnId,
|
||||
f.codeQlValueParameters.size,
|
||||
f.valueParameters.size,
|
||||
{ argParent, idxOffset ->
|
||||
f.codeQlValueParameters.forEachIndexed { idx, param ->
|
||||
f.valueParameters.forEachIndexed { idx, param ->
|
||||
val syntheticParamId = useValueParameter(param, proxyFunctionId)
|
||||
extractVariableAccess(
|
||||
syntheticParamId,
|
||||
@@ -1695,9 +1695,9 @@ open class KotlinFileExtractor(
|
||||
returnId,
|
||||
0,
|
||||
returnId,
|
||||
f.codeQlValueParameters.size,
|
||||
f.valueParameters.size,
|
||||
{ argParentId, idxOffset ->
|
||||
f.codeQlValueParameters.mapIndexed { idx, param ->
|
||||
f.valueParameters.mapIndexed { idx, param ->
|
||||
val syntheticParamId = useValueParameter(param, functionId)
|
||||
extractVariableAccess(
|
||||
syntheticParamId,
|
||||
@@ -1792,7 +1792,7 @@ open class KotlinFileExtractor(
|
||||
extractBody: Boolean,
|
||||
extractMethodAndParameterTypeAccesses: Boolean
|
||||
) {
|
||||
if (f.codeQlValueParameters.none { it.defaultValue != null }) return
|
||||
if (f.valueParameters.none { it.defaultValue != null }) return
|
||||
|
||||
val id = getDefaultsMethodLabel(f)
|
||||
if (id == null) {
|
||||
@@ -1800,7 +1800,7 @@ open class KotlinFileExtractor(
|
||||
return
|
||||
}
|
||||
val locId = getLocation(f, null)
|
||||
val extReceiver = f.codeQlExtensionReceiverParameter
|
||||
val extReceiver = f.extensionReceiverParameter
|
||||
val dispatchReceiver = if (f.shouldExtractAsStatic) null else f.dispatchReceiverParameter
|
||||
val parameterTypes = getDefaultsMethodArgTypes(f)
|
||||
val allParamTypeResults =
|
||||
@@ -1869,7 +1869,7 @@ open class KotlinFileExtractor(
|
||||
tw.writeCompiler_generated(id, CompilerGeneratedKinds.DEFAULT_ARGUMENTS_METHOD.kind)
|
||||
|
||||
if (extractBody) {
|
||||
val nonSyntheticParams = listOfNotNull(dispatchReceiver) + f.codeQlValueParameters
|
||||
val nonSyntheticParams = listOfNotNull(dispatchReceiver) + f.valueParameters
|
||||
// This stack entry represents as if we're extracting the 'real' function `f`, giving
|
||||
// the indices of its non-synthetic parameters
|
||||
// such that when we extract the default expressions below, any reference to f's nth
|
||||
@@ -1895,12 +1895,12 @@ open class KotlinFileExtractor(
|
||||
val realParamsVarId = getValueParameterLabel(id, parameterTypes.size - 2)
|
||||
val intType = pluginContext.irBuiltIns.intType
|
||||
val paramIdxOffset =
|
||||
listOf(dispatchReceiver, f.codeQlExtensionReceiverParameter).count { it != null }
|
||||
listOf(dispatchReceiver, f.extensionReceiverParameter).count { it != null }
|
||||
extractBlockBody(id, locId).also { blockId ->
|
||||
var nextStmt = 0
|
||||
// For each parameter with a default, sub in the default value if the caller
|
||||
// hasn't supplied a value:
|
||||
f.codeQlValueParameters.forEachIndexed { paramIdx, param ->
|
||||
f.valueParameters.forEachIndexed { paramIdx, param ->
|
||||
val defaultVal = param.defaultValue
|
||||
if (defaultVal != null) {
|
||||
extractIfStmt(locId, blockId, nextStmt++, id).also { ifId ->
|
||||
@@ -1975,7 +1975,7 @@ open class KotlinFileExtractor(
|
||||
id
|
||||
)
|
||||
tw.writeHasLocation(thisCallId, locId)
|
||||
f.codeQlValueParameters.forEachIndexed { idx, param ->
|
||||
f.valueParameters.forEachIndexed { idx, param ->
|
||||
extractVariableAccess(
|
||||
tw.getLabelFor<DbParam>(getValueParameterLabel(id, idx)),
|
||||
param.type,
|
||||
@@ -2003,9 +2003,9 @@ open class KotlinFileExtractor(
|
||||
)
|
||||
.also { thisCallId ->
|
||||
val realFnIdxOffset =
|
||||
if (f.codeQlExtensionReceiverParameter != null) 1 else 0
|
||||
if (f.extensionReceiverParameter != null) 1 else 0
|
||||
val paramMappings =
|
||||
f.codeQlValueParameters.mapIndexed { idx, param ->
|
||||
f.valueParameters.mapIndexed { idx, param ->
|
||||
Triple(
|
||||
param.type,
|
||||
idx + paramIdxOffset,
|
||||
@@ -2156,7 +2156,7 @@ open class KotlinFileExtractor(
|
||||
val dispatchReceiver =
|
||||
f.dispatchReceiverParameter?.let { IrGetValueImpl(-1, -1, it.symbol) }
|
||||
val extensionReceiver =
|
||||
f.codeQlExtensionReceiverParameter?.let { IrGetValueImpl(-1, -1, it.symbol) }
|
||||
f.extensionReceiverParameter?.let { IrGetValueImpl(-1, -1, it.symbol) }
|
||||
|
||||
extractExpressionBody(overloadId, realFunctionLocId).also { returnId ->
|
||||
extractsDefaultsCall(
|
||||
@@ -2180,28 +2180,28 @@ open class KotlinFileExtractor(
|
||||
if (!f.hasAnnotation(jvmOverloadsFqName)) {
|
||||
if (
|
||||
f is IrConstructor &&
|
||||
f.codeQlValueParameters.isNotEmpty() &&
|
||||
f.codeQlValueParameters.all { it.defaultValue != null } &&
|
||||
f.valueParameters.isNotEmpty() &&
|
||||
f.valueParameters.all { it.defaultValue != null } &&
|
||||
f.parentClassOrNull?.let {
|
||||
// Don't create a default constructor for an annotation class, or a class
|
||||
// that explicitly declares a no-arg constructor.
|
||||
!it.isAnnotationClass &&
|
||||
it.declarations.none { d ->
|
||||
d is IrConstructor && d.codeQlValueParameters.isEmpty()
|
||||
d is IrConstructor && d.valueParameters.isEmpty()
|
||||
}
|
||||
} == true
|
||||
) {
|
||||
// Per https://kotlinlang.org/docs/classes.html#creating-instances-of-classes, a
|
||||
// single default overload gets created specifically
|
||||
// when we have all default parameters, regardless of `@JvmOverloads`.
|
||||
extractGeneratedOverload(f.codeQlValueParameters.map { _ -> null })
|
||||
extractGeneratedOverload(f.valueParameters.map { _ -> null })
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
val paramList: MutableList<IrValueParameter?> = f.codeQlValueParameters.toMutableList()
|
||||
for (n in (f.codeQlValueParameters.size - 1) downTo 0) {
|
||||
if (f.codeQlValueParameters[n].defaultValue != null) {
|
||||
val paramList: MutableList<IrValueParameter?> = f.valueParameters.toMutableList()
|
||||
for (n in (f.valueParameters.size - 1) downTo 0) {
|
||||
if (f.valueParameters[n].defaultValue != null) {
|
||||
paramList[n] = null // Remove this parameter, to be replaced by a default value
|
||||
extractGeneratedOverload(paramList)
|
||||
}
|
||||
@@ -2327,7 +2327,7 @@ open class KotlinFileExtractor(
|
||||
getClassByFqName(pluginContext, it)?.let { annotationClass ->
|
||||
annotationClass.owner.declarations.firstIsInstanceOrNull<IrConstructor>()?.let {
|
||||
annotationConstructor ->
|
||||
codeQlAnnotationFromSymbolOwner(
|
||||
IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
annotationConstructor.returnType,
|
||||
@@ -2388,13 +2388,13 @@ open class KotlinFileExtractor(
|
||||
id
|
||||
}
|
||||
|
||||
val extReceiver = f.codeQlExtensionReceiverParameter
|
||||
val extReceiver = f.extensionReceiverParameter
|
||||
// The following parameter order is correct, because member $default methods (where
|
||||
// the order would be [dispatchParam], [extensionParam], normalParams) are not
|
||||
// extracted here
|
||||
val fParameters =
|
||||
listOfNotNull(extReceiver) +
|
||||
(overriddenAttributes?.valueParameters ?: f.codeQlValueParameters)
|
||||
(overriddenAttributes?.valueParameters ?: f.valueParameters)
|
||||
val paramTypes =
|
||||
fParameters.mapIndexed { i, vp ->
|
||||
extractValueParameter(
|
||||
@@ -3069,14 +3069,14 @@ open class KotlinFileExtractor(
|
||||
logger.errorElement("Unexpected dispatch receiver found", c)
|
||||
}
|
||||
|
||||
if (c.codeQlValueArgumentsCount < 1) {
|
||||
if (c.valueArgumentsCount < 1) {
|
||||
logger.errorElement("No arguments found", c)
|
||||
return
|
||||
}
|
||||
|
||||
extractArgument(id, c, callable, enclosingStmt, 0, "Operand null")
|
||||
|
||||
if (c.codeQlValueArgumentsCount > 1) {
|
||||
if (c.valueArgumentsCount > 1) {
|
||||
logger.errorElement("Extra arguments found", c)
|
||||
}
|
||||
}
|
||||
@@ -3095,21 +3095,21 @@ open class KotlinFileExtractor(
|
||||
logger.errorElement("Unexpected dispatch receiver found", c)
|
||||
}
|
||||
|
||||
if (c.codeQlValueArgumentsCount < 1) {
|
||||
if (c.valueArgumentsCount < 1) {
|
||||
logger.errorElement("No arguments found", c)
|
||||
return
|
||||
}
|
||||
|
||||
extractArgument(id, c, callable, enclosingStmt, 0, "LHS null")
|
||||
|
||||
if (c.codeQlValueArgumentsCount < 2) {
|
||||
if (c.valueArgumentsCount < 2) {
|
||||
logger.errorElement("No RHS found", c)
|
||||
return
|
||||
}
|
||||
|
||||
extractArgument(id, c, callable, enclosingStmt, 1, "RHS null")
|
||||
|
||||
if (c.codeQlValueArgumentsCount > 2) {
|
||||
if (c.valueArgumentsCount > 2) {
|
||||
logger.errorElement("Extra arguments found", c)
|
||||
}
|
||||
}
|
||||
@@ -3122,7 +3122,7 @@ open class KotlinFileExtractor(
|
||||
idx: Int,
|
||||
msg: String
|
||||
) {
|
||||
val op = c.codeQlGetValueArgument(idx)
|
||||
val op = c.getValueArgument(idx)
|
||||
if (op == null) {
|
||||
logger.errorElement(msg, c)
|
||||
} else {
|
||||
@@ -3267,8 +3267,8 @@ open class KotlinFileExtractor(
|
||||
// and which should be replaced by defaults. The final Object parameter is apparently always
|
||||
// null.
|
||||
(listOfNotNull(if (f.shouldExtractAsStatic) null else f.dispatchReceiverParameter?.type) +
|
||||
listOfNotNull(f.codeQlExtensionReceiverParameter?.type) +
|
||||
f.codeQlValueParameters.map { it.type } +
|
||||
listOfNotNull(f.extensionReceiverParameter?.type) +
|
||||
f.valueParameters.map { it.type } +
|
||||
listOf(pluginContext.irBuiltIns.intType, getDefaultsMethodLastArgType(f)))
|
||||
.map { erase(it) }
|
||||
|
||||
@@ -3345,7 +3345,7 @@ open class KotlinFileExtractor(
|
||||
val overriddenCallTarget =
|
||||
(callTarget as? IrSimpleFunction)?.allOverridden(includeSelf = true)?.firstOrNull {
|
||||
it.overriddenSymbols.isEmpty() &&
|
||||
it.codeQlValueParameters.any { p -> p.defaultValue != null }
|
||||
it.valueParameters.any { p -> p.defaultValue != null }
|
||||
} ?: callTarget
|
||||
if (isExternalDeclaration(overriddenCallTarget)) {
|
||||
// Likewise, ensure the overridden target gets extracted.
|
||||
@@ -3419,7 +3419,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
val valueArgsWithDummies =
|
||||
valueArguments.zip(callTarget.codeQlValueParameters).map { (expr, param) ->
|
||||
valueArguments.zip(callTarget.valueParameters).map { (expr, param) ->
|
||||
expr ?: IrConstImpl.defaultValueForType(0, 0, param.type)
|
||||
}
|
||||
|
||||
@@ -3529,7 +3529,7 @@ open class KotlinFileExtractor(
|
||||
callTarget: IrFunction,
|
||||
valueArguments: List<IrExpression?>
|
||||
): Boolean {
|
||||
val varargParam = callTarget.codeQlValueParameters.withIndex().find { it.value.isVararg }
|
||||
val varargParam = callTarget.valueParameters.withIndex().find { it.value.isVararg }
|
||||
// If the vararg param is the only one not specified, and it has no default value, then we
|
||||
// don't need to call a $default method,
|
||||
// as omitting it already implies passing an empty vararg array.
