mirror of
https://github.com/github/codeql.git
synced 2026-07-02 10:05:31 +02:00
Compare commits
3 Commits
temp-dca-p
...
bazookamus
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
4ab58a57fc | ||
|
|
93a26cb6c0 | ||
|
|
554576c031 |
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* Models-as-data flow summaries now use fully qualified field names (for example, `MyNamespace::MyStruct::myField`) instead of unqualified field names such as `myField`. We recommend updating existing flow summaries to use fully qualified field names. Unqualified field names are still supported, but that support will be removed in a future release.
|
||||
@@ -40,24 +40,12 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
||||
arg = repeatStars(rk.(NormalReturnKind).getIndirectionIndex())
|
||||
}
|
||||
|
||||
bindingset[namespace, type, base]
|
||||
private string formatQualifiedName(string namespace, string type, string base) {
|
||||
if namespace = ""
|
||||
then result = type + "::" + base
|
||||
else result = namespace + "::" + type + "::" + base
|
||||
}
|
||||
|
||||
string encodeContent(ContentSet cs, string arg) {
|
||||
exists(FieldContent c, string namespace, string type, string base |
|
||||
exists(FieldContent c |
|
||||
cs.isSingleton(c) and
|
||||
// FieldContent indices have 0 for the address, 1 for content, so we need to subtract one.
|
||||
result = "Field" and
|
||||
c.getField().hasQualifiedName(namespace, type, base)
|
||||
|
|
||||
arg = repeatStars(c.getIndirectionIndex() - 1) + formatQualifiedName(namespace, type, base)
|
||||
or
|
||||
// TODO: This disjunct can be removed once we stop supporting unqualified field names.
|
||||
arg = repeatStars(c.getIndirectionIndex() - 1) + base
|
||||
arg = repeatStars(c.getIndirectionIndex() - 1) + c.getField().getName()
|
||||
)
|
||||
or
|
||||
exists(ElementContent ec |
|
||||
|
||||
@@ -1378,8 +1378,6 @@ predicate nodeIsHidden(Node n) {
|
||||
n instanceof InitialGlobalValue
|
||||
or
|
||||
n instanceof SsaSynthNode
|
||||
or
|
||||
n.(FlowSummaryNode).getSummaryNode().isHidden()
|
||||
}
|
||||
|
||||
predicate neverSkipInPathGraph(Node n) {
|
||||
|
||||
@@ -48,20 +48,19 @@ models
|
||||
| 47 | Summary: ; ; false; callWithArgument; ; ; Argument[1]; Argument[0].Parameter[0]; value; manual |
|
||||
| 48 | Summary: ; ; false; callWithNonTypeTemplate<T>; (const T &); ; Argument[*0]; ReturnValue; value; manual |
|
||||
| 49 | Summary: ; ; false; pthread_create; ; ; Argument[@3]; Argument[2].Parameter[@0]; value; manual |
|
||||
| 50 | Summary: ; ; false; read_field_from_struct; ; ; Argument[*0].Field[MyNamespace::MyStructInNamespace::myField]; ReturnValue; value; manual |
|
||||
| 51 | Summary: ; ; false; read_field_from_struct_2; ; ; Argument[*0].Field[MyGlobalStruct::myField]; ReturnValue; value; manual |
|
||||
| 52 | Summary: ; ; false; ymlStepGenerated; ; ; Argument[0]; ReturnValue; taint; df-generated |
|
||||
| 53 | Summary: ; ; false; ymlStepManual; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||
| 54 | Summary: ; ; false; ymlStepManual_with_body; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||
| 55 | Summary: ; TemplateClass1; true; templateFunction2<U,V>; (U,V); ; Argument[1]; ReturnValue; value; manual |
|
||||
| 56 | Summary: ; TemplateClass1<T>; false; templateFunction<U>; (T,U); ; Argument[0]; ReturnValue; value; manual |
|
||||
| 57 | Summary: ; TemplateClass2<T,U>; true; function; (U,T); ; Argument[1]; ReturnValue; value; manual |
|
||||
| 58 | Summary: Azure::Core::IO; BodyStream; true; Read; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||
| 59 | Summary: Azure::Core::IO; BodyStream; true; ReadToCount; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||
| 60 | Summary: Azure::Core::IO; BodyStream; true; ReadToEnd; ; ; Argument[-1]; ReturnValue.Element; taint; manual |
|
||||
| 61 | Summary: Azure; Nullable; true; Value; ; ; Argument[-1]; ReturnValue[*]; taint; manual |
|
||||
| 62 | Summary: boost::asio; ; false; buffer; ; ; Argument[*0]; ReturnValue; taint; manual |
|
||||
| 50 | Summary: ; ; false; ymlStepGenerated; ; ; Argument[0]; ReturnValue; taint; df-generated |
|
||||
| 51 | Summary: ; ; false; ymlStepManual; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||
| 52 | Summary: ; ; false; ymlStepManual_with_body; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||
| 53 | Summary: ; TemplateClass1; true; templateFunction2<U,V>; (U,V); ; Argument[1]; ReturnValue; value; manual |
|
||||
| 54 | Summary: ; TemplateClass1<T>; false; templateFunction<U>; (T,U); ; Argument[0]; ReturnValue; value; manual |
|
||||
| 55 | Summary: ; TemplateClass2<T,U>; true; function; (U,T); ; Argument[1]; ReturnValue; value; manual |
|
||||
| 56 | Summary: Azure::Core::IO; BodyStream; true; Read; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||
| 57 | Summary: Azure::Core::IO; BodyStream; true; ReadToCount; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||
| 58 | Summary: Azure::Core::IO; BodyStream; true; ReadToEnd; ; ; Argument[-1]; ReturnValue.Element; taint; manual |
|
||||
| 59 | Summary: Azure; Nullable; true; Value; ; ; Argument[-1]; ReturnValue[*]; taint; manual |
|
||||
| 60 | Summary: boost::asio; ; false; buffer; ; ; Argument[*0]; ReturnValue; taint; manual |
|
||||
edges
|
||||
| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | provenance | MaD:60 |
|
||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:91:7:91:17 | recv_buffer | provenance | Src:MaD:32 |
|
||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:93:29:93:39 | *recv_buffer | provenance | Src:MaD:32 Sink:MaD:2 |
|
||||
| asio_streams.cpp:97:37:97:44 | call to source | asio_streams.cpp:98:7:98:14 | send_str | provenance | TaintFunction |
|
||||
@@ -69,16 +68,25 @@ edges
|
||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | |
|
||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:101:7:101:17 | send_buffer | provenance | |
|
||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:2 |
|
||||
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:62 |
|
||||
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance | |
|
||||
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:60 |
|
||||
| azure.cpp:62:10:62:14 | [summary param] this in Value | azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | provenance | MaD:59 |
|
||||
| azure.cpp:113:16:113:19 | [summary param] this in Read | azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | provenance | MaD:56 |
|
||||
| azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | provenance | MaD:57 |
|
||||
| azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | provenance | MaD:58 |
|
||||
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | provenance | |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:253:48:253:60 | *call to GetBodyStream | provenance | Src:MaD:29 |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:257:5:257:8 | *resp | provenance | |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:262:5:262:8 | *resp | provenance | |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:266:38:266:41 | *resp | provenance | |
|
||||
| azure.cpp:257:5:257:8 | *resp | azure.cpp:257:16:257:21 | Read output argument | provenance | MaD:58 |
|
||||
| azure.cpp:257:5:257:8 | *resp | azure.cpp:113:16:113:19 | [summary param] this in Read | provenance | |
|
||||
| azure.cpp:257:5:257:8 | *resp | azure.cpp:257:16:257:21 | Read output argument | provenance | MaD:56 |
|
||||
| azure.cpp:257:16:257:21 | Read output argument | azure.cpp:258:10:258:16 | * ... | provenance | |
|
||||
| azure.cpp:262:5:262:8 | *resp | azure.cpp:262:23:262:28 | ReadToCount output argument | provenance | MaD:59 |
|
||||
| azure.cpp:262:5:262:8 | *resp | azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | provenance | |
|
||||
| azure.cpp:262:5:262:8 | *resp | azure.cpp:262:23:262:28 | ReadToCount output argument | provenance | MaD:57 |
|
||||
| azure.cpp:262:23:262:28 | ReadToCount output argument | azure.cpp:263:10:263:16 | * ... | provenance | |
|
||||
| azure.cpp:266:38:266:41 | *resp | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | MaD:60 |
|
||||
| azure.cpp:266:38:266:41 | *resp | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | provenance | |
|
||||
| azure.cpp:266:38:266:41 | *resp | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | MaD:58 |
|
||||
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | |
|
||||
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:267:10:267:12 | vec [element] | provenance | |
|
||||
| azure.cpp:267:10:267:12 | vec [element] | azure.cpp:267:10:267:12 | vec | provenance | |
|
||||
@@ -94,10 +102,12 @@ edges
|
||||
| azure.cpp:278:10:278:13 | body | azure.cpp:278:10:278:13 | body | provenance | |
|
||||
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:281:68:281:84 | *call to ExtractBodyStream | provenance | Src:MaD:26 |
|
||||
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:282:21:282:23 | *call to get | provenance | |
|
||||
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | MaD:60 |
|
||||
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | provenance | |
|
||||
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | MaD:58 |
|
||||
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:10:282:38 | call to ReadToEnd | provenance | |
|
||||
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | |
|
||||
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:289:63:289:65 | call to Value | provenance | MaD:61 |
|
||||
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:62:10:62:14 | [summary param] this in Value | provenance | |
|
||||
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:289:63:289:65 | call to Value | provenance | MaD:59 |
|
||||
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:24:289:56 | call to GetHeader | provenance | |
|
||||
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:32:289:40 | call to GetHeader | provenance | Src:MaD:30 |
|
||||
| azure.cpp:289:63:289:65 | call to Value | azure.cpp:289:63:289:65 | call to Value | provenance | |
|
||||
@@ -109,6 +119,9 @@ edges
|
||||
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||
| azure.cpp:295:10:295:20 | contentType | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||
| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:51 |
|
||||
| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:50 |
|
||||
| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:52 |
|
||||
| test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance | |
|
||||
| test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance | |
|
||||
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
@@ -119,13 +132,16 @@ edges
|
||||
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance | |
|
||||
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | |
|
||||
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:1 |
|
||||
| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:53 |
|
||||
| test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance | |
|
||||
| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:51 |
|
||||
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | |
|
||||
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:1 |
|
||||
| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:52 |
|
||||
| test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance | |
|
||||
| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:50 |
|
||||
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | |
|
||||
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:1 |
|
||||
| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:54 |
|
||||
| test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance | |
|
||||
| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:52 |
|
||||
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | |
|
||||
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:1 |
|
||||
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance | |
|
||||
@@ -133,10 +149,20 @@ edges
|
||||
| test.cpp:46:30:46:32 | *arg [x] | test.cpp:47:12:47:19 | *arg [x] | provenance | |
|
||||
| test.cpp:47:12:47:19 | *arg [x] | test.cpp:48:13:48:13 | *s [x] | provenance | |
|
||||
| test.cpp:48:13:48:13 | *s [x] | test.cpp:48:16:48:16 | x | provenance | Sink:MaD:1 |
|
||||
| test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | provenance | MaD:49 |
|
||||
| test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | test.cpp:46:30:46:32 | *arg [x] | provenance | |
|
||||
| test.cpp:56:2:56:2 | *s [post update] [x] | test.cpp:59:55:59:64 | *& ... [x] | provenance | |
|
||||
| test.cpp:56:2:56:18 | ... = ... | test.cpp:56:2:56:2 | *s [post update] [x] | provenance | |
|
||||
| test.cpp:56:8:56:16 | call to ymlSource | test.cpp:56:2:56:18 | ... = ... | provenance | Src:MaD:25 |
|
||||
| test.cpp:59:55:59:64 | *& ... [x] | test.cpp:46:30:46:32 | *arg [x] | provenance | MaD:49 |
|
||||
| test.cpp:59:55:59:64 | *& ... [x] | test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | provenance | |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:68:22:68:22 | y | provenance | |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:74:22:74:22 | y | provenance | |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:82:22:82:22 | y | provenance | |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:88:22:88:22 | y | provenance | |
|
||||
| test.cpp:68:22:68:22 | y | test.cpp:69:11:69:11 | y | provenance | Sink:MaD:1 |
|
||||
| test.cpp:74:22:74:22 | y | test.cpp:75:11:75:11 | y | provenance | Sink:MaD:1 |
|
||||
| test.cpp:82:22:82:22 | y | test.cpp:83:11:83:11 | y | provenance | Sink:MaD:1 |
|
||||
@@ -146,61 +172,69 @@ edges
|
||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:101:26:101:26 | x | provenance | |
|
||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:103:63:103:63 | x | provenance | |
|