|
||||
@@ -3805,7 +3805,7 @@ open class KotlinFileExtractor(
|
||||
) =
|
||||
extractCallValueArguments(
|
||||
callId,
|
||||
(0 until call.codeQlValueArgumentsCount).map { call.codeQlGetValueArgument(it) },
|
||||
(0 until call.valueArgumentsCount).map { call.getValueArgument(it) },
|
||||
enclosingStmt,
|
||||
enclosingCallable,
|
||||
idxOffset
|
||||
@@ -3874,7 +3874,7 @@ open class KotlinFileExtractor(
|
||||
(owner.parentClassOrNull?.fqNameWhenAvailable?.asString() == type ||
|
||||
(owner.parent is IrExternalPackageFragment &&
|
||||
getFileClassFqName(owner)?.asString() == type)) &&
|
||||
owner.codeQlValueParameters
|
||||
owner.valueParameters
|
||||
.map { it.type.classFqName?.asString() }
|
||||
.toTypedArray() contentEquals parameterTypes
|
||||
}
|
||||
@@ -3926,8 +3926,8 @@ open class KotlinFileExtractor(
|
||||
val result =
|
||||
javaLangString?.declarations?.findSubType<IrFunction> {
|
||||
it.name.asString() == "valueOf" &&
|
||||
it.codeQlValueParameters.size == 1 &&
|
||||
it.codeQlValueParameters[0].type == pluginContext.irBuiltIns.anyNType
|
||||
it.valueParameters.size == 1 &&
|
||||
it.valueParameters[0].type == pluginContext.irBuiltIns.anyNType
|
||||
}
|
||||
if (result == null) {
|
||||
logger.error("Couldn't find declaration java.lang.String.valueOf(Object)")
|
||||
@@ -3951,7 +3951,7 @@ open class KotlinFileExtractor(
|
||||
val kotlinNoWhenBranchMatchedConstructor by lazy {
|
||||
val result =
|
||||
kotlinNoWhenBranchMatchedExn?.declarations?.findSubType<IrConstructor> {
|
||||
it.codeQlValueParameters.isEmpty()
|
||||
it.valueParameters.isEmpty()
|
||||
}
|
||||
if (result == null) {
|
||||
logger.error("Couldn't find no-arg constructor for kotlin.NoWhenBranchMatchedException")
|
||||
@@ -3990,7 +3990,7 @@ open class KotlinFileExtractor(
|
||||
verboseln("No match as function name is ${target.name.asString()} not $fName")
|
||||
return false
|
||||
}
|
||||
val extensionReceiverParameter = target.codeQlExtensionReceiverParameter
|
||||
val extensionReceiverParameter = target.extensionReceiverParameter
|
||||
val targetClass =
|
||||
if (extensionReceiverParameter == null) {
|
||||
if (isNullable == true) {
|
||||
@@ -4098,8 +4098,8 @@ open class KotlinFileExtractor(
|
||||
) {
|
||||
val typeArgs =
|
||||
if (extractMethodTypeArguments)
|
||||
(0 until c.codeQlTypeArgumentsCount)
|
||||
.map { c.codeQlGetTypeArgument(it) }
|
||||
(0 until c.typeArgumentsCount)
|
||||
.map { c.getTypeArgument(it) }
|
||||
.requireNoNullsOrNull()
|
||||
else listOf()
|
||||
|
||||
@@ -4116,9 +4116,9 @@ open class KotlinFileExtractor(
|
||||
parent,
|
||||
idx,
|
||||
enclosingStmt,
|
||||
(0 until c.codeQlValueArgumentsCount).map { c.codeQlGetValueArgument(it) },
|
||||
(0 until c.valueArgumentsCount).map { c.getValueArgument(it) },
|
||||
c.dispatchReceiver,
|
||||
c.codeQlExtensionReceiver,
|
||||
c.extensionReceiver,
|
||||
typeArgs,
|
||||
extractClassTypeArguments,
|
||||
c.superQualifierSymbol
|
||||
@@ -4126,12 +4126,12 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
fun extractSpecialEnumFunction(fnName: String) {
|
||||
if (c.codeQlTypeArgumentsCount != 1) {
|
||||
if (c.typeArgumentsCount != 1) {
|
||||
logger.errorElement("Expected to find exactly one type argument", c)
|
||||
return
|
||||
}
|
||||
|
||||
val enumType = (c.codeQlGetTypeArgument(0) as? IrSimpleType)?.classifier?.owner
|
||||
val enumType = (c.getTypeArgument(0) as? IrSimpleType)?.classifier?.owner
|
||||
if (enumType == null) {
|
||||
logger.errorElement("Couldn't find type of enum type", c)
|
||||
return
|
||||
@@ -4178,13 +4178,13 @@ open class KotlinFileExtractor(
|
||||
} else {
|
||||
extractExpressionExpr(receiver, callable, id, 0, enclosingStmt)
|
||||
}
|
||||
if (c.codeQlValueArgumentsCount < 1) {
|
||||
if (c.valueArgumentsCount < 1) {
|
||||
logger.errorElement("No RHS found", c)
|
||||
} else {
|
||||
if (c.codeQlValueArgumentsCount > 1) {
|
||||
if (c.valueArgumentsCount > 1) {
|
||||
logger.errorElement("Extra arguments found", c)
|
||||
}
|
||||
val arg = c.codeQlGetValueArgument(0)
|
||||
val arg = c.getValueArgument(0)
|
||||
if (arg == null) {
|
||||
logger.errorElement("RHS null", c)
|
||||
} else {
|
||||
@@ -4205,7 +4205,7 @@ open class KotlinFileExtractor(
|
||||
} else {
|
||||
extractExpressionExpr(receiver, callable, id, 0, enclosingStmt)
|
||||
}
|
||||
if (c.codeQlValueArgumentsCount > 0) {
|
||||
if (c.valueArgumentsCount > 0) {
|
||||
logger.errorElement("Extra arguments found", c)
|
||||
}
|
||||
}
|
||||
@@ -4219,7 +4219,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
fun binopExt(id: Label<out DbExpr>) {
|
||||
binopReceiver(id, c.codeQlExtensionReceiver, "Extension receiver")
|
||||
binopReceiver(id, c.extensionReceiver, "Extension receiver")
|
||||
}
|
||||
|
||||
fun unaryopDisp(id: Label<out DbExpr>) {
|
||||
@@ -4227,7 +4227,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
fun unaryopExt(id: Label<out DbExpr>) {
|
||||
unaryopReceiver(id, c.codeQlExtensionReceiver, "Extension receiver")
|
||||
unaryopReceiver(id, c.extensionReceiver, "Extension receiver")
|
||||
}
|
||||
|
||||
val dr = c.dispatchReceiver
|
||||
@@ -4249,7 +4249,7 @@ open class KotlinFileExtractor(
|
||||
parent,
|
||||
idx,
|
||||
enclosingStmt,
|
||||
listOf(c.codeQlExtensionReceiver, c.codeQlGetValueArgument(0)),
|
||||
listOf(c.extensionReceiver, c.getValueArgument(0)),
|
||||
null,
|
||||
null
|
||||
)
|
||||
@@ -4350,7 +4350,7 @@ open class KotlinFileExtractor(
|
||||
// != gets desugared into not and ==. Here we resugar it.
|
||||
c.origin == IrStatementOrigin.EXCLEQ &&
|
||||
isFunction(target, "kotlin", "Boolean", "not") &&
|
||||
c.codeQlValueArgumentsCount == 0 &&
|
||||
c.valueArgumentsCount == 0 &&
|
||||
dr != null &&
|
||||
dr is IrCall &&
|
||||
isBuiltinCallInternal(dr, "EQEQ") -> {
|
||||
@@ -4362,7 +4362,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
c.origin == IrStatementOrigin.EXCLEQEQ &&
|
||||
isFunction(target, "kotlin", "Boolean", "not") &&
|
||||
c.codeQlValueArgumentsCount == 0 &&
|
||||
c.valueArgumentsCount == 0 &&
|
||||
dr != null &&
|
||||
dr is IrCall &&
|
||||
isBuiltinCallInternal(dr, "EQEQEQ") -> {
|
||||
@@ -4374,7 +4374,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
c.origin == IrStatementOrigin.EXCLEQ &&
|
||||
isFunction(target, "kotlin", "Boolean", "not") &&
|
||||
c.codeQlValueArgumentsCount == 0 &&
|
||||
c.valueArgumentsCount == 0 &&
|
||||
dr != null &&
|
||||
dr is IrCall &&
|
||||
isBuiltinCallInternal(dr, "ieee754equals") -> {
|
||||
@@ -4576,7 +4576,7 @@ open class KotlinFileExtractor(
|
||||
parent,
|
||||
idx,
|
||||
enclosingStmt,
|
||||
listOf(c.codeQlExtensionReceiver),
|
||||
listOf(c.extensionReceiver),
|
||||
null,
|
||||
null
|
||||
)
|
||||
@@ -4596,8 +4596,8 @@ open class KotlinFileExtractor(
|
||||
val locId = tw.getLocation(c)
|
||||
extractExprContext(id, locId, callable, enclosingStmt)
|
||||
|
||||
if (c.codeQlTypeArgumentsCount == 1) {
|
||||
val typeArgument = c.codeQlGetTypeArgument(0)
|
||||
if (c.typeArgumentsCount == 1) {
|
||||
val typeArgument = c.getTypeArgument(0)
|
||||
if (typeArgument == null) {
|
||||
logger.errorElement("Type argument missing in an arrayOfNulls call", c)
|
||||
} else {
|
||||
@@ -4618,8 +4618,8 @@ open class KotlinFileExtractor(
|
||||
)
|
||||
}
|
||||
|
||||
if (c.codeQlValueArgumentsCount == 1) {
|
||||
val dim = c.codeQlGetValueArgument(0)
|
||||
if (c.valueArgumentsCount == 1) {
|
||||
val dim = c.getValueArgument(0)
|
||||
if (dim != null) {
|
||||
extractExpressionExpr(dim, callable, id, 0, enclosingStmt)
|
||||
} else {
|
||||
@@ -4651,8 +4651,8 @@ open class KotlinFileExtractor(
|
||||
c.type.getArrayElementTypeCodeQL(pluginContext.irBuiltIns)
|
||||
} else {
|
||||
// TODO: is there any reason not to always use getArrayElementTypeCodeQL?
|
||||
if (c.codeQlTypeArgumentsCount == 1) {
|
||||
c.codeQlGetTypeArgument(0).also {
|
||||
if (c.typeArgumentsCount == 1) {
|
||||
c.getTypeArgument(0).also {
|
||||
if (it == null) {
|
||||
logger.errorElement(
|
||||
"Type argument missing in an arrayOf call",
|
||||
@@ -4670,7 +4670,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
val arg =
|
||||
if (c.codeQlValueArgumentsCount == 1) c.codeQlGetValueArgument(0)
|
||||
if (c.valueArgumentsCount == 1) c.getValueArgument(0)
|
||||
else {
|
||||
logger.errorElement(
|
||||
"Expected to find only one (vararg) argument in ${c.symbol.owner.name.asString()} call",
|
||||
@@ -4719,7 +4719,7 @@ open class KotlinFileExtractor(
|
||||
return
|
||||
}
|
||||
|
||||
val ext = c.codeQlExtensionReceiver
|
||||
val ext = c.extensionReceiver
|
||||
if (ext == null) {
|
||||
logger.errorElement(
|
||||
"No extension receiver found for `KClass::java` call",
|
||||
@@ -4826,8 +4826,8 @@ open class KotlinFileExtractor(
|
||||
c.origin == IrStatementOrigin.EQ &&
|
||||
c.dispatchReceiver != null -> {
|
||||
val array = c.dispatchReceiver
|
||||
val arrayIdx = c.codeQlGetValueArgument(0)
|
||||
val assignedValue = c.codeQlGetValueArgument(1)
|
||||
val arrayIdx = c.getValueArgument(0)
|
||||
val assignedValue = c.getValueArgument(1)
|
||||
|
||||
if (array != null && arrayIdx != null && assignedValue != null) {
|
||||
|
||||
@@ -4882,22 +4882,22 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
isBuiltinCall(c, "<unsafe-coerce>", "kotlin.jvm.internal") -> {
|
||||
|
||||
if (c.codeQlValueArgumentsCount != 1) {
|
||||
if (c.valueArgumentsCount != 1) {
|
||||
logger.errorElement(
|
||||
"Expected to find one argument for a kotlin.jvm.internal.<unsafe-coerce>() call, but found ${c.codeQlValueArgumentsCount}",
|
||||
"Expected to find one argument for a kotlin.jvm.internal.<unsafe-coerce>() call, but found ${c.valueArgumentsCount}",
|
||||
c
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
if (c.codeQlTypeArgumentsCount != 2) {
|
||||
if (c.typeArgumentsCount != 2) {
|
||||
logger.errorElement(
|
||||
"Expected to find two type arguments for a kotlin.jvm.internal.<unsafe-coerce>() call, but found ${c.codeQlTypeArgumentsCount}",
|
||||
"Expected to find two type arguments for a kotlin.jvm.internal.<unsafe-coerce>() call, but found ${c.typeArgumentsCount}",
|
||||
c
|
||||
)
|
||||
return
|
||||
}
|
||||
val valueArg = c.codeQlGetValueArgument(0)
|
||||
val valueArg = c.getValueArgument(0)
|
||||
if (valueArg == null) {
|
||||
logger.errorElement(
|
||||
"Cannot find value argument for a kotlin.jvm.internal.<unsafe-coerce>() call",
|
||||
@@ -4905,7 +4905,7 @@ open class KotlinFileExtractor(
|
||||
)
|
||||
return
|
||||
}
|
||||
val typeArg = c.codeQlGetTypeArgument(1)
|
||||
val typeArg = c.getTypeArgument(1)
|
||||
if (typeArg == null) {
|
||||
logger.errorElement(
|
||||
"Cannot find type argument for a kotlin.jvm.internal.<unsafe-coerce>() call",
|
||||
@@ -4924,7 +4924,7 @@ open class KotlinFileExtractor(
|
||||
extractExpressionExpr(valueArg, callable, id, 1, enclosingStmt)
|
||||
}
|
||||
isBuiltinCallInternal(c, "dataClassArrayMemberToString") -> {
|
||||
val arrayArg = c.codeQlGetValueArgument(0)
|
||||
val arrayArg = c.getValueArgument(0)
|
||||
val realArrayClass = arrayArg?.type?.classOrNull
|
||||
if (realArrayClass == null) {
|
||||
logger.errorElement(
|
||||
@@ -4936,8 +4936,8 @@ open class KotlinFileExtractor(
|
||||
val realCallee =
|
||||
javaUtilArrays?.declarations?.findSubType<IrFunction> { decl ->
|
||||
decl.name.asString() == "toString" &&
|
||||
decl.codeQlValueParameters.size == 1 &&
|
||||
decl.codeQlValueParameters[0].type.classOrNull?.let {
|
||||
decl.valueParameters.size == 1 &&
|
||||
decl.valueParameters[0].type.classOrNull?.let {
|
||||
it == realArrayClass
|
||||
} == true
|
||||
}
|
||||
@@ -4962,7 +4962,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
}
|
||||
isBuiltinCallInternal(c, "dataClassArrayMemberHashCode") -> {
|
||||
val arrayArg = c.codeQlGetValueArgument(0)
|
||||
val arrayArg = c.getValueArgument(0)
|
||||
val realArrayClass = arrayArg?.type?.classOrNull
|
||||
if (realArrayClass == null) {
|
||||
logger.errorElement(
|
||||
@@ -4974,8 +4974,8 @@ open class KotlinFileExtractor(
|
||||
val realCallee =
|
||||
javaUtilArrays?.declarations?.findSubType<IrFunction> { decl ->
|
||||
decl.name.asString() == "hashCode" &&
|
||||
decl.codeQlValueParameters.size == 1 &&
|
||||
decl.codeQlValueParameters[0].type.classOrNull?.let {
|
||||
decl.valueParameters.size == 1 &&
|
||||
decl.valueParameters[0].type.classOrNull?.let {
|
||||
it == realArrayClass
|
||||
} == true
|
||||
}
|
||||
@@ -5155,7 +5155,7 @@ open class KotlinFileExtractor(
|
||||
val type = useType(eType)
|
||||
val isAnonymous = eType.isAnonymous
|
||||
val locId = tw.getLocation(e)
|
||||
val valueArgs = (0 until e.codeQlValueArgumentsCount).map { e.codeQlGetValueArgument(it) }
|
||||
val valueArgs = (0 until e.valueArgumentsCount).map { e.getValueArgument(it) }
|
||||
|
||||
val id =
|
||||
if (
|
||||
@@ -5211,10 +5211,10 @@ open class KotlinFileExtractor(
|
||||
realCallTarget is IrConstructor &&
|
||||
realCallTarget.parentClassOrNull?.fqNameWhenAvailable?.asString() ==
|
||||
"kotlin.Enum" &&
|
||||
realCallTarget.codeQlValueParameters.size == 2 &&
|
||||
realCallTarget.codeQlValueParameters[0].type ==
|
||||
realCallTarget.valueParameters.size == 2 &&
|
||||
realCallTarget.valueParameters[0].type ==
|
||||
pluginContext.irBuiltIns.stringType &&
|
||||
realCallTarget.codeQlValueParameters[1].type == pluginContext.irBuiltIns.intType
|
||||
realCallTarget.valueParameters[1].type == pluginContext.irBuiltIns.intType
|
||||
) {
|
||||
|
||||
val id0 =
|
||||
@@ -5287,7 +5287,7 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
val args =
|
||||
(0 until e.codeQlTypeArgumentsCount).map { e.codeQlGetTypeArgument(it) }.requireNoNullsOrNull()
|
||||
(0 until e.typeArgumentsCount).map { e.getTypeArgument(it) }.requireNoNullsOrNull()
|
||||
if (args == null) {
|
||||
logger.warnElement("Found null type argument in enum constructor call", e)
|
||||
return
|
||||
@@ -5365,7 +5365,7 @@ open class KotlinFileExtractor(
|
||||
// Check for an expression like x = get(x).op(e):
|
||||
val opReceiver = updateRhs.dispatchReceiver
|
||||
if (isExpectedLhs(opReceiver)) {
|
||||
updateRhs.codeQlGetValueArgument(0)
|
||||
updateRhs.getValueArgument(0)
|
||||
} else null
|
||||
} else null
|
||||
}
|
||||
@@ -5560,7 +5560,7 @@ open class KotlinFileExtractor(
|
||||
"set"
|
||||
)
|
||||
) {
|
||||
val updateRhs0 = arraySetCall.codeQlGetValueArgument(1)
|
||||
val updateRhs0 = arraySetCall.getValueArgument(1)
|
||||
if (updateRhs0 == null) {
|
||||
logger.errorElement("Update RHS not found", e)
|
||||
return false
|
||||
@@ -6403,12 +6403,12 @@ open class KotlinFileExtractor(
|
||||
val ids = getLocallyVisibleFunctionLabels(e.function)
|
||||
val locId = tw.getLocation(e)
|
||||
|
||||
val ext = e.function.codeQlExtensionReceiverParameter
|
||||
val ext = e.function.extensionReceiverParameter
|
||||
val parameters =
|
||||
if (ext != null) {
|
||||
listOf(ext) + e.function.codeQlValueParameters
|
||||
listOf(ext) + e.function.valueParameters
|
||||
} else {
|
||||
e.function.codeQlValueParameters
|
||||
e.function.valueParameters
|
||||
}
|
||||
|
||||
var types = parameters.map { it.type }
|
||||
@@ -6670,7 +6670,7 @@ open class KotlinFileExtractor(
|
||||
is IrFunction -> {
|
||||
if (
|
||||
ownerParent.dispatchReceiverParameter == owner &&
|
||||
ownerParent.codeQlExtensionReceiverParameter != null
|
||||
ownerParent.extensionReceiverParameter != null
|
||||
) {
|
||||
|
||||
val ownerParent2 = ownerParent.parent
|
||||
@@ -7089,7 +7089,7 @@ open class KotlinFileExtractor(
|
||||
makeReceiverInfo(callableReferenceExpr.dispatchReceiver, 0)
|
||||
private val extensionReceiverInfo =
|
||||
makeReceiverInfo(
|
||||
callableReferenceExpr.codeQlExtensionReceiver,
|
||||
callableReferenceExpr.extensionReceiver,
|
||||
if (dispatchReceiverInfo == null) 0 else 1
|
||||
)
|
||||
|
||||
@@ -7627,8 +7627,8 @@ open class KotlinFileExtractor(
|
||||
}
|
||||
|
||||
val expressionTypeArguments =
|
||||
(0 until propertyReferenceExpr.codeQlTypeArgumentsCount).mapNotNull {
|
||||
propertyReferenceExpr.codeQlGetTypeArgument(it)
|
||||
(0 until propertyReferenceExpr.typeArgumentsCount).mapNotNull {
|
||||
propertyReferenceExpr.getTypeArgument(it)
|
||||
}
|
||||
|
||||
val idPropertyRef = tw.getFreshIdLabel<DbPropertyref>()
|
||||
@@ -7829,7 +7829,7 @@ open class KotlinFileExtractor(
|
||||
|
||||
if (
|
||||
functionReferenceExpr.dispatchReceiver != null &&
|
||||
functionReferenceExpr.codeQlExtensionReceiver != null
|
||||
functionReferenceExpr.extensionReceiver != null
|
||||
) {
|
||||
logger.errorElement(
|
||||
"Unexpected: dispatchReceiver and extensionReceiver are both non-null",
|
||||
@@ -7840,7 +7840,7 @@ open class KotlinFileExtractor(
|
||||
|
||||
if (
|
||||
target.owner.dispatchReceiverParameter != null &&
|
||||
target.owner.codeQlExtensionReceiverParameter != null
|
||||
target.owner.extensionReceiverParameter != null
|
||||
) {
|
||||
logger.errorElement(
|
||||
"Unexpected: dispatch and extension parameters are both non-null",
|
||||
@@ -7899,8 +7899,8 @@ open class KotlinFileExtractor(
|
||||
null
|
||||
}
|
||||
expressionTypeArguments =
|
||||
(0 until functionReferenceExpr.codeQlTypeArgumentsCount).mapNotNull {
|
||||
functionReferenceExpr.codeQlGetTypeArgument(it)
|
||||
(0 until functionReferenceExpr.typeArgumentsCount).mapNotNull {
|
||||
functionReferenceExpr.getTypeArgument(it)
|
||||
}
|
||||
dispatchReceiverIdx = -1
|
||||
}
|
||||
@@ -7965,7 +7965,7 @@ open class KotlinFileExtractor(
|
||||
functionReferenceExpr,
|
||||
declarationParent,
|
||||
null,
|
||||
{ it.codeQlValueParameters.size == 1 }
|
||||
{ it.valueParameters.size == 1 }
|
||||
) {
|
||||
// The argument to FunctionReference's constructor is the function arity.
|
||||
extractConstantInteger(
|
||||
@@ -8572,7 +8572,7 @@ open class KotlinFileExtractor(
|
||||
reverse: Boolean = false
|
||||
) {
|
||||
val typeArguments =
|
||||
(0 until c.codeQlTypeArgumentsCount).map { c.codeQlGetTypeArgument(it) }.requireNoNullsOrNull()
|
||||
(0 until c.typeArgumentsCount).map { c.getTypeArgument(it) }.requireNoNullsOrNull()
|
||||
if (typeArguments == null) {
|
||||
logger.errorElement("Found a null type argument for a member access expression", c)
|
||||
} else {
|
||||
@@ -8923,11 +8923,11 @@ open class KotlinFileExtractor(
|
||||
tw.writeVariableBinding(lhsId, fieldId)
|
||||
|
||||
val parameters = mutableListOf<IrValueParameter>()
|
||||
val extParam = samMember.codeQlExtensionReceiverParameter
|
||||
val extParam = samMember.extensionReceiverParameter
|
||||
if (extParam != null) {
|
||||
parameters.add(extParam)
|
||||
}
|
||||
parameters.addAll(samMember.codeQlValueParameters)
|
||||
parameters.addAll(samMember.valueParameters)
|
||||
|
||||
fun extractArgument(
|
||||
p: IrValueParameter,
|
||||
@@ -9032,7 +9032,7 @@ open class KotlinFileExtractor(
|
||||
elementToReportOn: IrElement,
|
||||
declarationParent: IrDeclarationParent,
|
||||
compilerGeneratedKindOverride: CompilerGeneratedKinds? = null,
|
||||
superConstructorSelector: (IrFunction) -> Boolean = { it.codeQlValueParameters.isEmpty() },
|
||||
superConstructorSelector: (IrFunction) -> Boolean = { it.valueParameters.isEmpty() },
|
||||
extractSuperconstructorArgs: (Label<DbSuperconstructorinvocationstmt>) -> Unit = {},
|
||||
): Label<out DbClassorinterface> {
|
||||
// Write class
|
||||
|
||||
@@ -12,7 +12,7 @@ import org.jetbrains.kotlin.ir.ObsoleteDescriptorBasedAPI
|
||||
import org.jetbrains.kotlin.ir.declarations.*
|
||||
import org.jetbrains.kotlin.ir.expressions.*
|
||||
import org.jetbrains.kotlin.ir.symbols.*
|
||||
import com.github.codeql.utils.versions.codeQlAddAnnotations
|
||||
import org.jetbrains.kotlin.ir.types.addAnnotations
|
||||
import org.jetbrains.kotlin.ir.types.classFqName
|
||||
import org.jetbrains.kotlin.ir.types.classifierOrNull
|
||||
import org.jetbrains.kotlin.ir.types.classOrNull
|
||||
@@ -355,7 +355,7 @@ open class KotlinUsesExtractor(
|
||||
}
|
||||
|
||||
private fun propertySignature(p: IrProperty) =
|
||||
((p.getter ?: p.setter)?.codeQlExtensionReceiverParameter?.let {
|
||||
((p.getter ?: p.setter)?.extensionReceiverParameter?.let {
|
||||
useType(erase(it.type)).javaResult.signature
|
||||
} ?: "")
|
||||
|
||||
@@ -368,7 +368,7 @@ open class KotlinUsesExtractor(
|
||||
// useDeclarationParent -> useFunction
|
||||
// -> extractFunctionLaterIfExternalFileMember, which would result for `fun <T> f(t:
|
||||
// T) { ... }` for example.
|
||||
(listOfNotNull(d.codeQlExtensionReceiverParameter) + d.codeQlValueParameters)
|
||||
(listOfNotNull(d.extensionReceiverParameter) + d.valueParameters)
|
||||
.map { useType(erase(it.type)).javaResult.signature }
|
||||
.joinToString(separator = ",", prefix = "(", postfix = ")")
|
||||
is IrProperty -> propertySignature(d) + externalClassExtractor.propertySignature
|
||||
@@ -488,8 +488,8 @@ open class KotlinUsesExtractor(
|
||||
val result =
|
||||
replacementClass.declarations.findSubType<IrSimpleFunction> { replacementDecl ->
|
||||
replacementDecl.name == f.name &&
|
||||
replacementDecl.codeQlValueParameters.size == f.codeQlValueParameters.size &&
|
||||
replacementDecl.codeQlValueParameters.zip(f.codeQlValueParameters).all {
|
||||
replacementDecl.valueParameters.size == f.valueParameters.size &&
|
||||
replacementDecl.valueParameters.zip(f.valueParameters).all {
|
||||
erase(it.first.type) == erase(it.second.type)
|
||||
}
|
||||
}
|
||||
@@ -1265,7 +1265,7 @@ open class KotlinUsesExtractor(
|
||||
private fun getWildcardSuppressionDirective(t: IrAnnotationContainer): Boolean? =
|
||||
t.getAnnotation(jvmWildcardSuppressionAnnotation)?.let {
|
||||
@Suppress("USELESS_CAST") // `as? Boolean` is not needed for Kotlin < 2.1
|
||||
(it.codeQlGetValueArgument(0) as? CodeQLIrConst<Boolean>)?.value as? Boolean ?: true
|
||||
(it.getValueArgument(0) as? CodeQLIrConst<Boolean>)?.value as? Boolean ?: true
|
||||
}
|
||||
|
||||
private fun addJavaLoweringArgumentWildcards(
|
||||
@@ -1376,9 +1376,9 @@ open class KotlinUsesExtractor(
|
||||
f.parent,
|
||||
parentId,
|
||||
getFunctionShortName(f).nameInDB,
|
||||
(maybeParameterList ?: f.codeQlValueParameters).map { it.type },
|
||||
(maybeParameterList ?: f.valueParameters).map { it.type },
|
||||
getAdjustedReturnType(f),
|
||||
f.codeQlExtensionReceiverParameter?.type,
|
||||
f.extensionReceiverParameter?.type,
|
||||
getFunctionTypeParameters(f),
|
||||
classTypeArgsIncludingOuterClasses,
|
||||
overridesCollectionsMethodWithAlteredParameterTypes(f),
|
||||
@@ -1401,12 +1401,12 @@ open class KotlinUsesExtractor(
|
||||
// The name of the function; normally f.name.asString().
|
||||
name: String,
|
||||
// The types of the value parameters that the functions takes; normally
|
||||
// f.codeQlValueParameters.map { it.type }.
|
||||
// f.valueParameters.map { it.type }.
|
||||
parameterTypes: List<IrType>,
|
||||
// The return type of the function; normally f.returnType.
|
||||
returnType: IrType,
|
||||
// The extension receiver of the function, if any; normally
|
||||
// f.codeQlExtensionReceiverParameter?.type.
|
||||
// f.extensionReceiverParameter?.type.
|
||||
extensionParamType: IrType?,
|
||||
// The type parameters of the function. This does not include type parameters of enclosing
|
||||
// classes.
|
||||
@@ -1579,7 +1579,7 @@ open class KotlinUsesExtractor(
|
||||
parentClass.fqNameWhenAvailable?.asString() !=
|
||||
"java.util.concurrent.ConcurrentHashMap" ||
|
||||
getFunctionShortName(f).nameInDB != "keySet" ||
|
||||
f.codeQlValueParameters.isNotEmpty() ||
|
||||
f.valueParameters.isNotEmpty() ||
|
||||
f.returnType.classFqName?.asString() != "kotlin.collections.MutableSet"
|
||||
) {
|
||||
return f.returnType
|
||||
@@ -1587,7 +1587,7 @@ open class KotlinUsesExtractor(
|
||||
|
||||
val otherKeySet =
|
||||
parentClass.declarations.findSubType<IrFunction> {
|
||||
it.name.asString() == "keySet" && it.codeQlValueParameters.size == 1
|
||||
it.name.asString() == "keySet" && it.valueParameters.size == 1
|
||||
} ?: return f.returnType
|
||||
|
||||
return otherKeySet.returnType.codeQlWithHasQuestionMark(false)
|
||||
@@ -1695,8 +1695,8 @@ open class KotlinUsesExtractor(
|
||||
javaClass.declarations.findSubType<IrFunction> { decl ->
|
||||
!decl.isFakeOverride &&
|
||||
decl.name.asString() == jvmName &&
|
||||
decl.codeQlValueParameters.size == f.codeQlValueParameters.size &&
|
||||
decl.codeQlValueParameters.zip(f.codeQlValueParameters).all { p ->
|
||||
decl.valueParameters.size == f.valueParameters.size &&
|
||||
decl.valueParameters.zip(f.valueParameters).all { p ->
|
||||
erase(p.first.type).classifierOrNull ==
|
||||
erase(p.second.type).classifierOrNull
|
||||
}
|
||||
@@ -2125,7 +2125,7 @@ open class KotlinUsesExtractor(
|
||||
}
|
||||
|
||||
return if (t.arguments.isNotEmpty())
|
||||
t.codeQlAddAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
t.addAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
else t
|
||||
}
|
||||
}
|
||||
@@ -2153,7 +2153,7 @@ open class KotlinUsesExtractor(
|
||||
val idxOffset =
|
||||
if (
|
||||
declarationParent is IrFunction &&
|
||||
declarationParent.codeQlExtensionReceiverParameter != null
|
||||
declarationParent.extensionReceiverParameter != null
|
||||
)
|
||||
// For extension functions increase the index to match what the java extractor sees:
|
||||
1
|
||||
@@ -2187,7 +2187,7 @@ open class KotlinUsesExtractor(
|
||||
// Gets a field's corresponding property's extension receiver type, if any
|
||||
fun getExtensionReceiverType(f: IrField) =
|
||||
f.correspondingPropertySymbol?.owner?.let {
|
||||
(it.getter ?: it.setter)?.codeQlExtensionReceiverParameter?.type
|
||||
(it.getter ?: it.setter)?.extensionReceiverParameter?.type
|
||||
}
|
||||
|
||||
fun getFieldLabel(f: IrField): String {
|
||||
@@ -2222,14 +2222,14 @@ open class KotlinUsesExtractor(
|
||||
val setter = p.setter
|
||||
|
||||
val func = getter ?: setter
|
||||
val ext = func?.codeQlExtensionReceiverParameter
|
||||
val ext = func?.extensionReceiverParameter
|
||||
|
||||
return if (ext == null) {
|
||||
"@\"property;{$parentId};${p.name.asString()}\""
|
||||
} else {
|
||||
val returnType =
|
||||
getter?.returnType
|
||||
?: setter?.codeQlValueParameters?.singleOrNull()?.type
|
||||
?: setter?.valueParameters?.singleOrNull()?.type
|
||||
?: pluginContext.irBuiltIns.unitType
|
||||
val typeParams = getFunctionTypeParameters(func)
|
||||
|
||||
|
||||
@@ -1,10 +1,5 @@
|
||||
package com.github.codeql
|
||||
|
||||
import com.github.codeql.utils.versions.codeQlAnnotationFromSymbolOwner
|
||||
import com.github.codeql.utils.versions.codeQlGetValueArgument
|
||||
import com.github.codeql.utils.versions.codeQlPutValueArgument
|
||||
import com.github.codeql.utils.versions.codeQlSetAnnotations
|
||||
import com.github.codeql.utils.versions.codeQlSetDispatchReceiverParameter
|
||||
import com.github.codeql.utils.versions.createImplicitParameterDeclarationWithWrappedDescriptor
|
||||
import java.lang.annotation.ElementType
|
||||
import java.util.HashSet
|
||||
@@ -100,7 +95,7 @@ class MetaAnnotationSupport(
|
||||
JvmAnnotationNames.REPEATABLE_ANNOTATION
|
||||
}
|
||||
return if (jvmRepeatable != null) {
|
||||
((jvmRepeatable.codeQlGetValueArgument(0) as? IrClassReference)?.symbol as? IrClassSymbol)
|
||||
((jvmRepeatable.getValueArgument(0) as? IrClassReference)?.symbol as? IrClassSymbol)
|
||||
?.owner
|
||||
} else {
|
||||
getOrCreateSyntheticRepeatableAnnotationContainer(annotationClass)
|
||||
@@ -122,12 +117,12 @@ class MetaAnnotationSupport(
|
||||
)
|
||||
return null
|
||||
} else {
|
||||
return codeQlAnnotationFromSymbolOwner(
|
||||
return IrConstructorCallImpl.fromSymbolOwner(
|
||||
containerClass.defaultType,
|
||||
containerConstructor.symbol
|
||||
)
|
||||
.apply {
|
||||
codeQlPutValueArgument(
|
||||
putValueArgument(
|
||||
0,
|
||||
IrVarargImpl(
|
||||
UNDEFINED_OFFSET,
|
||||
@@ -149,7 +144,7 @@ class MetaAnnotationSupport(
|
||||
|
||||
// Taken from AdditionalClassAnnotationLowering.kt
|
||||
private fun loadAnnotationTargets(targetEntry: IrConstructorCall): Set<KotlinTarget>? {
|
||||
val valueArgument = targetEntry.codeQlGetValueArgument(0) as? IrVararg ?: return null
|
||||
val valueArgument = targetEntry.getValueArgument(0) as? IrVararg ?: return null
|
||||
return valueArgument.elements
|
||||
.filterIsInstance<IrGetEnumValue>()
|
||||
.mapNotNull { KotlinTarget.valueOrNull(it.symbol.owner.name.asString()) }
|
||||
@@ -235,14 +230,14 @@ class MetaAnnotationSupport(
|
||||
)
|
||||
}
|
||||
|
||||
return codeQlAnnotationFromSymbolOwner(
|
||||
return IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