||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:104:62:104:62 | x | provenance | |
|
||||
| test.cpp:97:26:97:26 | x | test.cpp:68:22:68:22 | y | provenance | MaD:47 |
|
||||
| test.cpp:101:26:101:26 | x | test.cpp:74:22:74:22 | y | provenance | MaD:47 |
|
||||
| test.cpp:103:63:103:63 | x | test.cpp:82:22:82:22 | y | provenance | MaD:47 |
|
||||
| test.cpp:104:62:104:62 | x | test.cpp:88:22:88:22 | y | provenance | MaD:47 |
|
||||
| test.cpp:97:26:97:26 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||
| test.cpp:101:26:101:26 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||
| test.cpp:103:63:103:63 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||
| test.cpp:104:62:104:62 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||
| test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | provenance | MaD:48 |
|
||||
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:114:10:114:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:118:44:118:44 | *x | provenance | |
|
||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | |
|
||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:119:10:119:11 | y2 | provenance | Sink:MaD:1 |
|
||||
| test.cpp:118:44:118:44 | *x | test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | provenance | |
|
||||
| test.cpp:118:44:118:44 | *x | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | MaD:48 |
|
||||
| test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | provenance | MaD:54 |
|
||||
| test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | provenance | MaD:53 |
|
||||
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:133:10:133:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:134:45:134:45 | x | provenance | |
|
||||
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:134:13:134:43 | call to templateFunction | provenance | |
|
||||
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:135:10:135:10 | y | provenance | Sink:MaD:1 |
|
||||
| test.cpp:134:45:134:45 | x | test.cpp:134:13:134:43 | call to templateFunction | provenance | MaD:56 |
|
||||
| test.cpp:134:45:134:45 | x | test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | provenance | |
|
||||
| test.cpp:134:45:134:45 | x | test.cpp:134:13:134:43 | call to templateFunction | provenance | MaD:54 |
|
||||
| test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | provenance | MaD:55 |
|
||||
| test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | provenance | MaD:55 |
|
||||
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:146:10:146:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:148:26:148:26 | x | provenance | |
|
||||
| test.cpp:148:10:148:27 | call to function | test.cpp:148:10:148:27 | call to function | provenance | |
|
||||
| test.cpp:148:10:148:27 | call to function | test.cpp:149:10:149:10 | z | provenance | Sink:MaD:1 |
|
||||
| test.cpp:148:26:148:26 | x | test.cpp:148:10:148:27 | call to function | provenance | MaD:57 |
|
||||
| test.cpp:148:26:148:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | provenance | |
|
||||
| test.cpp:148:26:148:26 | x | test.cpp:148:10:148:27 | call to function | provenance | MaD:55 |
|
||||
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:155:10:155:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:157:26:157:26 | x | provenance | |
|
||||
| test.cpp:157:13:157:20 | call to function | test.cpp:157:13:157:20 | call to function | provenance | |
|
||||
| test.cpp:157:13:157:20 | call to function | test.cpp:158:10:158:10 | z | provenance | Sink:MaD:1 |
|
||||
| test.cpp:157:26:157:26 | x | test.cpp:157:13:157:20 | call to function | provenance | MaD:57 |
|
||||
| test.cpp:157:26:157:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | provenance | |
|
||||
| test.cpp:157:26:157:26 | x | test.cpp:157:13:157:20 | call to function | provenance | MaD:55 |
|
||||
| test.cpp:164:34:164:34 | x | test.cpp:165:69:165:69 | x | provenance | |
|
||||
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:164:7:164:7 | *templateFunction3 | provenance | |
|
||||
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | |
|
||||
| test.cpp:165:69:165:69 | x | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | MaD:55 |
|
||||
| test.cpp:165:69:165:69 | x | test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | provenance | |
|
||||
| test.cpp:165:69:165:69 | x | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | MaD:53 |
|
||||
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:170:10:170:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:172:51:172:51 | x | provenance | |
|
||||
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | |
|
||||
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:173:10:173:10 | y | provenance | Sink:MaD:1 |
|
||||
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | provenance | |
|
||||
| test.cpp:172:51:172:51 | x | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | MaD:55 |
|
||||
| test.cpp:186:2:186:2 | *s [post update] [myField] | test.cpp:187:33:187:34 | *& ... [myField] | provenance | |
|
||||
| test.cpp:186:2:186:24 | ... = ... | test.cpp:186:2:186:2 | *s [post update] [myField] | provenance | |
|
||||
| test.cpp:186:14:186:22 | call to ymlSource | test.cpp:186:2:186:24 | ... = ... | provenance | Src:MaD:25 |
|
||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | test.cpp:187:10:187:31 | call to read_field_from_struct | provenance | |
|
||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | test.cpp:188:10:188:10 | x | provenance | Sink:MaD:1 |
|
||||
| test.cpp:187:33:187:34 | *& ... [myField] | test.cpp:187:10:187:31 | call to read_field_from_struct | provenance | MaD:50 |
|
||||
| test.cpp:199:2:199:2 | *s [post update] [myField] | test.cpp:200:35:200:36 | *& ... [myField] | provenance | |
|
||||
| test.cpp:199:2:199:24 | ... = ... | test.cpp:199:2:199:2 | *s [post update] [myField] | provenance | |
|
||||
| test.cpp:199:14:199:22 | call to ymlSource | test.cpp:199:2:199:24 | ... = ... | provenance | Src:MaD:25 |
|
||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | test.cpp:200:10:200:33 | call to read_field_from_struct_2 | provenance | |
|
||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | test.cpp:201:10:201:10 | x | provenance | Sink:MaD:1 |
|
||||
| test.cpp:200:35:200:36 | *& ... [myField] | test.cpp:200:10:200:33 | call to read_field_from_struct_2 | provenance | MaD:51 |
|
||||
| test.cpp:172:51:172:51 | x | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | MaD:53 |
|
||||
| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:33 |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:3 |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance | |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance | |
|
||||
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | |
|
||||
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance | |
|
||||
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | provenance | |
|
||||
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:33 |
|
||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:4 |
|
||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance | |
|
||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:5 |
|
||||
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance | |
|
||||
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance | |
|
||||
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:37 |
|
||||
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:37 |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance | |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | provenance | |
|
||||
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | provenance | |
|
||||
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:149:18:149:62 | *hEvent | provenance | |
|
||||
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:151:8:151:14 | * ... | provenance | |
|
||||
@@ -217,11 +251,11 @@ edges
|
||||
| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:17 |
|
||||
| windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance | |
|
||||
| windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance | |
|
||||
| windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | MaD:37 |
|
||||
| windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance | |
|
||||
| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:17 |
|
||||
| windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance | |
|
||||
| windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance | |
|
||||
| windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | MaD:37 |
|
||||
| windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance | |
|
||||
| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:16 |
|
||||
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:12 |
|
||||
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance | |
|
||||
@@ -244,6 +278,12 @@ edges
|
||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:15 |
|
||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance | |
|
||||
| windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance | |
|
||||
| windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | provenance | MaD:36 |
|
||||
| windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | windows.cpp:403:26:403:36 | *lpParameter [x] | provenance | |
|
||||
| windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | provenance | MaD:34 |
|
||||
| windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | windows.cpp:410:26:410:36 | *lpParameter [x] | provenance | |
|
||||
| windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | provenance | MaD:35 |
|
||||
| windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | windows.cpp:417:26:417:36 | *lpParameter [x] | provenance | |
|
||||
| windows.cpp:403:26:403:36 | *lpParameter [x] | windows.cpp:405:10:405:25 | *lpParameter [x] | provenance | |
|
||||
| windows.cpp:405:10:405:25 | *lpParameter [x] | windows.cpp:406:8:406:8 | *s [x] | provenance | |
|
||||
| windows.cpp:406:8:406:8 | *s [x] | windows.cpp:406:8:406:11 | x | provenance | |
|
||||
@@ -258,9 +298,22 @@ edges
|
||||
| windows.cpp:431:3:431:3 | *s [post update] [x] | windows.cpp:464:7:464:8 | *& ... [x] | provenance | |
|
||||
| windows.cpp:431:3:431:16 | ... = ... | windows.cpp:431:3:431:3 | *s [post update] [x] | provenance | |
|
||||
| windows.cpp:431:9:431:14 | call to source | windows.cpp:431:3:431:16 | ... = ... | provenance | |
|
||||
| windows.cpp:439:7:439:8 | *& ... [x] | windows.cpp:403:26:403:36 | *lpParameter [x] | provenance | MaD:36 |
|
||||
| windows.cpp:451:7:451:8 | *& ... [x] | windows.cpp:410:26:410:36 | *lpParameter [x] | provenance | MaD:34 |
|
||||
| windows.cpp:464:7:464:8 | *& ... [x] | windows.cpp:417:26:417:36 | *lpParameter [x] | provenance | MaD:35 |
|
||||
| windows.cpp:439:7:439:8 | *& ... [x] | windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | provenance | |
|
||||
| windows.cpp:451:7:451:8 | *& ... [x] | windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | provenance | |
|
||||
| windows.cpp:464:7:464:8 | *& ... [x] | windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | provenance | |
|
||||
| windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | provenance | MaD:42 |
|
||||
| windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | provenance | MaD:38 |
|
||||
| windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | provenance | MaD:39 |
|
||||
| windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | provenance | MaD:40 |
|
||||
| windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | provenance | |
|
||||
| windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | provenance | MaD:41 |
|
||||
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | provenance | |
|
||||
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | provenance | |
|
||||
| windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | provenance | MaD:44 |
|
||||
| windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | provenance | MaD:45 |
|
||||
| windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | provenance | MaD:43 |
|
||||
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | provenance | |
|
||||
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | provenance | |
|
||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:533:11:533:16 | call to source | provenance | |
|
||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:537:40:537:41 | *& ... | provenance | |
|
||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:542:38:542:39 | *& ... | provenance | |
|
||||
@@ -269,29 +322,37 @@ edges
|
||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:568:32:568:33 | *& ... | provenance | |
|
||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:573:40:573:41 | *& ... | provenance | |
|
||||
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | windows.cpp:538:10:538:23 | access to array | provenance | |
|
||||
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | provenance | |
|
||||
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | provenance | MaD:42 |
|
||||
| windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | windows.cpp:543:10:543:23 | access to array | provenance | |
|
||||
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | provenance | |
|
||||
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | provenance | MaD:38 |
|
||||
| windows.cpp:547:19:547:29 | RtlCopyMemory output argument | windows.cpp:548:10:548:23 | access to array | provenance | |
|
||||
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | provenance | |
|
||||
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:547:19:547:29 | RtlCopyMemory output argument | provenance | MaD:39 |
|
||||
| windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | windows.cpp:553:10:553:23 | access to array | provenance | |
|
||||