targetConstructor.returnType,
|
||||
targetConstructor.symbol,
|
||||
0
|
||||
)
|
||||
.apply { codeQlPutValueArgument(0, vararg) }
|
||||
.apply { putValueArgument(0, vararg) }
|
||||
}
|
||||
|
||||
private val javaAnnotationRetention by lazy {
|
||||
@@ -268,7 +263,7 @@ class MetaAnnotationSupport(
|
||||
// Taken from AnnotationCodegen.kt (not available in Kotlin < 1.6.20)
|
||||
private fun IrClass.getAnnotationRetention(): KotlinRetention? {
|
||||
val retentionArgument =
|
||||
getAnnotation(StandardNames.FqNames.retention)?.codeQlGetValueArgument(0) as? IrGetEnumValue
|
||||
getAnnotation(StandardNames.FqNames.retention)?.getValueArgument(0) as? IrGetEnumValue
|
||||
?: return null
|
||||
val retentionArgumentValue = retentionArgument.symbol.owner
|
||||
return KotlinRetention.valueOf(retentionArgumentValue.name.asString())
|
||||
@@ -288,7 +283,7 @@ class MetaAnnotationSupport(
|
||||
val targetConstructor =
|
||||
retentionType.declarations.firstIsInstanceOrNull<IrConstructor>() ?: return null
|
||||
|
||||
return codeQlAnnotationFromSymbolOwner(
|
||||
return IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
targetConstructor.returnType,
|
||||
@@ -296,7 +291,7 @@ class MetaAnnotationSupport(
|
||||
0
|
||||
)
|
||||
.apply {
|
||||
codeQlPutValueArgument(
|
||||
putValueArgument(
|
||||
0,
|
||||
IrGetEnumValueImpl(
|
||||
UNDEFINED_OFFSET,
|
||||
@@ -338,7 +333,7 @@ class MetaAnnotationSupport(
|
||||
return
|
||||
}
|
||||
val newParam = thisReceiever.copyTo(this)
|
||||
codeQlSetDispatchReceiverParameter(newParam)
|
||||
dispatchReceiverParameter = newParam
|
||||
body =
|
||||
factory
|
||||
.createBlockBody(UNDEFINED_OFFSET, UNDEFINED_OFFSET)
|
||||
@@ -411,7 +406,7 @@ class MetaAnnotationSupport(
|
||||
val repeatableContainerAnnotation =
|
||||
kotlinAnnotationRepeatableContainer?.constructors?.single()
|
||||
|
||||
codeQlSetAnnotations(containerClass,
|
||||
containerClass.annotations =
|
||||
annotationClass.annotations
|
||||
.filter {
|
||||
it.isAnnotationWithEqualFqName(StandardNames.FqNames.retention) ||
|
||||
@@ -420,7 +415,7 @@ class MetaAnnotationSupport(
|
||||
.map { it.deepCopyWithSymbols(containerClass) } +
|
||||
listOfNotNull(
|
||||
repeatableContainerAnnotation?.let {
|
||||
codeQlAnnotationFromSymbolOwner(
|
||||
IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
it.returnType,
|
||||
@@ -429,7 +424,6 @@ class MetaAnnotationSupport(
|
||||
)
|
||||
}
|
||||
)
|
||||
)
|
||||
|
||||
containerClass
|
||||
}
|
||||
@@ -468,14 +462,14 @@ class MetaAnnotationSupport(
|
||||
containerClass.symbol,
|
||||
containerClass.defaultType
|
||||
)
|
||||
return codeQlAnnotationFromSymbolOwner(
|
||||
return IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
repeatableConstructor.returnType,
|
||||
repeatableConstructor.symbol,
|
||||
0
|
||||
)
|
||||
.apply { codeQlPutValueArgument(0, containerReference) }
|
||||
.apply { putValueArgument(0, containerReference) }
|
||||
}
|
||||
|
||||
private val javaAnnotationDocumented by lazy {
|
||||
@@ -494,7 +488,7 @@ class MetaAnnotationSupport(
|
||||
javaAnnotationDocumented?.declarations?.firstIsInstanceOrNull<IrConstructor>()
|
||||
?: return null
|
||||
|
||||
return codeQlAnnotationFromSymbolOwner(
|
||||
return IrConstructorCallImpl.fromSymbolOwner(
|
||||
UNDEFINED_OFFSET,
|
||||
UNDEFINED_OFFSET,
|
||||
documentedConstructor.returnType,
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.github.codeql
|
||||
|
||||
import com.github.codeql.KotlinUsesExtractor.LocallyVisibleFunctionLabels
|
||||
import com.github.codeql.utils.versions.codeQlExtensionReceiver
|
||||
import com.semmle.extractor.java.PopulateFile
|
||||
import com.semmle.util.unicode.UTF8Util
|
||||
import java.io.BufferedWriter
|
||||
@@ -332,7 +331,7 @@ open class FileTrapWriter(
|
||||
is IrCall -> {
|
||||
// Calls have incorrect startOffset, so we adjust them:
|
||||
val dr = e.dispatchReceiver?.let { getStartOffset(it) }
|
||||
val er = e.codeQlExtensionReceiver?.let { getStartOffset(it) }
|
||||
val er = e.extensionReceiver?.let { getStartOffset(it) }
|
||||
offsetMinOf(e.startOffset, dr, er)
|
||||
}
|
||||
else -> e.startOffset
|
||||
|
||||
@@ -2,7 +2,6 @@ package com.github.codeql.comments
|
||||
|
||||
import com.github.codeql.*
|
||||
import com.github.codeql.utils.isLocalFunction
|
||||
import com.github.codeql.utils.versions.codeQlExtensionReceiverParameter
|
||||
import com.github.codeql.utils.versions.isDispatchReceiver
|
||||
import org.jetbrains.kotlin.ir.IrElement
|
||||
import org.jetbrains.kotlin.ir.declarations.*
|
||||
@@ -12,7 +11,7 @@ import org.jetbrains.kotlin.ir.util.parentClassOrNull
|
||||
|
||||
private fun IrValueParameter.isExtensionReceiver(): Boolean {
|
||||
val parentFun = parent as? IrFunction ?: return false
|
||||
return parentFun.codeQlExtensionReceiverParameter == this
|
||||
return parentFun.extensionReceiverParameter == this
|
||||
}
|
||||
|
||||
open class CommentExtractor(
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
package com.github.codeql.utils
|
||||
|
||||
import com.github.codeql.utils.versions.CodeQLIrConst
|
||||
import com.github.codeql.utils.versions.codeQlGetValueArgument
|
||||
import com.github.codeql.utils.versions.codeQlValueArgumentsCount
|
||||
import org.jetbrains.kotlin.builtins.StandardNames
|
||||
import org.jetbrains.kotlin.ir.declarations.IrAnnotationContainer
|
||||
import org.jetbrains.kotlin.ir.declarations.IrClass
|
||||
@@ -78,9 +76,9 @@ private fun getSpecialJvmName(f: IrFunction): String? {
|
||||
fun getJvmName(container: IrAnnotationContainer): String? {
|
||||
for (a: IrConstructorCall in container.annotations) {
|
||||
val t = a.type
|
||||
if (t is IrSimpleType && a.codeQlValueArgumentsCount == 1) {
|
||||
if (t is IrSimpleType && a.valueArgumentsCount == 1) {
|
||||
val owner = t.classifier.owner
|
||||
val v = a.codeQlGetValueArgument(0)
|
||||
val v = a.getValueArgument(0)
|
||||
if (owner is IrClass) {
|
||||
val aPkg = owner.packageFqName?.asString()
|
||||
val name = owner.name.asString()
|
||||
|
||||
@@ -18,7 +18,7 @@ import org.jetbrains.kotlin.ir.expressions.IrConstructorCall
|
||||
import org.jetbrains.kotlin.ir.expressions.impl.*
|
||||
import org.jetbrains.kotlin.ir.symbols.IrTypeParameterSymbol
|
||||
import org.jetbrains.kotlin.ir.symbols.impl.DescriptorlessExternalPackageFragmentSymbol
|
||||
import com.github.codeql.utils.versions.codeQlAddAnnotations
|
||||
import org.jetbrains.kotlin.ir.types.addAnnotations
|
||||
import org.jetbrains.kotlin.ir.types.classifierOrNull
|
||||
import org.jetbrains.kotlin.ir.types.makeNotNull
|
||||
import org.jetbrains.kotlin.ir.types.makeNullable
|
||||
@@ -192,7 +192,7 @@ object RawTypeAnnotation {
|
||||
addConstructor { isPrimary = true }
|
||||
}
|
||||
val constructor = annoClass.constructors.single()
|
||||
codeQlAnnotationFromSymbolOwner(constructor.constructedClassType, constructor.symbol)
|
||||
IrConstructorCallImpl.fromSymbolOwner(constructor.constructedClassType, constructor.symbol)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -202,7 +202,7 @@ fun IrType.toRawType(): IrType =
|
||||
when (val owner = this.classifier.owner) {
|
||||
is IrClass -> {
|
||||
if (this.arguments.isNotEmpty())
|
||||
this.codeQlAddAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
this.addAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
else this
|
||||
}
|
||||
is IrTypeParameter -> owner.superTypes[0].toRawType()
|
||||
@@ -215,7 +215,7 @@ fun IrType.toRawType(): IrType =
|
||||
fun IrClass.toRawType(): IrType {
|
||||
val result = this.typeWith(listOf())
|
||||
return if (this.typeParameters.isNotEmpty())
|
||||
result.codeQlAddAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
result.addAnnotations(listOf(RawTypeAnnotation.annotationConstructor))
|
||||
else result
|
||||
}
|
||||
|
||||
|
||||
@@ -1,70 +0,0 @@
|
||||
package com.github.codeql.utils.versions
|
||||
|
||||
import org.jetbrains.kotlin.ir.declarations.IrFunction
|
||||
import org.jetbrains.kotlin.ir.declarations.IrValueParameter
|
||||
import org.jetbrains.kotlin.ir.expressions.IrConstructorCall
|
||||
import org.jetbrains.kotlin.ir.expressions.IrExpression
|
||||
import org.jetbrains.kotlin.ir.expressions.IrMemberAccessExpression
|
||||
import org.jetbrains.kotlin.ir.expressions.impl.*
|
||||
import org.jetbrains.kotlin.ir.symbols.IrConstructorSymbol
|
||||
import org.jetbrains.kotlin.ir.types.IrType
|
||||
import org.jetbrains.kotlin.ir.types.addAnnotations
|
||||
|
||||
/**
|
||||
* Compatibility accessors for pre-2.4.0 API patterns.
|
||||
* In pre-2.4.0 versions, these delegate directly to the existing APIs.
|
||||
*/
|
||||
|
||||
// IrFunction: valueParameters
|
||||
val IrFunction.codeQlValueParameters: List<IrValueParameter>
|
||||
get() = valueParameters
|
||||
|
||||
// IrFunction: extensionReceiverParameter
|
||||
val IrFunction.codeQlExtensionReceiverParameter: IrValueParameter?
|
||||
get() = extensionReceiverParameter
|
||||
|
||||
// IrMemberAccessExpression: valueArgumentsCount
|
||||
val IrMemberAccessExpression<*>.codeQlValueArgumentsCount: Int
|
||||
get() = valueArgumentsCount
|
||||
|
||||
// IrMemberAccessExpression: getValueArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlGetValueArgument(index: Int): IrExpression? = getValueArgument(index)
|
||||
|
||||
// IrMemberAccessExpression: putValueArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlPutValueArgument(index: Int, value: IrExpression?) {
|
||||
putValueArgument(index, value)
|
||||
}
|
||||
|
||||
// IrMemberAccessExpression: extensionReceiver
|
||||
val IrMemberAccessExpression<*>.codeQlExtensionReceiver: IrExpression?
|
||||
get() = extensionReceiver
|
||||
|
||||
// IrMemberAccessExpression: typeArgumentsCount
|
||||
val IrMemberAccessExpression<*>.codeQlTypeArgumentsCount: Int
|
||||
get() = typeArgumentsCount
|
||||
|
||||
// IrMemberAccessExpression: getTypeArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlGetTypeArgument(index: Int): IrType? = getTypeArgument(index)
|
||||
|
||||
// addAnnotations compat: in pre-2.4.0, addAnnotations expects List<IrConstructorCall>
|
||||
fun IrType.codeQlAddAnnotations(annotations: List<IrConstructorCall>): IrType =
|
||||
addAnnotations(annotations)
|
||||
|
||||
// IrMutableAnnotationContainer.annotations setter: in pre-2.4.0, annotations is var with List<IrConstructorCall>
|
||||
fun codeQlSetAnnotations(container: org.jetbrains.kotlin.ir.declarations.IrMutableAnnotationContainer, annotations: List<IrConstructorCall>) {
|
||||
container.annotations = annotations
|
||||
}
|
||||
|
||||
// IrFunction: set dispatch receiver parameter (pre-2.4.0 it's a var)
|
||||
fun IrFunction.codeQlSetDispatchReceiverParameter(param: IrValueParameter?) {
|
||||
dispatchReceiverParameter = param
|
||||
}
|
||||
|
||||
// In pre-2.4.0, annotations are List<IrConstructorCall> so IrConstructorCallImpl works directly.
|
||||
fun codeQlAnnotationFromSymbolOwner(
|
||||
startOffset: Int, endOffset: Int, type: IrType, symbol: IrConstructorSymbol, typeArgumentsCount: Int
|
||||
): IrConstructorCall =
|
||||
IrConstructorCallImpl.fromSymbolOwner(startOffset, endOffset, type, symbol, typeArgumentsCount)
|
||||
|
||||
fun codeQlAnnotationFromSymbolOwner(type: IrType, symbol: IrConstructorSymbol): IrConstructorCall =
|
||||
IrConstructorCallImpl.fromSymbolOwner(type, symbol)
|
||||
@@ -3,32 +3,10 @@
|
||||
|
||||
package com.github.codeql
|
||||
|
||||
import com.intellij.mock.MockProject
|
||||
import com.intellij.openapi.extensions.LoadingOrder
|
||||
import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension
|
||||
import org.jetbrains.kotlin.compiler.plugin.ComponentRegistrar
|
||||
import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi
|
||||
import org.jetbrains.kotlin.config.CompilerConfiguration
|
||||
|
||||
@OptIn(ExperimentalCompilerApi::class)
|
||||
abstract class Kotlin2ComponentRegistrar : ComponentRegistrar {
|
||||
/* Nothing to do; supportsK2 doesn't exist yet. */
|
||||
|
||||
private var project: MockProject? = null
|
||||
|
||||
override fun registerProjectComponents(
|
||||
project: MockProject,
|
||||
configuration: CompilerConfiguration
|
||||
) {
|
||||
this.project = project
|
||||
doRegisterExtensions(configuration)
|
||||
}
|
||||
|
||||
abstract fun doRegisterExtensions(configuration: CompilerConfiguration)
|
||||
|
||||
fun registerExtractorExtension(extension: IrGenerationExtension) {
|
||||
val p = project ?: throw IllegalStateException("registerExtractorExtension called before registerProjectComponents")
|
||||
val extensionPoint = p.extensionArea.getExtensionPoint(IrGenerationExtension.extensionPointName)
|
||||
extensionPoint.registerExtension(extension, LoadingOrder.LAST, p)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,35 +3,11 @@
|
||||
|
||||
package com.github.codeql
|
||||
|
||||
import com.intellij.mock.MockProject
|
||||
import com.intellij.openapi.extensions.LoadingOrder
|
||||
import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension
|
||||
import org.jetbrains.kotlin.compiler.plugin.ComponentRegistrar
|
||||
import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi
|
||||
import org.jetbrains.kotlin.config.CompilerConfiguration
|
||||
|
||||
@OptIn(ExperimentalCompilerApi::class)
|
||||
abstract class Kotlin2ComponentRegistrar : ComponentRegistrar {
|
||||
override val supportsK2: Boolean
|
||||
get() = true
|
||||
|
||||
private var project: MockProject? = null
|
||||
|
||||
override fun registerProjectComponents(
|
||||
project: MockProject,
|
||||
configuration: CompilerConfiguration
|
||||
) {
|
||||
this.project = project
|
||||
doRegisterExtensions(configuration)
|
||||
}
|
||||
|
||||
abstract fun doRegisterExtensions(configuration: CompilerConfiguration)
|
||||
|
||||
fun registerExtractorExtension(extension: IrGenerationExtension) {
|
||||
val p = project ?: throw IllegalStateException("registerExtractorExtension called before registerProjectComponents")
|
||||
// Register with LoadingOrder.LAST to ensure the extractor runs after other
|
||||
// IR generation plugins (like kotlinx.serialization) have generated their code.
|
||||
val extensionPoint = p.extensionArea.getExtensionPoint(IrGenerationExtension.extensionPointName)
|
||||
extensionPoint.registerExtension(extension, LoadingOrder.LAST, p)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,121 +0,0 @@
|
||||
@file:Suppress("DEPRECATION")
|
||||
|
||||
package com.github.codeql.utils.versions
|
||||
|
||||
import org.jetbrains.kotlin.ir.declarations.IrFunction
|
||||
import org.jetbrains.kotlin.ir.declarations.IrValueParameter
|
||||
import org.jetbrains.kotlin.ir.expressions.IrAnnotation
|
||||
import org.jetbrains.kotlin.ir.expressions.IrConstructorCall
|
||||
import org.jetbrains.kotlin.ir.expressions.IrExpression
|
||||
import org.jetbrains.kotlin.ir.expressions.IrMemberAccessExpression
|
||||
import org.jetbrains.kotlin.ir.expressions.impl.IrAnnotationImpl
|
||||
import org.jetbrains.kotlin.ir.expressions.impl.fromSymbolOwner
|
||||
import org.jetbrains.kotlin.ir.symbols.IrConstructorSymbol
|
||||
import org.jetbrains.kotlin.ir.types.IrType
|
||||
import org.jetbrains.kotlin.ir.types.addAnnotations
|
||||
|
||||
/**
|
||||
* Compatibility accessors for pre-2.4.0 API patterns.
|
||||
* In 2.4.0, valueParameters/extensionReceiverParameter/extensionReceiver/
|
||||
* getValueArgument/putValueArgument/valueArgumentsCount/typeArgumentsCount/getTypeArgument
|
||||
* have been removed. This file provides the 2.4.0 implementations.
|
||||
*/
|
||||
|
||||
// IrFunction: valueParameters -> parameters filtered to Regular kind
|
||||
val IrFunction.codeQlValueParameters: List<IrValueParameter>
|
||||
get() = parameters.filter { it.kind == org.jetbrains.kotlin.ir.declarations.IrParameterKind.Regular }
|
||||
|
||||
// IrFunction: extensionReceiverParameter
|
||||
val IrFunction.codeQlExtensionReceiverParameter: IrValueParameter?
|
||||
get() = parameters.firstOrNull { it.kind == org.jetbrains.kotlin.ir.declarations.IrParameterKind.ExtensionReceiver }
|
||||
|
||||
// Helper: get the offset of value arguments in the arguments list
|
||||
// In 2.4.0, arguments[] includes dispatch/extension receivers before regular params
|
||||
private fun IrMemberAccessExpression<*>.valueArgumentOffset(): Int {
|
||||
val owner = symbol.owner as? IrFunction ?: return 0
|
||||
return owner.parameters.count { it.kind != org.jetbrains.kotlin.ir.declarations.IrParameterKind.Regular }
|
||||
}
|
||||
|
||||
// IrMemberAccessExpression: valueArgumentsCount
|
||||
val IrMemberAccessExpression<*>.codeQlValueArgumentsCount: Int
|
||||
get() = arguments.size - valueArgumentOffset()
|
||||
|
||||
// IrMemberAccessExpression: getValueArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlGetValueArgument(index: Int): IrExpression? = arguments[index + valueArgumentOffset()]
|
||||
|
||||
// IrMemberAccessExpression: putValueArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlPutValueArgument(index: Int, value: IrExpression?) {
|
||||
arguments[index + valueArgumentOffset()] = value
|
||||
}
|
||||
|
||||
// IrMemberAccessExpression: extensionReceiver
|
||||
// For IrCall/IrFunctionReference, look at symbol.owner (IrFunction) directly.
|
||||
// For IrPropertyReference, symbol.owner is IrProperty; use the getter's parameters instead.
|
||||
val IrMemberAccessExpression<*>.codeQlExtensionReceiver: IrExpression?
|
||||
get() {
|
||||
val erp = extensionReceiverParameterIndex() ?: return null
|
||||
return arguments[erp]
|
||||
}
|
||||
|
||||
private fun IrMemberAccessExpression<*>.extensionReceiverParameterIndex(): Int? {
|
||||
// Direct function owner (IrCall, IrFunctionReference, etc.)
|
||||
(symbol.owner as? IrFunction)?.codeQlExtensionReceiverParameter?.let {
|
||||
return it.indexInParameters
|
||||
}
|
||||
// Property reference: look at getter or setter function
|
||||
(this as? org.jetbrains.kotlin.ir.expressions.IrPropertyReference)?.let { propRef ->
|
||||
propRef.getter?.owner?.codeQlExtensionReceiverParameter?.let {
|
||||
return it.indexInParameters
|
||||
}
|
||||
propRef.setter?.owner?.codeQlExtensionReceiverParameter?.let {
|
||||
return it.indexInParameters
|
||||
}
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
// IrMemberAccessExpression: typeArgumentsCount
|
||||
val IrMemberAccessExpression<*>.codeQlTypeArgumentsCount: Int
|
||||
get() = typeArguments.size
|
||||
|
||||
// IrMemberAccessExpression: getTypeArgument
|
||||
fun IrMemberAccessExpression<*>.codeQlGetTypeArgument(index: Int): IrType? = typeArguments[index]
|
||||
|
||||
// addAnnotations compat: in 2.4.0, addAnnotations expects List<IrAnnotation>
|
||||
// IrConstructorCall implements IrAnnotation in 2.4.0, so filterIsInstance is identity
|
||||
fun IrType.codeQlAddAnnotations(annotations: List<IrConstructorCall>): IrType =
|
||||
addAnnotations(annotations.filterIsInstance<IrAnnotation>())
|
||||
|
||||
// IrMutableAnnotationContainer.annotations setter: in 2.4.0, expects List<IrAnnotation>
|
||||
fun codeQlSetAnnotations(container: org.jetbrains.kotlin.ir.declarations.IrMutableAnnotationContainer, annotations: List<IrConstructorCall>) {
|
||||
container.annotations = annotations.filterIsInstance<IrAnnotation>()
|
||||
}
|
||||
|
||||
// IrFunction: set dispatch receiver parameter
|
||||
// In 2.4.0, dispatchReceiverParameter is val; modify the parameters list directly.
|
||||
fun IrFunction.codeQlSetDispatchReceiverParameter(param: IrValueParameter?) {
|
||||
val existing = parameters.indexOfFirst { it.kind == org.jetbrains.kotlin.ir.declarations.IrParameterKind.DispatchReceiver }
|
||||
val mutableParams = parameters.toMutableList()
|
||||
if (existing >= 0) {
|
||||
if (param != null) {
|
||||
mutableParams[existing] = param
|
||||
} else {
|
||||
mutableParams.removeAt(existing)
|
||||
}
|
||||
} else if (param != null) {
|
||||
param.kind = org.jetbrains.kotlin.ir.declarations.IrParameterKind.DispatchReceiver
|
||||
mutableParams.add(0, param)
|
||||
}
|
||||
parameters = mutableParams
|
||||
}
|
||||
|
||||
// In 2.4.0, annotation lists require IrAnnotation instances.
|
||||
// Use IrAnnotationImpl.fromSymbolOwner instead of IrConstructorCallImpl.fromSymbolOwner.
|
||||
fun codeQlAnnotationFromSymbolOwner(
|
||||
startOffset: Int, endOffset: Int, type: IrType, symbol: IrConstructorSymbol, typeArgumentsCount: Int
|
||||
): IrConstructorCall =
|
||||
IrAnnotationImpl.fromSymbolOwner(startOffset, endOffset, type, symbol, typeArgumentsCount)
|
||||
|
||||
fun codeQlAnnotationFromSymbolOwner(type: IrType, symbol: IrConstructorSymbol): IrConstructorCall =
|
||||
IrAnnotationImpl.fromSymbolOwner(type, symbol)
|
||||
|
||||
@@ -1,45 +0,0 @@
|
||||
@file:Suppress("DEPRECATION", "DEPRECATION_ERROR")
|
||||
@file:OptIn(ExperimentalCompilerApi::class)
|
||||
|
||||
package com.github.codeql
|
||||
|
||||
import com.intellij.mock.MockProject
|
||||
import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension
|
||||
import org.jetbrains.kotlin.compiler.plugin.ComponentRegistrar
|
||||
import org.jetbrains.kotlin.compiler.plugin.CompilerPluginRegistrar
|
||||
import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi
|
||||
import org.jetbrains.kotlin.config.CompilerConfiguration
|
||||
|
||||
abstract class Kotlin2ComponentRegistrar : CompilerPluginRegistrar(), ComponentRegistrar {
|
||||
override val supportsK2: Boolean
|
||||
get() = true
|
||||
|
||||
override val pluginId: String
|
||||
get() = "kotlin-extractor"
|
||||
|
||||
// ComponentRegistrar implementation (legacy path, still called by Kotlin compiler)
|
||||
override fun registerProjectComponents(
|
||||
project: MockProject,
|
||||
configuration: CompilerConfiguration
|
||||
) {
|
||||
// In 2.4.0, we use CompilerPluginRegistrar path instead.
|
||||
// This is only called if the compiler uses the ComponentRegistrar service file.
|
||||
// We do nothing here since registerExtensions will be called separately.