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | provenance | |
|
||||
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | provenance | MaD:40 |
|
||||
| windows.cpp:559:5:559:24 | ... = ... | windows.cpp:561:39:561:44 | *buffer | provenance | |
|
||||
| windows.cpp:559:17:559:24 | call to source | windows.cpp:559:5:559:24 | ... = ... | provenance | |
|
||||
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:562:10:562:19 | *src_string [*Buffer] | provenance | |
|
||||
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:563:40:563:50 | *& ... [*Buffer] | provenance | |
|
||||
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | provenance | |
|
||||
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | provenance | MaD:43 |
|
||||
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:10:562:29 | access to array | provenance | |
|
||||
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:21:562:26 | *Buffer | provenance | |
|
||||
| windows.cpp:562:21:562:26 | *Buffer | windows.cpp:562:10:562:29 | access to array | provenance | |
|
||||
| windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | windows.cpp:564:10:564:20 | *dest_string [*Buffer] | provenance | |
|
||||
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | provenance | |
|
||||
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | provenance | MaD:41 |
|
||||
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:10:564:30 | access to array | provenance | |
|
||||
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:22:564:27 | *Buffer | provenance | |
|
||||
| windows.cpp:564:22:564:27 | *Buffer | windows.cpp:564:10:564:30 | access to array | provenance | |
|
||||
| windows.cpp:568:19:568:29 | RtlMoveMemory output argument | windows.cpp:569:10:569:23 | access to array | provenance | |
|
||||
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | provenance | |
|
||||
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:568:19:568:29 | RtlMoveMemory output argument | provenance | MaD:44 |
|
||||
| windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | windows.cpp:574:10:574:23 | access to array | provenance | |
|
||||
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | provenance | |
|
||||
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | provenance | MaD:45 |
|
||||
| windows.cpp:645:45:645:50 | WinHttpReadData output argument | windows.cpp:647:10:647:16 | * ... | provenance | Src:MaD:23 |
|
||||
| windows.cpp:652:48:652:53 | WinHttpReadDataEx output argument | windows.cpp:654:10:654:16 | * ... | provenance | Src:MaD:24 |
|
||||
@@ -299,8 +360,10 @@ edges
|
||||
| windows.cpp:669:70:669:79 | WinHttpQueryHeadersEx output argument | windows.cpp:673:10:673:29 | * ... | provenance | Src:MaD:21 |
|
||||
| windows.cpp:669:82:669:87 | WinHttpQueryHeadersEx output argument | windows.cpp:671:10:671:16 | * ... | provenance | Src:MaD:22 |
|
||||
| windows.cpp:669:105:669:112 | WinHttpQueryHeadersEx output argument | windows.cpp:675:10:675:27 | * ... | provenance | Src:MaD:20 |
|
||||
| windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | provenance | MaD:46 |
|
||||
| windows.cpp:728:5:728:28 | ... = ... | windows.cpp:729:35:729:35 | *x | provenance | |
|
||||
| windows.cpp:728:12:728:28 | call to source | windows.cpp:728:5:728:28 | ... = ... | provenance | |
|
||||
| windows.cpp:729:35:729:35 | *x | windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | provenance | |
|
||||
| windows.cpp:729:35:729:35 | *x | windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | provenance | MaD:46 |
|
||||
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:731:10:731:36 | * ... | provenance | |
|
||||
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:733:10:733:35 | * ... | provenance | |
|
||||
@@ -323,6 +386,8 @@ edges
|
||||
| windows.cpp:936:70:936:78 | HttpReceiveClientCertificate output argument | windows.cpp:941:10:941:31 | * ... | provenance | Src:MaD:6 |
|
||||
| windows.cpp:937:15:937:48 | *& ... | windows.cpp:939:10:939:11 | * ... | provenance | |
|
||||
nodes
|
||||
| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | semmle.label | [summary param] *0 in buffer |
|
||||
| asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | semmle.label | [summary] to write: ReturnValue in buffer |
|
||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | semmle.label | read_until output argument |
|
||||
| asio_streams.cpp:91:7:91:17 | recv_buffer | semmle.label | recv_buffer |
|
||||
| asio_streams.cpp:93:29:93:39 | *recv_buffer | semmle.label | *recv_buffer |
|
||||
@@ -333,6 +398,15 @@ nodes
|
||||
| asio_streams.cpp:100:64:100:71 | *send_str | semmle.label | *send_str |
|
||||
| asio_streams.cpp:101:7:101:17 | send_buffer | semmle.label | send_buffer |
|
||||
| asio_streams.cpp:103:29:103:39 | *send_buffer | semmle.label | *send_buffer |
|
||||
| azure.cpp:62:10:62:14 | [summary param] this in Value | semmle.label | [summary param] this in Value |
|
||||
| azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | semmle.label | [summary] to write: ReturnValue[*] in Value |
|
||||
| azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | semmle.label | [summary param] *0 in Read [Return] |
|
||||
| azure.cpp:113:16:113:19 | [summary param] this in Read | semmle.label | [summary param] this in Read |
|
||||
| azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | semmle.label | [summary param] *0 in ReadToCount [Return] |
|
||||
| azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | semmle.label | [summary param] this in ReadToCount |
|
||||
| azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | semmle.label | [summary param] this in ReadToEnd |
|
||||
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | semmle.label | [summary] to write: ReturnValue in ReadToEnd [element] |
|
||||
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | semmle.label | [summary] to write: ReturnValue.Element in ReadToEnd |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
||||
| azure.cpp:257:5:257:8 | *resp | semmle.label | *resp |
|
||||
@@ -377,6 +451,12 @@ nodes
|
||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||
| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | semmle.label | [summary param] 0 in ymlStepManual |
|
||||
| test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | semmle.label | [summary] to write: ReturnValue in ymlStepManual |
|
||||
| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | semmle.label | [summary param] 0 in ymlStepGenerated |
|
||||
| test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | semmle.label | [summary] to write: ReturnValue in ymlStepGenerated |
|
||||
| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | semmle.label | [summary param] 0 in ymlStepManual_with_body |
|
||||
| test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | semmle.label | [summary] to write: ReturnValue in ymlStepManual_with_body |
|
||||
| test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | semmle.label | *ymlStepGenerated_with_body |
|
||||
| test.cpp:7:47:7:52 | value2 | semmle.label | value2 |
|
||||
| test.cpp:7:64:7:69 | value2 | semmle.label | value2 |
|
||||
@@ -403,10 +483,20 @@ nodes
|
||||
| test.cpp:47:12:47:19 | *arg [x] | semmle.label | *arg [x] |
|
||||
| test.cpp:48:13:48:13 | *s [x] | semmle.label | *s [x] |
|
||||
| test.cpp:48:16:48:16 | x | semmle.label | x |
|
||||
| test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | semmle.label | [summary param] *3 in pthread_create [x] |
|
||||
| test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | semmle.label | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] |
|
||||
| test.cpp:56:2:56:2 | *s [post update] [x] | semmle.label | *s [post update] [x] |
|
||||
| test.cpp:56:2:56:18 | ... = ... | semmle.label | ... = ... |
|
||||
| test.cpp:56:8:56:16 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:59:55:59:64 | *& ... [x] | semmle.label | *& ... [x] |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||
| test.cpp:68:22:68:22 | y | semmle.label | y |
|
||||
| test.cpp:69:11:69:11 | y | semmle.label | y |
|
||||
| test.cpp:74:22:74:22 | y | semmle.label | y |
|
||||
@@ -421,18 +511,28 @@ nodes
|
||||
| test.cpp:101:26:101:26 | x | semmle.label | x |
|
||||
| test.cpp:103:63:103:63 | x | semmle.label | x |
|
||||
| test.cpp:104:62:104:62 | x | semmle.label | x |
|
||||
| test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | semmle.label | [summary param] *0 in callWithNonTypeTemplate |
|
||||
| test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | semmle.label | [summary] to write: ReturnValue in callWithNonTypeTemplate |
|
||||
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
||||
| test.cpp:118:44:118:44 | *x | semmle.label | *x |
|
||||
| test.cpp:119:10:119:11 | y2 | semmle.label | y2 |
|
||||
| test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | semmle.label | [summary param] 0 in templateFunction |
|
||||
| test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | semmle.label | [summary] to write: ReturnValue in templateFunction |
|
||||
| test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | semmle.label | [summary param] 1 in templateFunction2 |
|
||||
| test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | semmle.label | [summary] to write: ReturnValue in templateFunction2 |
|
||||
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
||||
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
||||
| test.cpp:134:45:134:45 | x | semmle.label | x |
|
||||
| test.cpp:135:10:135:10 | y | semmle.label | y |
|
||||
| test.cpp:140:4:140:11 | [summary param] 1 in function | semmle.label | [summary param] 1 in function |
|
||||
| test.cpp:140:4:140:11 | [summary param] 1 in function | semmle.label | [summary param] 1 in function |
|
||||
| test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | semmle.label | [summary] to write: ReturnValue in function |
|
||||
| test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | semmle.label | [summary] to write: ReturnValue in function |
|
||||
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:148:10:148:27 | call to function | semmle.label | call to function |
|
||||
@@ -456,20 +556,8 @@ nodes
|
||||
| test.cpp:172:13:172:44 | call to templateFunction3 | semmle.label | call to templateFunction3 |
|
||||
| test.cpp:172:51:172:51 | x | semmle.label | x |
|
||||
| test.cpp:173:10:173:10 | y | semmle.label | y |
|
||||
| test.cpp:186:2:186:2 | *s [post update] [myField] | semmle.label | *s [post update] [myField] |
|
||||
| test.cpp:186:2:186:24 | ... = ... | semmle.label | ... = ... |
|
||||
| test.cpp:186:14:186:22 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | semmle.label | call to read_field_from_struct |
|
||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | semmle.label | call to read_field_from_struct |
|
||||
| test.cpp:187:33:187:34 | *& ... [myField] | semmle.label | *& ... [myField] |
|
||||
| test.cpp:188:10:188:10 | x | semmle.label | x |
|
||||
| test.cpp:199:2:199:2 | *s [post update] [myField] | semmle.label | *s [post update] [myField] |
|
||||
| test.cpp:199:2:199:24 | ... = ... | semmle.label | ... = ... |
|
||||
| test.cpp:199:14:199:22 | call to ymlSource | semmle.label | call to ymlSource |
|
||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | semmle.label | call to read_field_from_struct_2 |
|
||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | semmle.label | call to read_field_from_struct_2 |
|
||||
| test.cpp:200:35:200:36 | *& ... [myField] | semmle.label | *& ... [myField] |
|
||||
| test.cpp:201:10:201:10 | x | semmle.label | x |
|
||||
| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | semmle.label | [summary param] *0 in CommandLineToArgvA |
|
||||
| windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | semmle.label | [summary] to write: ReturnValue[**] in CommandLineToArgvA |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
||||
| windows.cpp:24:8:24:11 | * ... | semmle.label | * ... |
|
||||
@@ -482,6 +570,14 @@ nodes
|
||||
| windows.cpp:36:10:36:13 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | semmle.label | GetEnvironmentVariableA output argument |
|
||||
| windows.cpp:41:10:41:13 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | semmle.label | [summary param] *3 in ReadFileEx [*hEvent] |
|
||||
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | semmle.label | [summary param] *3 in ReadFileEx [hEvent] |
|
||||
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx |
|
||||
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx |
|
||||
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx |
|
||||
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
|
||||
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
||||
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
||||
@@ -535,6 +631,12 @@ nodes
|
||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | semmle.label | *call to MapViewOfFileNuma2 |
|
||||
| windows.cpp:333:20:333:52 | *pMapView | semmle.label | *pMapView |
|
||||
| windows.cpp:335:10:335:16 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | semmle.label | [summary param] *3 in CreateThread [x] |
|
||||
| windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | semmle.label | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] |
|
||||
| windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | semmle.label | [summary param] *4 in CreateRemoteThread [x] |
|
||||
| windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | semmle.label | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] |
|
||||
| windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | semmle.label | [summary param] *4 in CreateRemoteThreadEx [x] |
|
||||
| windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | semmle.label | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] |
|
||||