|
||||
}
|
||||
|
||||
private var extensionStorage: CompilerPluginRegistrar.ExtensionStorage? = null
|
||||
|
||||
override fun ExtensionStorage.registerExtensions(configuration: CompilerConfiguration) {
|
||||
this@Kotlin2ComponentRegistrar.extensionStorage = this
|
||||
doRegisterExtensions(configuration)
|
||||
}
|
||||
|
||||
abstract fun doRegisterExtensions(configuration: CompilerConfiguration)
|
||||
|
||||
protected fun registerExtractorExtension(extension: IrGenerationExtension) {
|
||||
val storage = extensionStorage ?: throw IllegalStateException("registerExtractorExtension called before registerExtensions")
|
||||
with(storage) {
|
||||
IrGenerationExtension.registerExtension(extension)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,13 +0,0 @@
|
||||
package com.github.codeql.utils.versions
|
||||
|
||||
import org.jetbrains.kotlin.ir.declarations.IrFunction
|
||||
import org.jetbrains.kotlin.ir.declarations.IrParameterKind
|
||||
import org.jetbrains.kotlin.ir.declarations.IrValueParameter
|
||||
|
||||
fun parameterIndexExcludingReceivers(vp: IrValueParameter): Int {
|
||||
val offset =
|
||||
(vp.parent as? IrFunction)?.let { f ->
|
||||
f.parameters.count { it.kind == IrParameterKind.DispatchReceiver || it.kind == IrParameterKind.ExtensionReceiver || it.kind == IrParameterKind.Context }
|
||||
} ?: 0
|
||||
return vp.indexInParameters - offset
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
com.github.codeql.KotlinExtractorComponentRegistrar
|
||||
@@ -1,5 +1,8 @@
|
||||
# when updating this list, `bazel mod tidy` should be run from `codeql` to update `MODULE.bazel`
|
||||
VERSIONS = [
|
||||
"1.8.0",
|
||||
"1.9.0-Beta",
|
||||
"1.9.20-Beta",
|
||||
"2.0.0-RC1",
|
||||
"2.0.20-Beta2",
|
||||
"2.1.0-Beta1",
|
||||
@@ -8,7 +11,6 @@ VERSIONS = [
|
||||
"2.2.20-Beta2",
|
||||
"2.3.0",
|
||||
"2.3.20",
|
||||
"2.4.0",
|
||||
]
|
||||
|
||||
def _version_to_tuple(v):
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{
|
||||
"markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 2.4.10.",
|
||||
"markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 2.3.30.",
|
||||
"severity": "error",
|
||||
"source": {
|
||||
"extractorName": "java",
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 44417 of field callee is not in type @callable. Appears in tuple (-16777158,44417)
|
||||
Relevant element: callee=44417
|
||||
Full ID for 44417: @"callable;(0).f((55))(55)". The ID may expand to @"callable;{@"class;Test"}.f({@"type;int"}){@"type;int"}"
|
||||
@@ -2,9 +2,9 @@ exprs
|
||||
| Test.java:5:19:5:25 | Integer | Integer |
|
||||
| Test.java:5:38:5:44 | Integer | Integer |
|
||||
| Test.java:5:58:5:58 | p | Integer |
|
||||
| user.kt:2:3:2:16 | x | int |
|
||||
| user.kt:2:7:2:7 | x | int |
|
||||
| user.kt:2:11:2:11 | t | Test |
|
||||
| user.kt:2:11:2:16 | <Call to unknown method> | int |
|
||||
| user.kt:2:11:2:16 | f(...) | Integer |
|
||||
| user.kt:2:13:2:16 | <implicit not null> | int |
|
||||
| user.kt:2:13:2:16 | int | int |
|
||||
| user.kt:2:15:2:15 | 5 | int |
|
||||
|
||||
@@ -6,6 +6,6 @@ def test(codeql, java_full):
|
||||
codeql.database.create(
|
||||
command=[
|
||||
f"javac {java_srcs} -d build",
|
||||
"kotlinc -language-version 2.0 user.kt -cp build",
|
||||
"kotlinc -language-version 1.9 user.kt -cp build",
|
||||
]
|
||||
)
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| user.kt:3:14:3:22 | getF(...) | file:///!unknown-binary-location/lib/TestKt.class:0:0:0:0 | getF |
|
||||
| user.kt:3:26:3:28 | getF(...) | file:///!unknown-binary-location/lib/TestKt.class:0:0:0:0 | getF |
|
||||
| user.kt:3:14:3:22 | getF(...) | lib/lib/TestKt.class:0:0:0:0 | getF |
|
||||
| user.kt:3:26:3:28 | getF(...) | lib/lib/TestKt.class:0:0:0:0 | getF |
|
||||
|
||||
@@ -2,5 +2,5 @@ import commands
|
||||
|
||||
|
||||
def test(codeql, java_full):
|
||||
commands.run("kotlinc -language-version 2.0 test.kt -d lib")
|
||||
codeql.database.create(command="kotlinc -language-version 2.0 user.kt -cp lib")
|
||||
commands.run("kotlinc -language-version 1.9 test.kt -d lib")
|
||||
codeql.database.create(command="kotlinc -language-version 1.9 user.kt -cp lib")
|
||||
|
||||
@@ -9,4 +9,4 @@
|
||||
| Percentage of calls with call target | 100 |
|
||||
| Total number of lines | 3 |
|
||||
| Total number of lines with extension kt | 3 |
|
||||
| Uses Kotlin 2: true | 1 |
|
||||
| Uses Kotlin 2: false | 1 |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
def test(codeql, java_full):
|
||||
codeql.database.create(command="kotlinc -J-Xmx2G -language-version 2.0 SomeClass.kt")
|
||||
codeql.database.create(command="kotlinc -J-Xmx2G -language-version 1.9 SomeClass.kt")
|
||||
|
||||
@@ -1,2 +1,3 @@
|
||||
| AKt.class:0:0:0:0 | AKt | true |
|
||||
| B.kt:0:0:0:0 | BKt | true |
|
||||
| C.kt:1:1:3:1 | C | false |
|
||||
|
||||
@@ -2,5 +2,5 @@ import commands
|
||||
|
||||
|
||||
def test(codeql, java_full):
|
||||
commands.run("kotlinc -language-version 2.0 A.kt")
|
||||
codeql.database.create(command="kotlinc -cp . -language-version 2.0 B.kt C.kt")
|
||||
commands.run("kotlinc -language-version 1.9 A.kt")
|
||||
codeql.database.create(command="kotlinc -cp . -language-version 1.9 B.kt C.kt")
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
| equals | Test |
|
||||
| hashCode | Test |
|
||||
| toString | Test |
|
||||
| toString | java.lang.CharSequence |
|
||||
|
||||
@@ -3,4 +3,4 @@ import commands
|
||||
|
||||
def test(codeql, java_full):
|
||||
commands.run(["javac", "Test.java", "-d", "bin"])
|
||||
codeql.database.create(command="kotlinc -language-version 2.0 user.kt -cp bin")
|
||||
codeql.database.create(command="kotlinc -language-version 1.9 user.kt -cp bin")
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 43828 of field callee is not in type @callable. Appears in tuple (-16776213,43828)
|
||||
Relevant element: callee=43828
|
||||
Full ID for 43828: @"callable;(0).takesComparable((35),(35))(36)". The ID may expand to @"callable;{@"class;JavaDefns"}.takesComparable({@"class;java.lang.Comparable;{@"wildcard;super{@"class;java.lang.CharSequence"}"}"},{@"class;java.lang.Comparable;{@"wildcard;super{@"class;java.lang.CharSequence"}"}"}){@"type;void"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 43832 of field callee is not in type @callable. Appears in tuple (-16776208,43832)
|
||||
Relevant element: callee=43832
|
||||
Full ID for 43832: @"callable;(0).takesArrayOfComparable((54),(54))(36)". The ID may expand to @"callable;{@"class;JavaDefns"}.takesArrayOfComparable({@"array;1;{@"class;java.lang.Comparable;{@"wildcard;super(19)"}"}"},{@"array;1;{@"class;java.lang.Comparable;{@"wildcard;super(19)"}"}"}){@"type;void"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 43837 of field callee is not in type @callable. Appears in tuple (-16776201,43837)
|
||||
Relevant element: callee=43837
|
||||
Full ID for 43837: @"callable;(0).<init>((35),(35))(36)". The ID may expand to @"callable;{@"class;JavaDefns"}.<init>({@"class;java.lang.Comparable;{@"wildcard;super{@"class;java.lang.CharSequence"}"}"},{@"class;java.lang.Comparable;{@"wildcard;super{@"class;java.lang.CharSequence"}"}"}){@"type;void"}"
|
||||
@@ -8,16 +8,16 @@
|
||||
| JavaDefns | takesComparable | invar | Comparable<CharSequence> |
|
||||
| JavaDefns | takesNestedComparable | innerContravar | Comparable<Comparable<? super CharSequence>> |
|
||||
| JavaDefns | takesNestedComparable | outerContravar | Comparable<? super Comparable<CharSequence>> |
|
||||
| JavaDefns2 | JavaDefns2 | p0 | Comparable<? super CharSequence> |
|
||||
| JavaDefns2 | JavaDefns2 | p0 | Comparable<CharSequence> |
|
||||
| JavaDefns2 | JavaDefns2 | p1 | Comparable<? super CharSequence> |
|
||||
| JavaDefns2 | returnsInvariant | return | Comparable<CharSequence> |
|
||||
| JavaDefns2 | returnsWildcard | return | Comparable<? super CharSequence> |
|
||||
| JavaDefns2 | takesArrayOfComparable | p0 | Comparable<? super CharSequence>[] |
|
||||
| JavaDefns2 | takesArrayOfComparable | p0 | Comparable<CharSequence>[] |
|
||||
| JavaDefns2 | takesArrayOfComparable | p1 | Comparable<? super CharSequence>[] |
|
||||
| JavaDefns2 | takesComparable | p0 | Comparable<? super CharSequence> |
|
||||
| JavaDefns2 | takesComparable | p0 | Comparable<CharSequence> |
|
||||
| JavaDefns2 | takesComparable | p1 | Comparable<? super CharSequence> |
|
||||
| JavaDefns2 | takesNestedComparable | p0 | Comparable<? super Comparable<? super CharSequence>> |
|
||||
| JavaDefns2 | takesNestedComparable | p1 | Comparable<? super Comparable<? super CharSequence>> |
|
||||
| JavaDefns2 | takesNestedComparable | p0 | Comparable<Comparable<? super CharSequence>> |
|
||||
| JavaDefns2 | takesNestedComparable | p1 | Comparable<? super Comparable<CharSequence>> |
|
||||
| KotlinDefns | returnsContravar | return | Comparable<CharSequence> |
|
||||
| KotlinDefns | returnsContravarForced | return | Comparable<? super CharSequence> |
|
||||
| KotlinDefns | returnsCovar | return | List<CharSequence> |
|
||||
|
||||
@@ -8,6 +8,6 @@ def test(codeql, java_full):
|
||||
command=[
|
||||
"kotlinc kotlindefns.kt",
|
||||
"javac JavaUser.java JavaDefns.java -cp .",
|
||||
"kotlinc -language-version 2.0 -cp . kotlinuser.kt",
|
||||
"kotlinc -language-version 1.9 -cp . kotlinuser.kt",
|
||||
]
|
||||
)
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved modeling of Apache HttpClient `execute` method sinks for `java/ssrf` and `java/non-https-url`.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Kotlin 2.4.0 can now be analysed.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* Kotlin versions below 2.0.0 are no longer supported for analysis. The minimum supported version is now Kotlin 2.0.0.
|
||||
@@ -11,7 +11,7 @@ extensions:
|
||||
- ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"]
|
||||
- ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
@@ -22,29 +22,3 @@ extensions:
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "request-forgery", "manual"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "build", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "delete", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "get", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "get", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "getUri", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "head", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "head", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "options", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "options", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "patch", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "post", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "post", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "put", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "put", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "trace", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
- ["org.apache.http.client.methods", "RequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
|
||||
|
||||
@@ -3,11 +3,6 @@ extensions:
|
||||
pack: codeql/java-all
|
||||
extensible: sinkModel
|
||||
data:
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpHost,HttpRequest)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpHost,HttpRequest,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpHost,HttpRequest,ResponseHandler)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpHost,HttpRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
- ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "request-forgery", "ai-manual"]
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 79083 of field callee is not in type @callable. Appears in tuple (-16776495,79083)
|
||||
Relevant element: callee=79083
|
||||
Full ID for 79083: @"callable;(21913).toString()(64)". The ID may expand to @"callable;{@"class;java.nio.file.Path"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 79083 of field callee is not in type @callable. Appears in tuple (-16776429,79083)
|
||||
Relevant element: callee=79083
|
||||
Full ID for 79083: @"callable;(21913).toString()(64)". The ID may expand to @"callable;{@"class;java.nio.file.Path"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 79083 of field callee is not in type @callable. Appears in tuple (-16776357,79083)
|
||||
Relevant element: callee=79083
|
||||
Full ID for 79083: @"callable;(21913).toString()(64)". The ID may expand to @"callable;{@"class;java.nio.file.Path"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 79083 of field callee is not in type @callable. Appears in tuple (-16776266,79083)
|
||||
Relevant element: callee=79083
|
||||
Full ID for 79083: @"callable;(21913).toString()(64)". The ID may expand to @"callable;{@"class;java.nio.file.Path"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 79083 of field callee is not in type @callable. Appears in tuple (-16776200,79083)
|
||||
Relevant element: callee=79083
|
||||
Full ID for 79083: @"callable;(21913).toString()(64)". The ID may expand to @"callable;{@"class;java.nio.file.Path"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): More errors, not displayed. There are 16 values of field callee that are not in type @callable for a relation of size 1821
|
||||
@@ -1,31 +0,0 @@
|
||||
| Test.java:137:22:137:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:141:35:141:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:148:22:148:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:152:35:152:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:159:22:159:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:163:35:163:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:178:35:178:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:181:35:181:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:189:35:189:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:192:35:192:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:200:35:200:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:203:35:203:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:362:22:362:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:366:35:366:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:373:22:373:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:377:35:377:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:384:22:384:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:388:35:388:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:402:22:402:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:406:35:406:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:413:22:413:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:417:35:417:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:424:22:424:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:428:35:428:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:436:22:436:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:440:35:440:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:447:22:447:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:451:35:451:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:458:22:458:27 | source | Unexpected result: hasTaintFlow |
|
||||
| Test.java:462:35:462:51 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
| Test.java:604:31:604:47 | // $ hasTaintFlow | Missing result: hasTaintFlow |
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
| CleartextStorageSharedPrefsTest.java:110:84:110:118 | // $ hasCleartextStorageSharedPrefs | Missing result: hasCleartextStorageSharedPrefs |
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 80453 of field callee is not in type @callable. Appears in tuple (-16773210,80453)
|
||||
Relevant element: callee=80453
|
||||
Full ID for 80453: @"callable;(846).toString()(21)". The ID may expand to @"callable;{@"class;java.lang.CharSequence"}.toString(){@"class;java.lang.String"}"
|
||||
[VALUE_NOT_IN_TYPE] predicate callableBinding(@caller callerid, @callable callee): Value 80453 of field callee is not in type @callable. Appears in tuple (-16773194,80453)
|
||||
Relevant element: callee=80453
|
||||
Full ID for 80453: @"callable;(846).toString()(21)". The ID may expand to @"callable;{@"class;java.lang.CharSequence"}.toString(){@"class;java.lang.String"}"
|
||||
@@ -1,45 +0,0 @@
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.http.HttpHost;
|
||||
import org.apache.http.HttpRequest;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.ResponseHandler;
|
||||
import org.apache.http.client.methods.HttpUriRequest;
|
||||
import org.apache.http.client.methods.RequestBuilder;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.message.BasicHttpRequest;
|
||||
import org.apache.http.protocol.HttpContext;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
public class ApacheHttpClientExecuteSSRF extends HttpServlet {
|
||||
|
||||
protected void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
try {
|
||||
|
||||
String source = request.getParameter("host"); // $ Source
|
||||
|
||||
HttpHost host = new HttpHost(source);
|
||||
HttpRequest req = new BasicHttpRequest("GET", "/");
|
||||
HttpUriRequest uriReq = RequestBuilder.get(source).build(); // $ Alert
|
||||
HttpContext context = null;
|
||||
HttpClient client = HttpClients.createDefault();
|
||||
ResponseHandler<Object> handler = null;
|
||||
|
||||
client.execute(host, req); // $ Alert
|
||||
client.execute(host, req, context); // $ Alert
|
||||
client.execute(host, req, handler); // $ Alert
|
||||
client.execute(host, req, handler, context); // $ Alert
|
||||
client.execute(uriReq); // $ Alert
|
||||
client.execute(uriReq, context); // $ Alert
|
||||
client.execute(uriReq, handler); // $ Alert
|
||||
client.execute(uriReq, handler, context); // $ Alert
|
||||
|
||||
} catch (Exception e) {
|
||||
// TODO: handle exception
|
||||
}
|
||||
}
|
||||
}
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1 +1 @@
|
||||
//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/javax-validation-constraints:${testdir}/../../../stubs/springframework-5.8.x:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/apache-http-client-4.4.13:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jaxws-api-2.0:${testdir}/../../../stubs/apache-cxf
|
||||
//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/javax-validation-constraints:${testdir}/../../../stubs/springframework-5.8.x:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jaxws-api-2.0:${testdir}/../../../stubs/apache-cxf
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
// Generated automatically from org.apache.http.client.HttpClient for testing purposes
|
||||
|
||||
package org.apache.http.client;
|
||||
|
||||
import java.io.IOException;
|
||||
import org.apache.http.HttpHost;
|
||||
import org.apache.http.HttpRequest;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpUriRequest;
|
||||
import org.apache.http.protocol.HttpContext;
|
||||
|
||||
public interface HttpClient {
|
||||
HttpResponse execute(HttpHost target, HttpRequest request) throws IOException;
|
||||
HttpResponse execute(HttpHost target, HttpRequest request, HttpContext context) throws IOException;
|
||||
<T> T execute(HttpHost target, HttpRequest request, ResponseHandler<? extends T> responseHandler) throws IOException;
|
||||
<T> T execute(HttpHost target, HttpRequest request, ResponseHandler<? extends T> responseHandler, HttpContext context)
|
||||
throws IOException;
|
||||
HttpResponse execute(HttpUriRequest request) throws IOException;
|
||||
HttpResponse execute(HttpUriRequest request, HttpContext context) throws IOException;
|
||||
<T> T execute(HttpUriRequest request, ResponseHandler<? extends T> responseHandler) throws IOException;
|
||||
<T> T execute(HttpUriRequest request, ResponseHandler<? extends T> responseHandler, HttpContext context)
|
||||
throws IOException;
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
// Generated automatically from org.apache.http.client.ResponseHandler for testing purposes
|
||||
|
||||
package org.apache.http.client;
|
||||
|
||||
import org.apache.http.HttpResponse;
|
||||
|
||||
public interface ResponseHandler<T> {
|
||||
T handleResponse(HttpResponse response);
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
package org.apache.http.impl.client;
|
||||
|
||||
import org.apache.http.client.HttpClient;
|
||||
|
||||
public abstract class CloseableHttpClient implements HttpClient {
|
||||
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
// Generated automatically from org.apache.http.client.HttpClient for testing purposes
|
||||
|
||||
package org.apache.http.impl.client;
|
||||
|
||||
import java.io.IOException;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
|
||||
public final class HttpClients {
|
||||
public static CloseableHttpClient createDefault() { return null; }
|
||||
}
|
||||
@@ -21,19 +21,13 @@ file_coverage_languages:
|
||||
scc_languages:
|
||||
- TypeScript
|
||||
- TypeScript Typings
|
||||
- name: vue
|
||||
display_name: Vue.js component
|
||||
scc_languages:
|
||||
- Vue
|
||||
github_api_languages:
|
||||
- JavaScript
|
||||
- TypeScript
|
||||
- Vue
|
||||
scc_languages:
|
||||
- JavaScript
|
||||
- TypeScript
|
||||
- TypeScript Typings
|
||||
- Vue
|
||||
file_types:
|
||||
- name: javascript
|
||||
display_name: JavaScript
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Simplified the internal predicates that detect `@staticmethod`, `@classmethod` and `@property` decorators to match the decorator's AST `Name` directly, rather than going through the CFG and requiring the name to resolve globally. Code that shadows these three builtin decorators at the module-scope will now be classified by the decorator name alone; in practice, shadowing these names is extremely rare and the call-graph results are unchanged.