| windows.cpp:403:26:403:36 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
||||
| windows.cpp:405:10:405:25 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
||||
| windows.cpp:406:8:406:8 | *s [x] | semmle.label | *s [x] |
|
||||
@@ -553,6 +655,27 @@ nodes
|
||||
| windows.cpp:439:7:439:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||
| windows.cpp:451:7:451:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||
| windows.cpp:464:7:464:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||
| windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | semmle.label | [summary param] *0 in RtlCopyVolatileMemory [Return] |
|
||||
| windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | semmle.label | [summary param] *1 in RtlCopyVolatileMemory |
|
||||
| windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | semmle.label | [summary param] *0 in RtlCopyDeviceMemory [Return] |
|
||||
| windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | semmle.label | [summary param] *1 in RtlCopyDeviceMemory |
|
||||
| windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | semmle.label | [summary param] *0 in RtlCopyMemory [Return] |
|
||||
| windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | semmle.label | [summary param] *1 in RtlCopyMemory |
|
||||
| windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | semmle.label | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] |
|
||||
| windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | semmle.label | [summary param] *1 in RtlCopyMemoryNonTemporal |
|
||||
| windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | semmle.label | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] |
|
||||
| windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | semmle.label | [summary param] *1 in RtlCopyUnicodeString [*Buffer] |
|
||||
| windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | semmle.label | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString |
|
||||
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | semmle.label | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] |
|
||||
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | semmle.label | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString |
|
||||
| windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | semmle.label | [summary param] *0 in RtlMoveMemory [Return] |
|
||||
| windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | semmle.label | [summary param] *1 in RtlMoveMemory |
|
||||
| windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | semmle.label | [summary param] *0 in RtlMoveVolatileMemory [Return] |
|
||||
| windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | semmle.label | [summary param] *1 in RtlMoveVolatileMemory |
|
||||
| windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | semmle.label | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] |
|
||||
| windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | semmle.label | [summary param] *1 in RtlInitUnicodeString |
|
||||
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | semmle.label | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] |
|
||||
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | semmle.label | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString |
|
||||
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
||||
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
||||
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | semmle.label | RtlCopyVolatileMemory output argument |
|
||||
@@ -597,6 +720,8 @@ nodes
|
||||
| windows.cpp:671:10:671:16 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:673:10:673:29 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:675:10:675:27 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | semmle.label | [summary param] *0 in WinHttpCrackUrl |
|
||||
| windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | semmle.label | [summary param] *3 in WinHttpCrackUrl [Return] |
|
||||
| windows.cpp:728:5:728:28 | ... = ... | semmle.label | ... = ... |
|
||||
| windows.cpp:728:12:728:28 | call to source | semmle.label | call to source |
|
||||
| windows.cpp:729:35:729:35 | *x | semmle.label | *x |
|
||||
@@ -625,6 +750,30 @@ nodes
|
||||
| windows.cpp:939:10:939:11 | * ... | semmle.label | * ... |
|
||||
| windows.cpp:941:10:941:31 | * ... | semmle.label | * ... |
|
||||
subpaths
|
||||
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | asio_streams.cpp:100:44:100:62 | call to buffer |
|
||||
| azure.cpp:257:5:257:8 | *resp | azure.cpp:113:16:113:19 | [summary param] this in Read | azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | azure.cpp:257:16:257:21 | Read output argument |
|
||||
| azure.cpp:262:5:262:8 | *resp | azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | azure.cpp:262:23:262:28 | ReadToCount output argument |
|
||||
| azure.cpp:266:38:266:41 | *resp | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | azure.cpp:266:44:266:52 | call to ReadToEnd [element] |
|
||||
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | azure.cpp:282:28:282:36 | call to ReadToEnd [element] |
|
||||
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:62:10:62:14 | [summary param] this in Value | azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | azure.cpp:289:63:289:65 | call to Value |
|
||||
| test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual |
|
||||
| test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated |
|
||||
| test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body |
|
||||
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body |
|
||||
| test.cpp:118:44:118:44 | *x | test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate |
|
||||
| test.cpp:134:45:134:45 | x | test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | test.cpp:134:13:134:43 | call to templateFunction |
|
||||
| test.cpp:148:26:148:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | test.cpp:148:10:148:27 | call to function |
|
||||
| test.cpp:157:26:157:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | test.cpp:157:13:157:20 | call to function |
|
||||
| test.cpp:165:69:165:69 | x | test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | test.cpp:165:12:165:64 | call to templateFunction2 |
|
||||
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | test.cpp:164:7:164:7 | *templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 |
|
||||
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA |
|
||||
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument |
|
||||
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument |
|
||||
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | windows.cpp:547:19:547:29 | RtlCopyMemory output argument |
|
||||
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument |
|
||||
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] |
|
||||
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] |
|
||||
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | windows.cpp:568:19:568:29 | RtlMoveMemory output argument |
|
||||
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument |
|
||||
| windows.cpp:729:35:729:35 | *x | windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument |
|
||||
testFailures
|
||||
|
||||
@@ -21,6 +21,4 @@ extensions:
|
||||
- ["", "", False, "callWithNonTypeTemplate<T>", "(const T &)", "", "Argument[*0]", "ReturnValue", "value", "manual"]
|
||||
- ["", "TemplateClass1<T>", False, "templateFunction<U>", "(T,U)", "", "Argument[0]", "ReturnValue", "value", "manual"]
|
||||
- ["", "TemplateClass1", True, "templateFunction2<U,V>", "(U,V)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
||||
- ["", "TemplateClass2<T,U>", True, "function", "(U,T)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
||||
- ["", "", False, "read_field_from_struct", "", "", "Argument[*0].Field[MyNamespace::MyStructInNamespace::myField]", "ReturnValue", "value", "manual"]
|
||||
- ["", "", False, "read_field_from_struct_2", "", "", "Argument[*0].Field[MyGlobalStruct::myField]", "ReturnValue", "value", "manual"]
|
||||
- ["", "TemplateClass2<T,U>", True, "function", "(U,T)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
||||
@@ -19,5 +19,3 @@
|
||||
| test.cpp:149:10:149:10 | z | test-sink |
|
||||
| test.cpp:158:10:158:10 | z | test-sink |
|
||||
| test.cpp:173:10:173:10 | y | test-sink |
|
||||
| test.cpp:188:10:188:10 | x | test-sink |
|
||||
| test.cpp:201:10:201:10 | x | test-sink |
|
||||
|
||||
@@ -13,8 +13,6 @@
|
||||
| test.cpp:146:10:146:18 | call to ymlSource | local |
|
||||
| test.cpp:155:10:155:18 | call to ymlSource | local |
|
||||
| test.cpp:170:10:170:18 | call to ymlSource | local |
|
||||
| test.cpp:186:14:186:22 | call to ymlSource | local |
|
||||
| test.cpp:199:14:199:22 | call to ymlSource | local |
|
||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | local |
|
||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | local |
|
||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | local |
|
||||
|
||||
@@ -171,32 +171,4 @@ void test_class1() {
|
||||
Class1<int> c;
|
||||
auto y = c.templateFunction3<unsigned long>(0UL, x);
|
||||
ymlSink(y); // $ ir
|
||||
}
|
||||
|
||||
namespace MyNamespace {
|
||||
struct MyStructInNamespace {
|
||||
int myField;
|
||||
};
|
||||
}
|
||||
|
||||
int read_field_from_struct(MyNamespace::MyStructInNamespace* s);
|
||||
|
||||
void test_fully_qualified_field_test() {
|
||||
MyNamespace::MyStructInNamespace s;
|
||||
s.myField = ymlSource();
|
||||
int x = read_field_from_struct(&s);
|
||||
ymlSink(x); // $ ir
|
||||
}
|
||||
|
||||
struct MyGlobalStruct {
|
||||
int myField;
|
||||
};
|
||||
|
||||
int read_field_from_struct_2(MyGlobalStruct* s);
|
||||
|
||||
void test_fully_qualified_field_test_2() {
|
||||
MyGlobalStruct s;
|
||||
s.myField = ymlSource();
|
||||
int x = read_field_from_struct_2(&s);
|
||||
ymlSink(x); // $ ir
|
||||
}
|
||||
@@ -321,23 +321,23 @@ flowSummaryNode
|
||||
| tests.cpp:155:5:155:28 | [summary param] 2 in madAndImplementedComplex | ParameterNode | madAndImplementedComplex | madAndImplementedComplex |
|
||||
| tests.cpp:155:5:155:28 | [summary] to write: ReturnValue in madAndImplementedComplex | ReturnNode | madAndImplementedComplex | madAndImplementedComplex |
|
||||
| tests.cpp:160:5:160:24 | [summary param] 0 in madArg0FieldToReturn | ParameterNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||
| tests.cpp:160:5:160:24 | [summary] read: Argument[0].Field[MyContainer::value]/Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||
| tests.cpp:160:5:160:24 | [summary] read: Argument[0].Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||
| tests.cpp:160:5:160:24 | [summary] to write: ReturnValue in madArg0FieldToReturn | ReturnNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||
| tests.cpp:161:5:161:32 | [summary param] *0 in madArg0IndirectFieldToReturn | ParameterNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||
| tests.cpp:161:5:161:32 | [summary] read: Argument[*0].Field[MyContainer::value]/Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||
| tests.cpp:161:5:161:32 | [summary] read: Argument[*0].Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||
| tests.cpp:161:5:161:32 | [summary] to write: ReturnValue in madArg0IndirectFieldToReturn | ReturnNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||
| tests.cpp:162:5:162:32 | [summary param] 0 in madArg0FieldIndirectToReturn | ParameterNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||
| tests.cpp:162:5:162:32 | [summary] read: Argument[0].Field[*MyContainer::ptr]/Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||
| tests.cpp:162:5:162:32 | [summary] read: Argument[0].Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||
| tests.cpp:162:5:162:32 | [summary] to write: ReturnValue in madArg0FieldIndirectToReturn | ReturnNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||
| tests.cpp:163:13:163:32 | [summary param] 0 in madArg0ToReturnField | ParameterNode | madArg0ToReturnField | madArg0ToReturnField |
|
||||
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue in madArg0ToReturnField | ReturnNode | madArg0ToReturnField | madArg0ToReturnField |
|
||||
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue.Field[MyContainer::value]/Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
|
||||
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue.Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
|
||||
| tests.cpp:164:14:164:41 | [summary param] 0 in madArg0ToReturnIndirectField | ParameterNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirectField | ReturnNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*].Field[MyContainer::value]/Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*].Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||
| tests.cpp:165:13:165:40 | [summary param] 0 in madArg0ToReturnFieldIndirect | ParameterNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue in madArg0ToReturnFieldIndirect | ReturnNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue.Field[*MyContainer::ptr]/Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue.Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||
| tests.cpp:284:7:284:19 | [summary param] 0 in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
||||
| tests.cpp:284:7:284:19 | [summary param] this in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
||||
| tests.cpp:284:7:284:19 | [summary] to write: Argument[this] in madArg0ToSelf | PostUpdateNode | madArg0ToSelf | madArg0ToSelf |
|
||||
@@ -346,9 +346,9 @@ flowSummaryNode
|
||||
| tests.cpp:287:7:287:20 | [summary param] 0 in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
||||
| tests.cpp:287:7:287:20 | [summary param] this in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
||||
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this] in madArg0ToField | PostUpdateNode | madArg0ToField | madArg0ToField |
|
||||
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this].Field[MyClass::val]/Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
|
||||
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this].Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
|
||||
| tests.cpp:288:6:288:21 | [summary param] this in madFieldToReturn | ParameterNode | madFieldToReturn | madFieldToReturn |
|
||||
| tests.cpp:288:6:288:21 | [summary] read: Argument[this].Field[MyClass::val]/Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
|
||||
| tests.cpp:288:6:288:21 | [summary] read: Argument[this].Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
|
||||
| tests.cpp:288:6:288:21 | [summary] to write: ReturnValue in madFieldToReturn | ReturnNode | madFieldToReturn | madFieldToReturn |
|
||||
| tests.cpp:313:7:313:30 | [summary param] this in namespaceMadSelfToReturn | ParameterNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
||||
| tests.cpp:313:7:313:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn | ReturnNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
||||
@@ -362,7 +362,7 @@ flowSummaryNode
|
||||
| tests.cpp:435:9:435:38 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturnFirst | OutNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||
| tests.cpp:435:9:435:38 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | ArgumentNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue in madCallArg0ReturnToReturnFirst | ReturnNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue.Field[first]/Field[intPair::first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue.Field[first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||
| tests.cpp:436:6:436:25 | [summary param] 0 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||
| tests.cpp:436:6:436:25 | [summary param] 1 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||
| tests.cpp:436:6:436:25 | [summary] read: Argument[0].Parameter[0] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||
|
||||
@@ -11,10 +11,12 @@ edges
|
||||
| nested.cpp:86:19:86:46 | *call to __builtin_alloca | nested.cpp:87:18:87:20 | *fmt | provenance | |
|
||||
| test.cpp:46:27:46:30 | **argv | test.cpp:130:20:130:26 | *access to array | provenance | |
|
||||
| test.cpp:167:31:167:34 | *data | test.cpp:170:12:170:14 | *res | provenance | DataFlowFunction |
|
||||
| test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | provenance | MaD:403 |
|
||||
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
||||
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
||||
| test.cpp:193:32:193:34 | *str | test.cpp:197:11:197:14 | *wstr | provenance | TaintFunction |
|
||||
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | test.cpp:197:11:197:14 | *wstr | provenance | |
|
||||
| test.cpp:195:31:195:33 | *str | test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | provenance | |
|
||||
| test.cpp:195:31:195:33 | *str | test.cpp:195:20:195:23 | StringCchPrintfW output argument | provenance | MaD:403 |
|
||||
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:204:25:204:36 | *call to get_string | provenance | |
|
||||
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:205:12:205:20 | *... + ... | provenance | |
|
||||
@@ -58,6 +60,8 @@ nodes
|
||||
| test.cpp:130:20:130:26 | *access to array | semmle.label | *access to array |
|
||||
| test.cpp:167:31:167:34 | *data | semmle.label | *data |
|
||||
| test.cpp:170:12:170:14 | *res | semmle.label | *res |
|
||||
| test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | semmle.label | [summary param] *0 in StringCchPrintfW [Return] |
|
||||
| test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | semmle.label | [summary param] *2 in StringCchPrintfW |
|
||||
| test.cpp:193:32:193:34 | *str | semmle.label | *str |
|
||||
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | semmle.label | StringCchPrintfW output argument |
|
||||
| test.cpp:195:31:195:33 | *str | semmle.label | *str |
|
||||
@@ -93,6 +97,7 @@ nodes
|
||||
| test.cpp:245:25:245:36 | *call to get_string | semmle.label | *call to get_string |
|
||||
| test.cpp:247:12:247:16 | *hello | semmle.label | *hello |
|
||||
subpaths
|
||||
| test.cpp:195:31:195:33 | *str | test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | test.cpp:195:20:195:23 | StringCchPrintfW output argument |
|
||||
#select
|
||||
| NonConstantFormat.c:30:10:30:16 | *access to array | NonConstantFormat.c:28:27:28:30 | **argv | NonConstantFormat.c:30:10:30:16 | *access to array | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:30:3:30:8 | call to printf | printf |
|
||||
| NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:41:2:41:7 | call to printf | printf |
|
||||
|
||||
@@ -33,6 +33,7 @@ edges
|
||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:17:111:19 | *ptr | provenance | |
|
||||
| tests2.cpp:111:17:111:19 | *ptr | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
||||
| tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | provenance | MaD:4 |
|
||||
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:138:23:138:34 | *message_data | provenance | Sink:MaD:2 |
|
||||
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:143:34:143:45 | *message_data | provenance | |
|
||||
| tests2.cpp:134:17:134:22 | *call to getenv | tests2.cpp:134:2:134:30 | *... = ... | provenance | |
|
||||
@@ -40,6 +41,7 @@ edges
|
||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:147:20:147:27 | *& ... | provenance | Sink:MaD:1 |
|
||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:155:32:155:39 | *& ... | provenance | Sink:MaD:3 |
|
||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:158:20:158:27 | *& ... | provenance | Sink:MaD:1 |
|
||||
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | provenance | |
|
||||
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | provenance | MaD:4 |
|
||||
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:26:15:26:20 | *call to getenv | provenance | |
|
||||
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:39:19:39:22 | *path | provenance | |
|
||||
@@ -76,6 +78,8 @@ nodes
|
||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | semmle.label | *c1 [*ptr] |
|
||||
| tests2.cpp:111:14:111:19 | *ptr | semmle.label | *ptr |
|
||||
| tests2.cpp:111:17:111:19 | *ptr | semmle.label | *ptr |
|
||||
| tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | semmle.label | [summary param] *0 in zmq_msg_init_data [Return] |
|
||||
| tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | semmle.label | [summary param] *1 in zmq_msg_init_data |
|
||||
| tests2.cpp:134:2:134:30 | *... = ... | semmle.label | *... = ... |
|
||||
| tests2.cpp:134:17:134:22 | *call to getenv | semmle.label | *call to getenv |
|
||||
| tests2.cpp:138:23:138:34 | *message_data | semmle.label | *message_data |
|
||||
@@ -96,3 +100,4 @@ nodes
|
||||
| tests_sysconf.cpp:36:21:36:27 | confstr output argument | semmle.label | confstr output argument |
|
||||
| tests_sysconf.cpp:39:19:39:25 | *pathbuf | semmle.label | *pathbuf |
|
||||
subpaths
|
||||
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument |
|
||||
|
||||
@@ -88,12 +88,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
private IEnumerable<string> GetFeedsFromNugetConfig(string nugetConfigPath) =>
|
||||
GetFeeds(() => dotnet.GetNugetFeeds(nugetConfigPath));
|
||||
|
||||
public string FeedsToRestoreArgument(IEnumerable<string> feeds, string sourceArgumentPrefix)
|
||||
private string FeedsToRestoreArgument(IEnumerable<string> feeds)
|
||||
{
|
||||
// If there are no feeds, we want to override any default feeds that `restore` would use by passing a dummy source argument.
|
||||
// If there are no feeds, we want to override any default feeds that `dotnet restore` would use by passing a dummy source argument.
|
||||
if (!feeds.Any())
|
||||
{
|
||||
return $" {sourceArgumentPrefix} \"{emptyPackageDirectory.DirInfo.FullName}\"";
|
||||
return $" -s \"{emptyPackageDirectory.DirInfo.FullName}\"";
|
||||
}
|
||||
|
||||
// Add package sources. If any are present, they override all sources specified in
|
||||
@@ -101,7 +101,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
var feedArgs = new StringBuilder();
|
||||
foreach (var feed in feeds)
|
||||
{
|
||||
feedArgs.Append($" {sourceArgumentPrefix} \"{feed}\"");
|
||||
feedArgs.Append($" -s \"{feed}\"");
|
||||
}
|
||||
|
||||
return feedArgs.ToString();
|
||||
@@ -112,11 +112,17 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
/// (1) Use the feeds we get from `dotnet nuget list source`
|
||||
/// (2) Use private registries, if they are configured
|
||||
/// </summary>
|
||||
/// <param name="path">Path to project/solution/packages.config</param>
|
||||
/// <param name="path">Path to project/solution</param>
|
||||
/// <param name="reachableFeeds">The set of reachable NuGet feeds.</param>
|
||||
/// <returns>The list of NuGet feeds to use for this restore.</returns>
|
||||
public IEnumerable<string> FeedsToUse(string path, HashSet<string> reachableFeeds)
|
||||
/// <returns>A string representing the NuGet sources argument for the restore command.</returns>
|
||||
public string? MakeRestoreSourcesArgument(string path, HashSet<string> reachableFeeds)
|
||||
{
|
||||
// Do not construct a set of explicit NuGet sources to use for restore.
|
||||
if (!CheckNugetFeedResponsiveness && !HasPrivateRegistryFeeds)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
// Find the path specific feeds.
|
||||
var folder = GetDirectoryName(path);
|
||||
var feedsToConsider = folder is not null ? GetFeedsFromFolder(folder).ToHashSet() : new HashSet<string>();
|
||||
@@ -130,28 +136,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
? feedsToConsider.Where(reachableFeeds.Contains)
|
||||
: feedsToConsider;
|
||||
|
||||
return feedsToUse;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Constructs the list of NuGet sources to use for dotnet restore.
|
||||
/// (1) Use the feeds we get from `dotnet nuget list source`
|
||||
/// (2) Use private registries, if they are configured
|
||||
/// </summary>
|
||||
/// <param name="path">Path to project/solution</param>
|
||||
/// <param name="reachableFeeds">The set of reachable NuGet feeds.</param>
|
||||
/// <returns>A string representing the NuGet sources argument for the restore command.</returns>
|
||||
public string? MakeDotnetRestoreSourcesArgument(string path, HashSet<string> reachableFeeds)
|
||||
{
|
||||
// Do not construct a set of explicit NuGet sources to use for restore.
|
||||
if (!CheckNugetFeedResponsiveness && !HasPrivateRegistryFeeds)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
var feedsToUse = FeedsToUse(path, reachableFeeds);
|
||||
|
||||
return FeedsToRestoreArgument(feedsToUse, "-s");
|
||||
return FeedsToRestoreArgument(feedsToUse);
|
||||
}
|
||||
|
||||
private (int initialTimeout, int tryCount) GetFeedRequestSettings(bool isFallback)
|
||||
|
||||
@@ -110,55 +110,58 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
logger.LogInfo($"Checking NuGet feed responsiveness: {feedManager.CheckNugetFeedResponsiveness}");
|
||||
compilationInfoContainer.CompilationInfos.Add(("NuGet feed responsiveness checked", feedManager.CheckNugetFeedResponsiveness ? "1" : "0"));
|
||||
|
||||
HashSet<string> explicitFeeds = [];
|
||||
HashSet<string> reachableFeeds = [];
|
||||
|
||||
EmitNugetConfigDiagnostics();
|
||||
|
||||
// Find feeds that are configured in NuGet.config files and divide them into ones that
|
||||
// are explicitly configured for the project or by a private registry, and "all feeds"
|
||||
// (including inherited ones) from other locations on the host outside of the working directory.
|
||||
(var explicitFeeds, var allFeeds) = feedManager.GetAllFeeds();
|
||||
|
||||
if (feedManager.CheckNugetFeedResponsiveness)
|
||||
{
|
||||
var inheritedFeeds = allFeeds.Except(explicitFeeds).ToHashSet();
|
||||
|
||||
if (inheritedFeeds.Count > 0)
|
||||
{
|
||||
compilationInfoContainer.CompilationInfos.Add(("Inherited NuGet feed count", inheritedFeeds.Count.ToString()));
|
||||
}
|
||||
|
||||
var timeout = feedManager.CheckSpecifiedFeeds(explicitFeeds, out var reachableExplicitFeeds);
|
||||
reachableFeeds.UnionWith(reachableExplicitFeeds);
|
||||
|
||||
var allExplicitReachable = explicitFeeds.Count == reachableExplicitFeeds.Count;
|
||||
EmitUnreachableFeedsDiagnostics(allExplicitReachable);
|
||||
|
||||
if (timeout)
|
||||
{
|
||||
// If we experience a timeout, we use this fallback.
|
||||
// todo: we could also check the reachability of the inherited nuget feeds, but to use those in the fallback we would need to handle authentication too.
|
||||
var unresponsiveMissingPackageLocation = DownloadMissingPackagesFromSpecificFeeds([], explicitFeeds);
|
||||
return unresponsiveMissingPackageLocation is null
|
||||
? []
|
||||
: [unresponsiveMissingPackageLocation];
|
||||
}
|
||||
|
||||
// Inherited feeds should only be used, if they are indeed reachable (as they may be environment specific).
|
||||
feedManager.CheckSpecifiedFeeds(inheritedFeeds, out var reachableInheritedFeeds);
|
||||
reachableFeeds.UnionWith(reachableInheritedFeeds);
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
var packagesConfigRestore = PackagesConfigRestoreFactory.Create(fileProvider, legacyPackageDirectory, logger, feedManager, reachableFeeds);
|
||||
var count = packagesConfigRestore.InstallPackages();
|
||||
if (packagesConfigRestore.PackageCount > 0)
|
||||
EmitNugetConfigDiagnostics();
|
||||
|
||||
// Find feeds that are configured in NuGet.config files and divide them into ones that
|
||||
// are explicitly configured for the project or by a private registry, and "all feeds"
|
||||
// (including inherited ones) from other locations on the host outside of the working directory.