|
||||
@@ -256,9 +256,12 @@ predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) {
|
||||
*/
|
||||
overlay[local]
|
||||
predicate isStaticmethod(Function func) {
|
||||
exists(NameNode id | id.getId() = "staticmethod" and id.isGlobal() |
|
||||
func.getADecorator() = id.getNode()
|
||||
)
|
||||
// The decorator is *syntactically* a `Name` "staticmethod" — we don't
|
||||
// care which variable it resolves to. `staticmethod` is a builtin and
|
||||
// is almost never shadowed in a module-level scope; even if a class
|
||||
// redefines `staticmethod` in its body, the class body has not started
|
||||
// executing yet at the decorator position, so Python uses the builtin.
|
||||
func.getADecorator().(Name).getId() = "staticmethod"
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -268,9 +271,9 @@ predicate isStaticmethod(Function func) {
|
||||
*/
|
||||
overlay[local]
|
||||
predicate isClassmethod(Function func) {
|
||||
exists(NameNode id | id.getId() = "classmethod" and id.isGlobal() |
|
||||
func.getADecorator() = id.getNode()
|
||||
)
|
||||
// See `isStaticmethod` for the rationale for matching on the AST `Name`
|
||||
// rather than going via the CFG and `isGlobal()`.
|
||||
func.getADecorator().(Name).getId() = "classmethod"
|
||||
or
|
||||
exists(Class cls |
|
||||
cls.getAMethod() = func and
|
||||
@@ -285,9 +288,8 @@ predicate isClassmethod(Function func) {
|
||||
/** Holds if the function `func` has a `property` decorator. */
|
||||
overlay[local]
|
||||
predicate hasPropertyDecorator(Function func) {
|
||||
exists(NameNode id | id.getId() = "property" and id.isGlobal() |
|
||||
func.getADecorator() = id.getNode()
|
||||
)
|
||||
// See `isStaticmethod` for the rationale for matching on the AST `Name`.
|
||||
func.getADecorator().(Name).getId() = "property"
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -9,7 +9,19 @@ private import semmle.python.dataflow.new.DataFlow
|
||||
private import semmle.python.dataflow.new.internal.ImportStar
|
||||
private import semmle.python.dataflow.new.TypeTracking
|
||||
private import semmle.python.dataflow.new.internal.DataFlowPrivate
|
||||
private import semmle.python.essa.SsaDefinitions
|
||||
|
||||
/**
|
||||
* Holds if `init` is a package's `__init__.py` and `var` is a global variable in
|
||||
* `init` whose name matches a submodule of the package.
|
||||
*
|
||||
* Inlined from `SsaSource::init_module_submodule_defn` to avoid pulling
|
||||
* `semmle.python.essa.SsaDefinitions` into the new dataflow stack.
|
||||
*/
|
||||
private predicate initModuleSubmoduleDefn(GlobalVariable var, Module init) {
|
||||
init.isPackageInit() and
|
||||
exists(init.getPackage().getSubModule(var.getId())) and
|
||||
var.getScope() = init
|
||||
}
|
||||
|
||||
/**
|
||||
* Python modules and the way imports are resolved are... complicated. Here's a crash course in how
|
||||
@@ -326,7 +338,7 @@ module ImportResolution {
|
||||
// imported yet.
|
||||
exists(string submodule, Module package, EssaVariable var |
|
||||
submodule = var.getName() and
|
||||
SsaSource::init_module_submodule_defn(var.getSourceVariable(), package.getEntryNode()) and
|
||||
initModuleSubmoduleDefn(var.getSourceVariable(), package) and
|
||||
m = getModuleFromName(package.getPackageName() + "." + submodule) and
|
||||
result.asCfgNode() = var.getDefinition().(EssaNodeDefinition).getDefiningNode()
|
||||
)
|
||||
|
||||
@@ -134,7 +134,7 @@ class BlockParameter extends NamedParameter, TBlockParameter {
|
||||
final override string getName() { result = g.getName().getValue() }
|
||||
|
||||
final override LocalVariable getVariable() {
|
||||
result.(LocalVariableReal).getDefiningNode() = g.getName() or
|
||||
result = TLocalVariableReal(_, _, g.getName()) or
|
||||
result = TLocalVariableSynth(this, 0)
|
||||
}
|
||||
|
||||
@@ -164,7 +164,7 @@ class HashSplatParameter extends NamedParameter, THashSplatParameter {
|
||||
final override string getAPrimaryQlClass() { result = "HashSplatParameter" }
|
||||
|
||||
final override LocalVariable getVariable() {
|
||||
result.(LocalVariableReal).getDefiningNode() = g.getName() or
|
||||
result = TLocalVariableReal(_, _, g.getName()) or
|
||||
result = TLocalVariableSynth(this, 0)
|
||||
}
|
||||
|
||||
@@ -212,9 +212,7 @@ class KeywordParameter extends NamedParameter, TKeywordParameter {
|
||||
|
||||
final override string getAPrimaryQlClass() { result = "KeywordParameter" }
|
||||
|
||||
final override LocalVariable getVariable() {
|
||||
result.(LocalVariableReal).getDefiningNode() = g.getName()
|
||||
}
|
||||
final override LocalVariable getVariable() { result = TLocalVariableReal(_, _, g.getName()) }
|
||||
|
||||
/**
|
||||
* Gets the default value, i.e. the value assigned to the parameter when one
|
||||
@@ -264,9 +262,7 @@ class OptionalParameter extends NamedParameter, TOptionalParameter {
|
||||
*/
|
||||
final Expr getDefaultValue() { toGenerated(result) = g.getValue() }
|
||||
|
||||
final override LocalVariable getVariable() {
|
||||
result.(LocalVariableReal).getDefiningNode() = g.getName()
|
||||
}
|
||||
final override LocalVariable getVariable() { result = TLocalVariableReal(_, _, g.getName()) }
|
||||
|
||||
final override string toString() { result = this.getName() }
|
||||
|
||||
@@ -297,7 +293,7 @@ class SplatParameter extends NamedParameter, TSplatParameter {
|
||||
final override string getAPrimaryQlClass() { result = "SplatParameter" }
|
||||
|
||||
final override LocalVariable getVariable() {
|
||||
result.(LocalVariableReal).getDefiningNode() = g.getName() or
|
||||
result = TLocalVariableReal(_, _, g.getName()) or
|
||||
result = TLocalVariableSynth(this, 0)
|
||||
}
|
||||
|
||||
|
||||
@@ -207,7 +207,9 @@ private module Cached {
|
||||
TLambda(Ruby::Lambda g) or
|
||||
TLine(Ruby::Line g) or
|
||||
TLeftAssignmentList(Ruby::LeftAssignmentList g) or
|
||||
TLocalVariableAccessReal(Ruby::Identifier g, TLocalVariableReal v) { access(g, v) } or
|
||||
TLocalVariableAccessReal(Ruby::Identifier g, TLocalVariableReal v) {
|
||||
LocalVariableAccess::range(g, v)
|
||||
} or
|
||||
TLocalVariableAccessSynth(Ast::AstNode parent, int i, Ast::LocalVariable v) {
|
||||
mkSynthChild(LocalVariableAccessRealKind(v), parent, i)
|
||||
or
|
||||
|
||||
@@ -33,7 +33,7 @@ class SimpleParameterRealImpl extends SimpleParameterImpl, TSimpleParameterReal
|
||||
|
||||
SimpleParameterRealImpl() { this = TSimpleParameterReal(g) }
|
||||
|
||||
override LocalVariable getVariableImpl() { result.(LocalVariableReal).getDefiningNode() = g }
|
||||
override LocalVariable getVariableImpl() { result = TLocalVariableReal(_, _, g) }
|
||||
|
||||
override string getNameImpl() { result = g.getValue() }
|
||||
}
|
||||
|
||||
@@ -118,7 +118,7 @@ private Ruby::AstNode specialParentOf(Ruby::AstNode n) {
|
||||
]
|
||||
}
|
||||
|
||||
Ruby::AstNode parentOf(Ruby::AstNode n) {
|
||||
private Ruby::AstNode parentOf(Ruby::AstNode n) {
|
||||
n = getHereDocBody(result)
|
||||
or
|
||||
result = specialParentOf(n).getParent()
|
||||
@@ -172,15 +172,13 @@ private module Cached {
|
||||
}
|
||||
}
|
||||
|
||||
import Cached
|
||||
bindingset[n]
|
||||
pragma[inline_late]
|
||||
Scope::Range scopeOf(Ruby::AstNode n) { result = Cached::scopeOfImpl(n) }
|
||||
|
||||
bindingset[n]
|
||||
pragma[inline_late]
|
||||
Scope::Range scopeOf(Ruby::AstNode n) { result = scopeOfImpl(n) }
|
||||
|
||||
bindingset[n]
|
||||
pragma[inline_late]
|
||||
Scope scopeOfInclSynth(AstNode n) { result = scopeOfInclSynthImpl(n) }
|
||||
Scope scopeOfInclSynth(AstNode n) { result = Cached::scopeOfInclSynthImpl(n) }
|
||||
|
||||
abstract class ScopeImpl extends AstNode, TScopeType {
|
||||
final Scope getOuterScopeImpl() { result = scopeOfInclSynth(this) }
|
||||
|
||||
@@ -299,12 +299,9 @@ private predicate hasLocation(AstNode n, Location l) {
|
||||
private module ImplicitSelfSynthesis {
|
||||
pragma[nomagic]
|
||||
private predicate identifierMethodCallSelfSynthesis(AstNode mc, int i, Child child) {
|
||||
exists(SelfVariableImpl self |
|
||||
self.getDeclaringScopeImpl() = scopeOf(toGenerated(mc)).getEnclosingSelfScope() and
|
||||
child = SynthChild(SelfKind(self)) and
|
||||
mc = TIdentifierMethodCall(_) and
|
||||
i = 0
|
||||
)
|
||||
child = SynthChild(SelfKind(TSelfVariable(scopeOf(toGenerated(mc)).getEnclosingSelfScope()))) and
|
||||
mc = TIdentifierMethodCall(_) and
|
||||
i = 0
|
||||
}
|
||||
|
||||
private class IdentifierMethodCallSelfSynthesis extends Synthesis {
|
||||
@@ -315,14 +312,13 @@ private module ImplicitSelfSynthesis {
|
||||
|
||||
pragma[nomagic]
|
||||
private predicate regularMethodCallSelfSynthesis(TRegularMethodCall mc, int i, Child child) {
|
||||
exists(Ruby::AstNode g, SelfVariableImpl self |
|
||||
exists(Ruby::AstNode g |
|
||||
mc = TRegularMethodCall(g) and
|
||||
// If there's no explicit receiver, then the receiver is implicitly `self`.
|
||||
not exists(g.(Ruby::Call).getReceiver()) and
|
||||
self.getDeclaringScopeImpl() = scopeOf(toGenerated(mc)).getEnclosingSelfScope() and
|
||||
child = SynthChild(SelfKind(self)) and
|
||||
i = 0
|
||||
)
|
||||
not exists(g.(Ruby::Call).getReceiver())
|
||||
) and
|
||||
child = SynthChild(SelfKind(TSelfVariable(scopeOf(toGenerated(mc)).getEnclosingSelfScope()))) and
|
||||
i = 0
|
||||
}
|
||||
|
||||
private class RegularMethodCallSelfSynthesis extends Synthesis {
|
||||
@@ -345,10 +341,9 @@ private module ImplicitSelfSynthesis {
|
||||
*/
|
||||
pragma[nomagic]
|
||||
private SelfKind getSelfKind(InstanceVariableAccess var) {
|
||||
exists(Ruby::AstNode owner, SelfVariableImpl self |
|
||||
self.getDeclaringScopeImpl() = scopeOf(owner).getEnclosingSelfScope() and
|
||||
exists(Ruby::AstNode owner |
|
||||
owner = toGenerated(instanceVarAccessSynthParentStar(var)) and
|
||||
result = SelfKind(self)
|
||||
result = SelfKind(TSelfVariable(scopeOf(owner).getEnclosingSelfScope()))
|
||||
)
|
||||
}
|
||||
|
||||
@@ -1571,20 +1566,20 @@ private module ForLoopDesugar {
|
||||
* { a: a }
|
||||
* ```
|
||||
*/
|
||||
module ImplicitHashValueSynthesis {
|
||||
Ruby::AstNode keyWithoutValue(Ruby::AstNode parent, int i) {
|
||||
private module ImplicitHashValueSynthesis {
|
||||
private Ruby::AstNode keyWithoutValue(AstNode parent, int i) {
|
||||
exists(Ruby::KeywordPattern pair |
|
||||
result = pair.getKey() and
|
||||
result = parent.(Ruby::HashPattern).getChild(i).(Ruby::KeywordPattern).getKey() and
|
||||
result = toGenerated(parent.(HashPattern).getKey(i)) and
|
||||
not exists(pair.getValue())
|
||||
)
|
||||
or
|
||||
parent =
|
||||
any(Ruby::Pair pair |
|
||||
i = 0 and
|
||||
result = pair.getKey() and
|
||||
not exists(pair.getValue())
|
||||
)
|
||||
exists(Ruby::Pair pair |
|
||||
i = 0 and
|
||||
result = pair.getKey() and
|
||||
pair = toGenerated(parent) and
|
||||
not exists(pair.getValue())
|
||||
)
|
||||
}
|
||||
|
||||
private string keyName(Ruby::AstNode key) {
|
||||
@@ -1594,7 +1589,7 @@ module ImplicitHashValueSynthesis {
|
||||
|
||||
private class ImplicitHashValueSynthesis extends Synthesis {
|
||||
final override predicate child(AstNode parent, int i, Child child) {
|
||||
exists(Ruby::AstNode key | key = keyWithoutValue(toGenerated(parent), i) |
|
||||
exists(Ruby::AstNode key | key = keyWithoutValue(parent, i) |
|
||||
exists(TVariableReal variable |
|
||||
access(key, variable) and
|
||||
child = SynthChild(LocalVariableAccessRealKind(variable))
|
||||
@@ -1621,7 +1616,7 @@ module ImplicitHashValueSynthesis {
|
||||
}
|
||||
|
||||
final override predicate location(AstNode n, Location l) {
|
||||
exists(AstNode p, int i | l = keyWithoutValue(toGenerated(p), i).getLocation() |
|
||||
exists(AstNode p, int i | l = keyWithoutValue(p, i).getLocation() |
|
||||
n = p.(HashPattern).getValue(i)
|
||||
or
|
||||
i = 0 and n = p.(Pair).getValue()
|
||||
|
||||
@@ -2,7 +2,6 @@ overlay[local]
|
||||
module;
|
||||
|
||||
private import TreeSitter
|
||||
private import codeql.namebinding.LocalNameBinding
|
||||
private import codeql.ruby.AST
|
||||
private import codeql.ruby.CFG
|
||||
private import codeql.ruby.ast.internal.AST
|
||||
@@ -95,11 +94,10 @@ predicate scopeDefinesParameterVariable(
|
||||
// In case of overlapping parameter names (e.g. `_`), only the first
|
||||
// parameter will give rise to a variable
|
||||
i =
|
||||
min(Ruby::Identifier other, int startline, int startcolumn |
|
||||
parameterAssignment(scope, name, other, _) and
|
||||
other.getLocation().hasLocationInfo(_, startline, startcolumn, _, _)
|
||||
min(Ruby::Identifier other |
|
||||
parameterAssignment(scope, name, other, _)
|
||||
|
|
||||
other order by startline, startcolumn
|
||||
other order by other.getLocation().getStartLine(), other.getLocation().getStartColumn()
|
||||
) and
|
||||
parameterAssignment(scope, name, _, pos)
|
||||
or
|
||||
@@ -115,8 +113,7 @@ predicate scopeDefinesParameterVariable(
|
||||
)
|
||||
}
|
||||
|
||||
bindingset[i]
|
||||
pragma[inline_late]
|
||||
pragma[nomagic]
|
||||
private string variableNameInScope(Ruby::AstNode i, Scope::Range scope) {
|
||||