|
||||
(explicitFeeds, var allFeeds) = feedManager.GetAllFeeds();
|
||||
|
||||
if (feedManager.CheckNugetFeedResponsiveness)
|
||||
{
|
||||
compilationInfoContainer.CompilationInfos.Add(("packages.config files", packagesConfigRestore.PackageCount.ToString()));
|
||||
compilationInfoContainer.CompilationInfos.Add(("Successfully restored packages.config files", count.ToString()));
|
||||
var inheritedFeeds = allFeeds.Except(explicitFeeds).ToHashSet();
|
||||
|
||||
if (inheritedFeeds.Count > 0)
|
||||
{
|
||||
compilationInfoContainer.CompilationInfos.Add(("Inherited NuGet feed count", inheritedFeeds.Count.ToString()));
|
||||
}
|
||||
|
||||
var timeout = feedManager.CheckSpecifiedFeeds(explicitFeeds, out var reachableExplicitFeeds);
|
||||
reachableFeeds.UnionWith(reachableExplicitFeeds);
|
||||
|
||||
var allExplicitReachable = explicitFeeds.Count == reachableExplicitFeeds.Count;
|
||||
EmitUnreachableFeedsDiagnostics(allExplicitReachable);
|
||||
|
||||
if (timeout)
|
||||
{
|
||||
// If we experience a timeout, we use this fallback.
|
||||
// todo: we could also check the reachability of the inherited nuget feeds, but to use those in the fallback we would need to handle authentication too.
|
||||
var unresponsiveMissingPackageLocation = DownloadMissingPackagesFromSpecificFeeds([], explicitFeeds);
|
||||
return unresponsiveMissingPackageLocation is null
|
||||
? []
|
||||
: [unresponsiveMissingPackageLocation];
|
||||
}
|
||||
|
||||
// Inherited feeds should only be used, if they are indeed reachable (as they may be environment specific).
|
||||
feedManager.CheckSpecifiedFeeds(inheritedFeeds, out var reachableInheritedFeeds);
|
||||
reachableFeeds.UnionWith(reachableInheritedFeeds);
|
||||
}
|
||||
|
||||
using (var packagesConfigRestore = PackagesConfigRestoreFactory.Create(fileProvider, legacyPackageDirectory, logger, feedManager.IsDefaultFeedReachable))
|
||||
{
|
||||
var count = packagesConfigRestore.InstallPackages();
|
||||
|
||||
if (packagesConfigRestore.PackageCount > 0)
|
||||
{
|
||||
compilationInfoContainer.CompilationInfos.Add(("packages.config files", packagesConfigRestore.PackageCount.ToString()));
|
||||
compilationInfoContainer.CompilationInfos.Add(("Successfully restored packages.config files", count.ToString()));
|
||||
}
|
||||
}
|
||||
|
||||
var nugetPackageDlls = legacyPackageDirectory.DirInfo.GetFiles("*.dll", new EnumerationOptions { RecurseSubdirectories = true });
|
||||
var nugetPackageDllPaths = nugetPackageDlls.Select(f => f.FullName).ToHashSet();
|
||||
@@ -236,7 +239,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
var projects = fileProvider.Solutions.SelectMany(solution =>
|
||||
{
|
||||
logger.LogInfo($"Restoring solution {solution}...");
|
||||
var nugetSources = feedManager.MakeDotnetRestoreSourcesArgument(solution, reachableFeeds);
|
||||
var nugetSources = feedManager.MakeRestoreSourcesArgument(solution, reachableFeeds);
|
||||
var res = dotnet.Restore(new(solution, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
||||
if (res.Success)
|
||||
{
|
||||
@@ -285,7 +288,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
foreach (var project in projectGroup)
|
||||
{
|
||||
logger.LogInfo($"Restoring project {project}...");
|
||||
var nugetSources = feedManager.MakeDotnetRestoreSourcesArgument(project, reachableFeeds);
|
||||
var nugetSources = feedManager.MakeRestoreSourcesArgument(project, reachableFeeds);
|
||||
var res = dotnet.Restore(new(project, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
||||
assets.AddDependenciesRange(res.AssetsFilePaths);
|
||||
lock (sync)
|
||||
|
||||
@@ -7,7 +7,7 @@ using Semmle.Util;
|
||||
|
||||
namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
{
|
||||
internal interface IPackagesConfigRestore
|
||||
internal interface IPackagesConfigRestore : IDisposable
|
||||
{
|
||||
/// <summary>
|
||||
/// The number of packages.config files found in the source tree.
|
||||
@@ -33,11 +33,11 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
/// </summary>
|
||||
internal class PackagesConfigRestoreFactory
|
||||
{
|
||||
public static IPackagesConfigRestore Create(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, FeedManager feedManager, HashSet<string> reachableFeeds)
|
||||
public static IPackagesConfigRestore Create(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, Func<bool> useDefaultFeed)
|
||||
{
|
||||
if (SystemBuildActions.Instance.IsWindows() || SystemBuildActions.Instance.IsMonoInstalled())
|
||||
{
|
||||
return new NugetExeWrapper(fileProvider, packageDirectory, logger, feedManager, reachableFeeds);
|
||||
return new NugetExeWrapper(fileProvider, packageDirectory, logger, useDefaultFeed);
|
||||
}
|
||||
|
||||
return new NoOpPackagesConfig(fileProvider.PackagesConfigs, logger);
|
||||
@@ -55,6 +55,8 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
|
||||
public int PackageCount => fileProvider.PackagesConfigs.Count;
|
||||
|
||||
private readonly string? backupNugetConfig;
|
||||
private readonly string? nugetConfigPath;
|
||||
private readonly FileProvider fileProvider;
|
||||
|
||||
/// <summary>
|
||||
@@ -63,30 +65,57 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
/// so as to not trample the source tree.
|
||||
/// </summary>
|
||||
private readonly DependencyDirectory packageDirectory;
|
||||
private readonly FeedManager feedManager;
|
||||
private readonly HashSet<string> reachableFeeds;
|
||||
|
||||
private bool IsWindows => SystemBuildActions.Instance.IsWindows();
|
||||
|
||||
private bool? isDefaultFeedReachable;
|
||||
private bool IsDefaultFeedReachable =>
|
||||
isDefaultFeedReachable ??= feedManager.IsDefaultFeedReachable();
|
||||
|
||||
/// <summary>
|
||||
/// Create the package manager for a specified source tree.
|
||||
/// </summary>
|
||||
public NugetExeWrapper(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, FeedManager feedManager, HashSet<string> reachableFeeds)
|
||||
public NugetExeWrapper(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, Func<bool> useDefaultFeed)
|
||||
{
|
||||
this.fileProvider = fileProvider;
|
||||
this.packageDirectory = packageDirectory;
|
||||
this.logger = logger;
|
||||
this.feedManager = feedManager;
|
||||
this.reachableFeeds = reachableFeeds;
|
||||
|
||||
if (fileProvider.PackagesConfigs.Count > 0)
|
||||
{
|
||||
logger.LogInfo($"Found packages.config files, trying to use nuget.exe for package restore");
|
||||
nugetExe = ResolveNugetExe();
|
||||
if (!HasPackageSource() && useDefaultFeed())
|
||||
{
|
||||
// We only modify or add a top level nuget.config file
|
||||
nugetConfigPath = Path.Join(fileProvider.SourceDir.FullName, "nuget.config");
|
||||
try
|
||||
{
|
||||
if (File.Exists(nugetConfigPath))
|
||||
{
|
||||
var tempFolderPath = FileUtils.GetTemporaryWorkingDirectory(out _);
|
||||
|
||||
do
|
||||
{
|
||||
backupNugetConfig = Path.Join(tempFolderPath, Path.GetRandomFileName());
|
||||
}
|
||||
while (File.Exists(backupNugetConfig));
|
||||
File.Copy(nugetConfigPath, backupNugetConfig, true);
|
||||
}
|
||||
else
|
||||
{
|
||||
File.WriteAllText(nugetConfigPath,
|
||||
"""
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<configuration>
|
||||
<packageSources>
|
||||
</packageSources>
|
||||
</configuration>
|
||||
""");
|
||||
}
|
||||
AddDefaultPackageSource(nugetConfigPath);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
logger.LogError($"Failed to add default package source to {nugetConfigPath}: {e}");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -169,21 +198,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
{
|
||||
logger.LogInfo($"Restoring file \"{packagesConfig}\"...");
|
||||
|
||||
var sourcesArgument = "";
|
||||
var feedsToUse = feedManager.FeedsToUse(packagesConfig, reachableFeeds).ToList();
|
||||
var useDefaultFeed = feedsToUse.Count == 0 && IsDefaultFeedReachable;
|
||||
|
||||
// Explicitly construct the sources to be used for the restore command when checking feed
|
||||
// responsiveness, using private registries, or falling back to nuget.org.
|
||||
if (feedManager.CheckNugetFeedResponsiveness || feedManager.HasPrivateRegistryFeeds || useDefaultFeed)
|
||||
{
|
||||
if (useDefaultFeed)
|
||||
{
|
||||
feedsToUse.Add(FeedManager.PublicNugetOrgFeed);
|
||||
}
|
||||
sourcesArgument = feedManager.FeedsToRestoreArgument(feedsToUse, "-Source");
|
||||
}
|
||||
|
||||
/* Use nuget.exe to install a package.
|
||||
* Note that there is a clutch of NuGet assemblies which could be used to
|
||||
* invoke this directly, which would arguably be nicer. However they are
|
||||
@@ -194,12 +208,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
if (RunWithMono)
|
||||
{
|
||||
exe = "mono";
|
||||
args = $"\"{nugetExe}\" install -OutputDirectory \"{packageDirectory}\" {sourcesArgument} \"{packagesConfig}\"";
|
||||
args = $"\"{nugetExe}\" install -OutputDirectory \"{packageDirectory}\" \"{packagesConfig}\"";
|
||||
}
|
||||
else
|
||||
{
|
||||
exe = nugetExe!;
|
||||
args = $"install -OutputDirectory \"{packageDirectory}\" {sourcesArgument} \"{packagesConfig}\"";
|
||||
args = $"install -OutputDirectory \"{packageDirectory}\" \"{packagesConfig}\"";
|
||||
}
|
||||
|
||||
var pi = new ProcessStartInfo(exe, args)
|
||||
@@ -232,6 +246,98 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
{
|
||||
return fileProvider.PackagesConfigs.Count(TryRestoreNugetPackage);
|
||||
}
|
||||
|
||||
private bool HasPackageSource()
|
||||
{
|
||||
if (IsWindows)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
logger.LogInfo("Checking if default package source is available...");
|
||||
RunMonoNugetCommand("sources list -ForceEnglishOutput", out var stdout);
|
||||
if (stdout.All(line => line != "No sources found."))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
logger.LogWarning($"Failed to check if default package source is added: {e}");
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
private void RunMonoNugetCommand(string command, out IList<string> stdout)
|
||||
{
|
||||
string exe, args;
|
||||
if (RunWithMono)
|
||||
{
|
||||
exe = "mono";
|
||||
args = $"\"{nugetExe}\" {command}";
|
||||
}
|
||||
else
|
||||
{
|
||||
exe = nugetExe!;
|
||||
args = command;
|
||||
}
|
||||
|
||||
var pi = new ProcessStartInfo(exe, args)
|
||||
{
|
||||
RedirectStandardOutput = true,
|
||||
RedirectStandardError = true,
|
||||
UseShellExecute = false
|
||||
};
|
||||
|
||||
var threadId = Environment.CurrentManagedThreadId;
|
||||
void onOut(string s) => logger.LogDebug(s, threadId);
|
||||
void onError(string s) => logger.LogError(s, threadId);
|
||||
pi.ReadOutput(out stdout, onOut, onError);
|
||||
}
|
||||
|
||||
private void AddDefaultPackageSource(string nugetConfig)
|
||||
{
|
||||
logger.LogInfo("Adding default package source...");
|
||||
RunMonoNugetCommand($"sources add -Name DefaultNugetOrg -Source {FeedManager.PublicNugetOrgFeed} -ConfigFile \"{nugetConfig}\"", out _);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
if (nugetConfigPath is null)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (backupNugetConfig is null)
|
||||
{
|
||||
logger.LogInfo("Removing nuget.config file");
|
||||
File.Delete(nugetConfigPath);
|
||||
return;
|
||||
}
|
||||
|
||||
logger.LogInfo("Reverting nuget.config file content");
|
||||
// The content of the original nuget.config file is reverted without changing the file's attributes or casing:
|
||||
using (var backup = File.OpenRead(backupNugetConfig))
|
||||
using (var current = File.OpenWrite(nugetConfigPath))
|
||||
{
|
||||
current.SetLength(0); // Truncate file
|
||||
backup.CopyTo(current); // Restore original content
|
||||
}
|
||||
|
||||
logger.LogInfo("Deleting backup nuget.config file");
|
||||
File.Delete(backupNugetConfig);
|
||||
}
|
||||
catch (Exception exc)
|
||||
{
|
||||
logger.LogError($"Failed to restore original nuget.config file: {exc}");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private class NoOpPackagesConfig : IPackagesConfigRestore
|
||||
@@ -255,6 +361,8 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
public void Dispose() { }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Simplified and streamlined the use of NuGet sources when downloading dependencies via `[mono] nuget.exe` in `build-mode: none`: NuGet sources are now supplied via the `-Source` flag instead of moving or creating `nuget.config` files in the checked-out repository, private registries are used if configured, and only reachable feeds are used when NuGet feed checking is enabled (the default).
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved models for the `log/slog` package (Go 1.21+), including `*slog.Logger` methods, `With`/`WithGroup`, and `Attr`/`Value` helpers, improving coverage for the `go/log-injection` and `go/clear-text-logging` queries.
|
||||
@@ -27,27 +27,3 @@ extensions:
|
||||
- ["log/slog", "Logger", True, "ErrorContext", "", "", "Argument[1..2]", "log-injection", "manual"]
|
||||
- ["log/slog", "Logger", True, "Log", "", "", "Argument[2..3]", "log-injection", "manual"]
|
||||
- ["log/slog", "Logger", True, "LogAttrs", "", "", "Argument[2..3]", "log-injection", "manual"]
|
||||
# With/WithGroup add attributes that are included in every subsequent log call.
|
||||
- ["log/slog", "", False, "With", "", "", "Argument[0]", "log-injection", "manual"]
|
||||
- ["log/slog", "Logger", True, "With", "", "", "Argument[0]", "log-injection", "manual"]
|
||||
- ["log/slog", "Logger", True, "WithGroup", "", "", "Argument[0]", "log-injection", "manual"]
|
||||
- addsTo:
|
||||
pack: codeql/go-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
# Constructors for Attr that can carry a tainted string into the result.
|
||||
- ["log/slog", "", False, "Any", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "Group", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "Group", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "GroupAttrs", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "GroupAttrs", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "String", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"]
|
||||
# Constructors for Value that can carry a tainted string into the result.
|
||||
- ["log/slog", "", False, "AnyValue", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "GroupValue", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "", False, "StringValue", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
# Methods that read a string back out of an Attr or Value.
|
||||
- ["log/slog", "Attr", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "Value", True, "Any", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
||||
- ["log/slog", "Value", True, "Group", "", "", "Argument[receiver]", "ReturnValue.ArrayElement", "taint", "manual"]
|
||||
- ["log/slog", "Value", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
||||
|
||||
@@ -37,9 +37,4 @@ func slogTest() {
|
||||
slog.InfoContext(ctx, text, key, v) // $ logger=text logger=key logger=v
|
||||
slog.Log(ctx, slog.LevelInfo, text, key, v) // $ logger=text logger=key logger=v
|
||||
slog.LogAttrs(ctx, slog.LevelInfo, text, attr) // $ logger=text logger=attr
|
||||
|
||||
// With/WithGroup add attributes that are included in every subsequent log call.
|
||||
logger.With(key, v) // $ logger=key logger=v
|
||||
logger.WithGroup(text) // $ logger=text
|
||||
slog.With(key, v) // $ logger=key logger=v
|
||||
}
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
reverseRead
|
||||
| test.go:114:21:114:33 | call to Group | Origin of readStep is missing a PostUpdateNode. |
|
||||
@@ -1,2 +0,0 @@
|
||||
invalidModelRow
|
||||
testFailures
|
||||
@@ -1,14 +0,0 @@
|
||||
import go
|
||||
import semmle.go.dataflow.ExternalFlow
|
||||
import ModelValidation
|
||||
import utils.test.InlineFlowTest
|
||||
|
||||
module Config implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.(DataFlow::CallNode).getTarget().getName() = ["getUntrustedData", "getUntrustedString"]
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink = any(LoggerCall log).getAMessageComponent() }
|
||||
}
|
||||
|
||||
import FlowTest<Config, Config>
|
||||
@@ -1,3 +0,0 @@
|
||||
module codeql-go-tests/frameworks/slog
|
||||
|
||||
go 1.26
|
||||
@@ -1,115 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"log/slog"
|
||||
)
|
||||
|
||||
func main() {}
|
||||
|
||||
func getUntrustedData() interface{} { return nil }
|
||||
|
||||
func getUntrustedString() string {
|
||||
return "tainted string"
|
||||
}
|
||||
|
||||
// Package-level convenience functions.
|
||||
|
||||
func testSlogDebug() {
|
||||
slog.Debug(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.Debug("msg", "key", getUntrustedData()) // $ hasValueFlow="call to getUntrustedData"
|
||||
slog.Debug("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
func testSlogInfo() {
|
||||
slog.Info(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.Info("msg", slog.Any("key", getUntrustedData())) // $ hasTaintFlow="call to Any"
|
||||
slog.Info("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
func testSlogWarn() {
|
||||
slog.Warn(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.Warn("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
func testSlogError() {
|
||||
slog.Error(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.Error("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
func testSlogContextVariants(ctx context.Context) {
|
||||
slog.DebugContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.InfoContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.WarnContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.ErrorContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.InfoContext(ctx, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
func testSlogLog(ctx context.Context) {
|
||||
slog.Log(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.Log(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
slog.LogAttrs(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
slog.LogAttrs(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
// Methods on *slog.Logger.
|
||||
|
||||
func testLoggerMethods(logger *slog.Logger, ctx context.Context) {
|
||||
logger.Debug(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.Info(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.Warn(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.Error(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.Info("msg", slog.Any("key", getUntrustedData())) // $ hasTaintFlow="call to Any"
|
||||
logger.InfoContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.Log(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
logger.LogAttrs(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
}
|
||||
|
||||
// With, Logger.With and Logger.WithGroup. Note that for ease of modeling we make these functions
|
||||
// sinks, although strictly speaking we should consider logging functions called on the returned
|
||||
// loggers as the sinks.
|
||||
|
||||
func testWith(logger *slog.Logger) {
|
||||
logger1 := logger.With(slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
logger1.Info("hello world")
|
||||
logger2 := logger.With(slog.Any(getUntrustedString(), nil)) // $ hasTaintFlow="call to Any"
|
||||
logger2.Info("hello world")
|
||||
logger.With("key", getUntrustedData()).Info("hello world") // $ hasValueFlow="call to getUntrustedData"
|
||||
}
|
||||
|
||||
func testPackageWith() {
|
||||
logger := slog.With(slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
||||
logger.Info("hello world")
|
||||
slog.With("key", getUntrustedData()).Info("hello world") // $ hasValueFlow="call to getUntrustedData"
|
||||
}
|
||||
|
||||
func testWithGroup(logger *slog.Logger) {
|
||||
grouped := logger.WithGroup(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
||||
grouped.Info("hello world")
|
||||
}
|
||||
|
||||
// Summary models: functions relating to Attr/Value that propagate strings.
|
||||
|
||||
func testAttrConstructors(logger *slog.Logger) {
|
||||
logger.Info("msg", slog.Group("group", slog.String("key", getUntrustedString()))) // $ hasTaintFlow="call to Group"
|
||||
logger.Info("msg", slog.GroupAttrs("group", slog.String("key", getUntrustedString()))) // $ hasTaintFlow="call to GroupAttrs"
|
||||
}
|
||||
|
||||
func testValueConstructors(logger *slog.Logger) {
|
||||
logger.Info("msg", "key", slog.AnyValue(getUntrustedString())) // $ hasTaintFlow="call to AnyValue"
|
||||
logger.Info("msg", "key", slog.StringValue(getUntrustedString())) // $ hasTaintFlow="call to StringValue"
|
||||
attr := slog.String("key", getUntrustedString())
|
||||
logger.Info("msg", "key", slog.GroupValue(attr)) // $ hasTaintFlow="call to GroupValue"
|
||||
}
|
||||
|
||||
func testAttrAndValueAccessors(logger *slog.Logger) {
|
||||
attr := slog.String("key", getUntrustedString())
|
||||
logger.Info("msg", "key", attr.String()) // $ hasTaintFlow="call to String"
|
||||
|
||||
v := slog.AnyValue(getUntrustedString())
|
||||
logger.Info("msg", "key", v.Any()) // $ hasTaintFlow="call to Any"
|
||||
logger.Info("msg", "key", v.String()) // $ hasTaintFlow="call to String"
|
||||
|
||||
group := slog.GroupValue(slog.String("key", getUntrustedString()))
|
||||
logger.Info("msg", group.Group()[0]) // $ hasTaintFlow="index expression"
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.data", "Json$ObjectReader", True, "read", "(Object,Decoder)", "", "Argument[1]", "ReturnValue", "taint", "ai-generated"]
|
||||
- ["org.apache.avro.data", "Json$ObjectReader", True, "setSchema", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimeMicrosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimeMicrosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimeMillisConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimeMillisConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampMicrosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampMicrosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampMillisConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampMillisConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampNanosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.data", "TimeConversions$TimestampNanosConversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
@@ -1,10 +1,11 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro.git#68da8fb99da5c482f17853e01e79f714e3717b42 by codeql-mads-via-llm
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: sinkModel
|
||||
data:
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(File,DatumReader)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(File,DatumReader)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "appendTo", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[1]", "path-injection", "ai-generated"]
|
||||
@@ -17,13 +18,75 @@ extensions:
|
||||
pack: codeql/java-all
|
||||
extensible: sourceModel
|
||||
data:
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "getMeta", "(String)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "getMetaString", "(String)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "next", "()", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getMeta", "(String)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getMetaString", "(String)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "next", "()", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "nextBlock", "()", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "FileReader", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(File,DatumReader)", "", "Argument[this]", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(File,DatumReader)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro.file", "SeekableFileInput", True, "SeekableFileInput", "(File)", "", "Argument[this]", "file", "ai-generated"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.file", "Codec", True, "compress", "(ByteBuffer)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "Codec", True, "decompress", "(ByteBuffer)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(File,DatumReader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(SeekableInput,DatumReader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(SeekableInput,DatumReader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(File,DatumReader)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(File,DatumReader)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(SeekableInput,DatumReader)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(SeekableInput,DatumReader)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(SeekableInput,DatumReader,DataFileStream$Header,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(SeekableInput,DatumReader,DataFileStream$Header,boolean)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader", True, "openReader", "(SeekableInput,DatumReader,DataFileStream$Header,boolean)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "DataFileReader12", "(SeekableInput,DatumReader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "DataFileReader12", "(SeekableInput,DatumReader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "DataFileReader12", "(SeekableInput,DatumReader)", "", "Argument[this]", "Argument[1]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "getMeta", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "getMetaString", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "getSchema", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "next", "(Object)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "next", "(Object)", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileReader12", True, "next", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "DataFileStream", "(InputStream,DatumReader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "DataFileStream", "(InputStream,DatumReader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getHeader", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getMeta", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getMetaKeys", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getMetaString", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "getSchema", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "next", "(Object)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "next", "(Object)", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "next", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileStream", True, "nextBlock", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "DataFileWriter", "(DatumWriter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "append", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "appendAllFrom", "(DataFileStream,boolean)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "appendEncoded", "(ByteBuffer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "appendTo", "(File)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "appendTo", "(SeekableInput,OutputStream)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream,byte[])", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream,byte[])", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream,byte[])", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,OutputStream,byte[])", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setCodec", "(CodecFactory)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setEncoder", "(Function)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setMeta", "(String,String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setMeta", "(String,byte[])", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setMeta", "(String,long)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter", True, "setSyncInterval", "(int)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "DataFileWriter$AppendWriteException", True, "AppendWriteException", "(Exception)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "SeekableByteArrayInput", True, "SeekableByteArrayInput", "(byte[])", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(File)", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(File,boolean)", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(FileDescriptor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(String)", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(String,boolean)", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
|
||||