scope = scopeOf(i) and
|
||||
(
|
||||
@@ -140,142 +137,40 @@ private predicate scopeAssigns(Scope::Range scope, string name, Ruby::AstNode i)
|
||||
name = variableNameInScope(i, scope)
|
||||
}
|
||||
|
||||
private module Input implements LocalNameBindingInputSig<Location> {
|
||||
predicate cacheRevRef() { exists(TVariable v) implies any() }
|
||||
|
||||
class AstNode = Ruby::AstNode;
|
||||
|
||||
AstNode getChild(AstNode parent, int index) {
|
||||
parent = parentOf(result) and
|
||||
(
|
||||
index = result.getParentIndex()
|
||||
or
|
||||
not exists(result.getParentIndex()) and
|
||||
index = -1
|
||||
)
|
||||
}
|
||||
|
||||
class Conditional extends AstNode {
|
||||
Conditional() { none() }
|
||||
|
||||
AstNode getCondition() { none() }
|
||||
|
||||
AstNode getThen() { none() }
|
||||
|
||||
AstNode getElse() { none() }
|
||||
}
|
||||
|
||||
class SiblingShadowingDecl extends AstNode {
|
||||
SiblingShadowingDecl() { none() }
|
||||
|
||||
AstNode getLhs() { none() }
|
||||
|
||||
AstNode getRhs() { none() }
|
||||
|
||||
AstNode getElse() { none() }
|
||||
}
|
||||
|
||||
predicate isTopScope(AstNode scope) {
|
||||
scope instanceof Scope::Range and
|
||||
not (
|
||||
scope instanceof Ruby::Block or
|
||||
scope instanceof Ruby::DoBlock or
|
||||
scope instanceof Ruby::Lambda
|
||||
)
|
||||
}
|
||||
|
||||
private Scope::Range getParentScope(Scope::Range scope) {
|
||||
result = scopeOf(scope) and
|
||||
not isTopScope(scope)
|
||||
}
|
||||
|
||||
bindingset[name, scope]
|
||||
pragma[inline_late]
|
||||
private predicate declInScope0(AstNode definingNode, string name, AstNode scope) {
|
||||
scopeDefinesParameterVariable(scope, name, definingNode, _) or
|
||||
scopeAssigns(scope, name, definingNode)
|
||||
}
|
||||
|
||||
predicate declInScope(AstNode definingNode, string name, AstNode scope) {
|
||||
scopeDefinesParameterVariable(scope, name, definingNode, _)
|
||||
or
|
||||
/*
|
||||
* Variables are not declared explicitly in Ruby, so we consider the _first_ assignment to
|
||||
* be the declaration:
|
||||
*
|
||||
* ```rb
|
||||
* a = 1 # declares `a`
|
||||
* a = 2 # does not declare `a`
|
||||
* 1.times do | x | # declares `x`
|
||||
* a = 2 # does not declare `a`
|
||||
* end
|
||||
* ```
|
||||
*/
|
||||
|
||||
scopeAssigns(scope, name, definingNode) and
|
||||
not scopeDefinesParameterVariable(scope, name, _, _) and
|
||||
not exists(AstNode prev, AstNode prevScope |
|
||||
prevScope = getParentScope*(scope) and
|
||||
declInScope0(prev, name, prevScope) and
|
||||
prev.getLocation().strictlyBefore(definingNode.getLocation())
|
||||
)
|
||||
}
|
||||
|
||||
predicate implicitDeclInScope(string name, AstNode scope) {
|
||||
name = "self" and
|
||||
scope instanceof SelfBase::Range
|
||||
}
|
||||
|
||||
predicate accessCand(AstNode n, string name) {
|
||||
name = variableNameInScope(n, _) and
|
||||
(
|
||||
explicitAssignmentNode(n, _)
|
||||
or
|
||||
implicitAssignmentNode(n)
|
||||
or
|
||||
scopeDefinesParameterVariable(_, _, n, _)
|
||||
or
|
||||
vcall(n)
|
||||
or
|
||||
n = any(Ruby::VariableReferencePattern vr).getName()
|
||||
or
|
||||
n = ImplicitHashValueSynthesis::keyWithoutValue(_, _)
|
||||
)
|
||||
or
|
||||
n instanceof Ruby::Self and
|
||||
name = "self"
|
||||
}
|
||||
}
|
||||
|
||||
private import LocalNameBinding<Location, Input>
|
||||
|
||||
cached
|
||||
private module Cached {
|
||||
cached
|
||||
newtype TVariable =
|
||||
TGlobalVariable(string name) {
|
||||
CachedStage::ref() and
|
||||
name = any(Ruby::GlobalVariable var).getValue()
|
||||
} or
|
||||
TGlobalVariable(string name) { name = any(Ruby::GlobalVariable var).getValue() } or
|
||||
TClassVariable(Scope::Range scope, string name, Ruby::AstNode decl) {
|
||||
decl =
|
||||
min(Ruby::ClassVariable other, int startline, int startcolumn |
|
||||
classVariableAccess(other, name, scope) and
|
||||
other.getLocation().hasLocationInfo(_, startline, startcolumn, _, _)
|
||||
min(Ruby::ClassVariable other |
|
||||
classVariableAccess(other, name, scope)
|
||||
|
|
||||
other order by startline, startcolumn
|
||||
other order by other.getLocation().getStartLine(), other.getLocation().getStartColumn()
|
||||
)
|
||||
} or
|
||||
TInstanceVariable(Scope::Range scope, string name, boolean instance, Ruby::AstNode decl) {
|
||||
decl =
|
||||
min(Ruby::InstanceVariable other, int startline, int startcolumn |
|
||||
instanceVariableAccess(other, name, scope, instance) and
|
||||
other.getLocation().hasLocationInfo(_, startline, startcolumn, _, _)
|
||||
min(Ruby::InstanceVariable other |
|
||||
instanceVariableAccess(other, name, scope, instance)
|
||||
|
|
||||
other order by startline, startcolumn
|
||||
other order by other.getLocation().getStartLine(), other.getLocation().getStartColumn()
|
||||
)
|
||||
} or
|
||||
TLocalVariableReal(Local l) or
|
||||
TLocalVariableReal(Scope::Range scope, string name, Ruby::AstNode i) {
|
||||
scopeDefinesParameterVariable(scope, name, i, _)
|
||||
or
|
||||
i =
|
||||
min(Ruby::AstNode other |
|
||||
scopeAssigns(scope, name, other)
|
||||
|
|
||||
other order by other.getLocation().getStartLine(), other.getLocation().getStartColumn()
|
||||
) and
|
||||
not scopeDefinesParameterVariable(scope, name, _, _) and
|
||||
not inherits(scope, name, _)
|
||||
} or
|
||||
TSelfVariable(SelfBase::Range scope) or
|
||||
TLocalVariableSynth(AstNode n, int i) { any(Synthesis s).localVariable(n, i) }
|
||||
|
||||
// Db types that can be vcalls
|
||||
@@ -426,37 +321,39 @@ private module Cached {
|
||||
i = any(Ruby::ExpressionReferencePattern x).getValue()
|
||||
}
|
||||
|
||||
pragma[nomagic]
|
||||
private predicate hasScopeAndName(VariableReal variable, Scope::Range scope, string name) {
|
||||
variable.getNameImpl() = name and
|
||||
scope = variable.getDeclaringScopeImpl()
|
||||
}
|
||||
|
||||
cached
|
||||
predicate access(Ruby::AstNode access, VariableReal variable) {
|
||||
exists(Local l |
|
||||
variable = TLocalVariableReal(l) and
|
||||
access = l.getAnAccess()
|
||||
exists(string name, Scope::Range scope |
|
||||
pragma[only_bind_into](name) = variableNameInScope(access, scope)
|
||||
|
|
||||
l instanceof ImplicitLocal
|
||||
hasScopeAndName(variable, scope, name) and
|
||||
not access.getLocation().strictlyBefore(variable.getLocationImpl()) and
|
||||
// In case of overlapping parameter names, later parameters should not
|
||||
// be considered accesses to the first parameter
|
||||
if parameterAssignment(_, _, access, _)
|
||||
then scopeDefinesParameterVariable(_, _, access, _)
|
||||
else any()
|
||||
or
|
||||
/*
|
||||
* In the example below, `a` is declared in the scope of `M`, but only the
|
||||
* second mention of `a` is an actual access:
|
||||
*
|
||||
* ```rb
|
||||
* module M
|
||||
* puts a # calls method `a`
|
||||
* a = 1 # declares `a`
|
||||
* puts a # accesses variable `a`
|
||||
* end
|
||||
* ```
|
||||
*/
|
||||
|
||||
not access.getLocation().strictlyBefore(l.getDefiningNode().getLocation())
|
||||
exists(Scope::Range declScope |
|
||||
hasScopeAndName(variable, declScope, pragma[only_bind_into](name)) and
|
||||
inherits(scope, name, declScope)
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
private class Access extends Ruby::Token {
|
||||
Access() {
|
||||
access(this, _) or
|
||||
access(this.(Ruby::Identifier), _) or
|
||||
this instanceof Ruby::GlobalVariable or
|
||||
this instanceof Ruby::InstanceVariable or
|
||||
this instanceof Ruby::ClassVariable
|
||||
this instanceof Ruby::ClassVariable or
|
||||
this instanceof Ruby::Self
|
||||
}
|
||||
}
|
||||
|
||||
@@ -501,6 +398,29 @@ private module Cached {
|
||||
|
||||
import Cached
|
||||
|
||||
/** Holds if this scope inherits `name` from an outer scope `outer`. */
|
||||
private predicate inherits(Scope::Range scope, string name, Scope::Range outer) {
|
||||
(
|
||||
scope instanceof Ruby::Block or
|
||||
scope instanceof Ruby::DoBlock or
|
||||
scope instanceof Ruby::Lambda
|
||||
) and
|
||||
not scopeDefinesParameterVariable(scope, name, _, _) and
|
||||
(
|
||||
outer = scope.getOuterScope() and
|
||||
(
|
||||
scopeDefinesParameterVariable(outer, name, _, _)
|
||||
or
|
||||
exists(Ruby::AstNode i |
|
||||
scopeAssigns(outer, name, i) and
|
||||
i.getLocation().strictlyBefore(scope.getLocation())
|
||||
)
|
||||
)
|
||||
or
|
||||
inherits(scope.getOuterScope(), name, outer)
|
||||
)
|
||||
}
|
||||
|
||||
abstract class VariableImpl extends TVariable {
|
||||
abstract string getNameImpl();
|
||||
|
||||
@@ -509,9 +429,10 @@ abstract class VariableImpl extends TVariable {
|
||||
abstract Location getLocationImpl();
|
||||
}
|
||||
|
||||
class TVariableReal = TGlobalVariable or TClassVariable or TInstanceVariable or TLocalVariableReal;
|
||||
class TVariableReal =
|
||||
TGlobalVariable or TClassVariable or TInstanceVariable or TLocalVariableReal or TSelfVariable;
|
||||
|
||||
class TLocalVariable = TLocalVariableReal or TLocalVariableSynth;
|
||||
class TLocalVariable = TLocalVariableReal or TLocalVariableSynth or TSelfVariable;
|
||||
|
||||
/**
|
||||
* A "real" (i.e. non-synthesized) variable. This class only exists to
|
||||
@@ -537,19 +458,19 @@ private class VariableRealAdapter extends VariableImpl, TVariableReal instanceof
|
||||
}
|
||||
|
||||
class LocalVariableReal extends VariableReal, TLocalVariableReal {
|
||||
private Local l;
|
||||
private Scope::Range scope;
|
||||
private string name;
|
||||
private Ruby::AstNode i;
|
||||
|
||||
LocalVariableReal() { this = TLocalVariableReal(l) }
|
||||
LocalVariableReal() { this = TLocalVariableReal(scope, name, i) }
|
||||
|
||||
Ruby::AstNode getDefiningNode() { result = l.getDefiningNode() }
|
||||
final override string getNameImpl() { result = name }
|
||||
|
||||
final override string getNameImpl() { result = l.getName() }
|
||||
final override Location getLocationImpl() { result = i.getLocation() }
|
||||
|
||||
final override Location getLocationImpl() { result = l.getLocation() }
|
||||
final override Scope::Range getDeclaringScopeImpl() { result = scope }
|
||||
|
||||
final override Scope::Range getDeclaringScopeImpl() { result = l.getScope() }
|
||||
|
||||
final VariableAccess getDefiningAccessImpl() { toGenerated(result) = l.getDefiningNode() }
|
||||
final VariableAccess getDefiningAccessImpl() { toGenerated(result) = i }
|
||||
}
|
||||
|
||||
class LocalVariableSynth extends VariableImpl, TLocalVariableSynth {
|
||||
@@ -610,16 +531,34 @@ class ClassVariableImpl extends VariableReal, TClassVariable {
|
||||
final override Scope::Range getDeclaringScopeImpl() { result = scope }
|
||||
}
|
||||
|
||||
class SelfVariableImpl extends LocalVariableReal {
|
||||
private ImplicitLocal l;
|
||||
class SelfVariableImpl extends VariableReal, TSelfVariable {
|
||||
private SelfBase::Range scope;
|
||||
|
||||
SelfVariableImpl() { this = TLocalVariableReal(l) }
|
||||
SelfVariableImpl() { this = TSelfVariable(scope) }
|
||||
|
||||
final override string getNameImpl() { result = "self" }
|
||||
|
||||
final override Location getLocationImpl() { result = scope.getLocation() }
|
||||
|
||||
final override Scope::Range getDeclaringScopeImpl() { result = scope }
|
||||
}
|
||||
|
||||
abstract class VariableAccessImpl extends Expr, TVariableAccess {
|
||||
abstract VariableImpl getVariableImpl();
|
||||
}
|
||||
|
||||
module LocalVariableAccess {
|
||||
predicate range(Ruby::Identifier id, TLocalVariableReal v) {
|
||||
access(id, v) and
|
||||
(
|
||||
explicitWriteAccess(id, _) or
|
||||
implicitWriteAccess(id) or
|
||||
vcall(id) or
|
||||
id = any(Ruby::VariableReferencePattern vr).getName()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class TVariableAccessReal =
|
||||
TLocalVariableAccessReal or TGlobalVariableAccess or TInstanceVariableAccess or
|
||||
TClassVariableAccess;
|
||||
@@ -742,8 +681,7 @@ private class SelfVariableAccessReal extends SelfVariableAccessImpl, TSelfReal {
|
||||
|
||||
SelfVariableAccessReal() {
|
||||
exists(Ruby::Self self |
|
||||
this = TSelfReal(self) and
|
||||
access(self, var)
|
||||
this = TSelfReal(self) and var = TSelfVariable(scopeOf(self).getEnclosingSelfScope())
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -14,7 +14,6 @@ dependencies:
|
||||
codeql/ssa: ${workspace}
|
||||
codeql/tutorial: ${workspace}
|
||||
codeql/util: ${workspace}
|
||||
codeql/namebinding: ${workspace}
|
||||
dataExtensions:
|
||||
- codeql/ruby/frameworks/**/model.yml
|
||||
- codeql/ruby/frameworks/**/*.model.yml
|
||||
|
||||
@@ -28,7 +28,6 @@ parameterVariable
|
||||
| parameters.rb:59:22:59:26 | (..., ...) | parameters.rb:59:25:59:25 | c |
|
||||
| scopes.rb:2:14:2:14 | x | scopes.rb:2:14:2:14 | x |
|
||||
| scopes.rb:9:14:9:14 | x | scopes.rb:9:14:9:14 | x |
|
||||
| scopes.rb:69:15:69:15 | x | scopes.rb:69:15:69:15 | x |
|
||||
| ssa.rb:1:7:1:7 | b | ssa.rb:1:7:1:7 | b |
|
||||
| ssa.rb:18:8:18:8 | x | ssa.rb:18:8:18:8 | x |
|
||||
| ssa.rb:25:8:25:15 | elements | ssa.rb:25:8:25:15 | elements |
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user