@@ -0,0 +1,97 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.generic", "GenericData", True, "GenericData", "(ClassLoader)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData.classLoader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "addLogicalTypeConversion", "(Conversion)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumReader", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumReader", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumReader", "(Schema,Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumReader", "(Schema,Schema)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumReader", "(Schema,Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumWriter", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createDatumWriter", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createEnum", "(String,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$EnumSymbol.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createFixed", "(Object,Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createFixed", "(Object,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createFixed", "(Object,byte[],Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "createString", "(Object)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "deepCopy", "(Schema,Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "deepCopy", "(Schema,Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getClassLoader", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData.classLoader]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getConversionByClass", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getConversionByClass", "(Class,LogicalType)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getConversionFor", "(LogicalType)", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getConversions", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getDefaultValue", "(Schema$Field)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getFastReaderBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "getField", "(Object,String,int)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "induce", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "induce", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "newArray", "(Object,int,Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "newMap", "(Object,int)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "newRecord", "(Object,Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "newRecord", "(Object,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "setFastReaderEnabled", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "setField", "(Object,String,int,Object)", "", "Argument[3]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData", True, "toString", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$AbstractArray", True, "AbstractArray", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$AbstractArray.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$AbstractArray", True, "getSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$AbstractArray.schema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Array", True, "Array", "(Schema,Collection)", "", "Argument[1].Element", "Argument[this].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Array", True, "Array", "(int,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Array", True, "peek", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$EnumSymbol", True, "EnumSymbol", "(Schema,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$EnumSymbol.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$EnumSymbol", True, "EnumSymbol", "(Schema,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$EnumSymbol.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$EnumSymbol", True, "getSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$EnumSymbol.schema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "Fixed", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "Fixed", "(Schema,byte[])", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "Fixed", "(Schema,byte[])", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.bytes]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "bytes", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.bytes]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "bytes", "(byte[])", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.bytes]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Fixed", True, "getSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$InstanceSupplier", True, "newInstance", "(Object,Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "Record", "(GenericData$Record,boolean)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "Record", "(GenericData$Record,boolean)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.values]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "Record", "(GenericData$Record,boolean)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "Record", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "get", "(String)", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "get", "(int)", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "getSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "put", "(String,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericData$Record", True, "put", "(int,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema,Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema,Schema)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema,Schema,GenericData)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema,Schema,GenericData)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "GenericDatumReader", "(Schema,Schema,GenericData)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.data]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "getData", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.data]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "getExpected", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "getSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.actual]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "read", "(Object,Decoder)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "read", "(Object,Decoder)", "", "Argument[1]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "read", "(Object,Decoder)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "read", "(Object,Decoder)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "setExpected", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "setSchema", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumReader", True, "setSchema", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.expected]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumWriter", True, "GenericDatumWriter", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumWriter", True, "GenericDatumWriter", "(Schema,GenericData)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumWriter.data]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumWriter", True, "getData", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumWriter.data]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumWriter", True, "setSchema", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericDatumWriter", True, "write", "(Object,Encoder)", "", "Argument[0]", "Argument[1]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "GenericRecordBuilder", "(GenericData$Record)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "Argument[this].SyntheticField[org.apache.avro.data.RecordBuilderBase.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "GenericRecordBuilder", "(GenericRecordBuilder)", "", "Argument[0].SyntheticField[org.apache.avro.data.RecordBuilderBase.schema]", "Argument[this].SyntheticField[org.apache.avro.data.RecordBuilderBase.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "GenericRecordBuilder", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.data.RecordBuilderBase.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "build", "()", "", "Argument[this].SyntheticField[org.apache.avro.data.RecordBuilderBase.schema]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "clear", "(Schema$Field)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "clear", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "get", "(Schema$Field)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "get", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "set", "(Schema$Field,Object)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "GenericRecordBuilder", True, "set", "(String,Object)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.generic", "PrimitivesArrays", True, "createOptimizedArray", "(int,Schema,Schema$Type)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
@@ -0,0 +1,64 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.io", "BinaryDecoder", True, "inputStream", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "BlockingDirectBinaryEncoder", True, "BlockingDirectBinaryEncoder", "(OutputStream)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Decoder", True, "readBytes", "(ByteBuffer)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "Decoder", True, "readFixed", "(byte[])", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Decoder", True, "readFixed", "(byte[],int,int)", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Decoder", True, "readString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Decoder", True, "readString", "(Utf8)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "binaryDecoder", "(InputStream,BinaryDecoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "binaryDecoder", "(byte[],BinaryDecoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "binaryDecoder", "(byte[],int,int,BinaryDecoder)", "", "Argument[3]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "configureDecoderBufferSize", "(int)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "createBinaryDecoder", "(InputStream,BinaryDecoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "createBinaryDecoder", "(byte[],BinaryDecoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "createBinaryDecoder", "(byte[],int,int,BinaryDecoder)", "", "Argument[3]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "directBinaryDecoder", "(InputStream,BinaryDecoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "jsonDecoder", "(Schema,InputStream)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "jsonDecoder", "(Schema,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "resolvingDecoder", "(Schema,Schema,Decoder)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "DecoderFactory", True, "validatingDecoder", "(Schema,Decoder)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeBytes", "(ByteBuffer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeBytes", "(byte[])", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeBytes", "(byte[],int,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeFixed", "(ByteBuffer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeFixed", "(byte[])", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeFixed", "(byte[],int,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeString", "(CharSequence)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeString", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "Encoder", True, "writeString", "(Utf8)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "binaryEncoder", "(OutputStream,BinaryEncoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "blockingBinaryEncoder", "(OutputStream,BinaryEncoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "blockingDirectBinaryEncoder", "(OutputStream,BinaryEncoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "configureBlockSize", "(int)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "configureBufferSize", "(int)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "directBinaryEncoder", "(OutputStream,BinaryEncoder)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "EncoderFactory", True, "validatingEncoder", "(Schema,Encoder)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "FastReaderBuilder", "(GenericData)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "createDatumReader", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "createDatumReader", "(Schema,Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "reusingReader", "(FastReaderBuilder$ReusingFieldReader)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "withClassPropEnabled", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder", True, "withKeyClassEnabled", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$ExecutionStep", True, "execute", "(Object,Decoder)", "", "Argument[1]", "Argument[0]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$FieldReader", True, "read", "(Object,Decoder)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$MapReader", True, "MapReader", "(FastReaderBuilder$FieldReader,FastReaderBuilder$FieldReader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$MapReader", True, "MapReader", "(FastReaderBuilder$FieldReader,FastReaderBuilder$FieldReader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$RecordReader", True, "finishInitialization", "(FastReaderBuilder$ExecutionStep[],Schema,GenericData$InstanceSupplier)", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$RecordReader", True, "finishInitialization", "(FastReaderBuilder$ExecutionStep[],Schema,GenericData$InstanceSupplier)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "FastReaderBuilder$RecordReader", True, "finishInitialization", "(FastReaderBuilder$ExecutionStep[],Schema,GenericData$InstanceSupplier)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io", "JsonDecoder", True, "configure", "(InputStream)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "JsonDecoder", True, "configure", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "JsonEncoder", True, "configure", "(OutputStream)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "JsonEncoder", True, "configure", "(OutputStream,boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "ResolvingDecoder", True, "doAction", "(Symbol,Symbol)", "", "Argument[1].Field[org.apache.avro.io.parsing.Symbol$DefaultStartAction.contents]", "Argument[this].SyntheticField[org.apache.avro.io.ValidatingDecoder.in].SyntheticField[org.apache.avro.io.BinaryDecoder.buf]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "ResolvingDecoder", True, "doAction", "(Symbol,Symbol)", "", "Argument[1].Field[org.apache.avro.io.parsing.Symbol$ResolvingAction.writer]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "ResolvingDecoder", True, "readString", "()", "", "Argument[this].SyntheticField[org.apache.avro.io.ValidatingDecoder.in].SyntheticField[org.apache.avro.io.BinaryDecoder.buf]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "ValidatingDecoder", True, "configure", "(Decoder)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io", "ValidatingEncoder", True, "configure", "(Encoder)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
@@ -0,0 +1,53 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.io.parsing", "JsonGrammarGenerator", True, "generate", "(Schema,Map)", "", "Argument[0]", "Argument[1].MapKey.Field[org.apache.avro.io.parsing.ValidatingGrammarGenerator$LitS.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "Parser", "(Symbol,Parser$ActionHandler)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "advance", "(Symbol)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "advance", "(Symbol)", "", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "popSymbol", "()", "", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "pushProduction", "(Symbol)", "", "Argument[0].Field[org.apache.avro.io.parsing.Symbol.production]", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "pushSymbol", "(Symbol)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser", True, "topSymbol", "()", "", "Argument[this].SyntheticField[org.apache.avro.io.parsing.Parser.stack].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Parser$ActionHandler", True, "doAction", "(Symbol,Symbol)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "SkipParser", True, "SkipParser", "(Symbol,Parser$ActionHandler,SkipParser$SkipHandler)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io.parsing", "SkipParser", True, "SkipParser", "(Symbol,Parser$ActionHandler,SkipParser$SkipHandler)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io.parsing", "SkipParser", True, "SkipParser", "(Symbol,Parser$ActionHandler,SkipParser$SkipHandler)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io.parsing", "SkipParser", True, "skipSymbol", "(Symbol)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "defaultStartAction", "(byte[])", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$DefaultStartAction.contents]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "enumAdjustAction", "(int,Object[])", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$EnumAdjustAction.adjustments]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "enumLabelsAction", "(List)", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$EnumLabelsAction.symbols]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "fieldAdjustAction", "(int,String,Set)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$FieldAdjustAction.fname]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "fieldAdjustAction", "(int,String,Set)", "", "Argument[2]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$FieldAdjustAction.aliases]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "fieldOrderAction", "(Schema$Field[])", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$FieldOrderAction.fields]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "flatten", "(Map,Map)", "", "Argument[0].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "flatten", "(Map,Map)", "", "Argument[this]", "Argument[0].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "flatten", "(Map,Map)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "skipAction", "(Symbol)", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$SkipAction.symToSkip]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol", True, "unionAdjustAction", "(int,Symbol)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$UnionAdjustAction.symToParse]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "flatten", "(Map,Map)", "", "Argument[0].MapValue", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$Alternative.symbols].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Alternative.labels]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$Alternative.labels]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Alternative.symbols].ArrayElement", "Argument[0].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Alternative.symbols].ArrayElement", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$Alternative.symbols].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "getLabel", "(int)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Alternative.labels].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Alternative", True, "getSymbol", "(int)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Alternative.symbols].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$DefaultStartAction", True, "DefaultStartAction", "(byte[])", "", "Argument[0]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$DefaultStartAction.contents]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$EnumAdjustAction", True, "EnumAdjustAction", "(int,Object[])", "", "Argument[1]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$EnumAdjustAction.adjustments]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$EnumLabelsAction", True, "EnumLabelsAction", "(List)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$EnumLabelsAction.symbols]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$EnumLabelsAction", True, "getLabel", "(int)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$EnumLabelsAction.symbols].Element", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$FieldAdjustAction", True, "FieldAdjustAction", "(int,String,Set)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$FieldAdjustAction.fname]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$FieldAdjustAction", True, "FieldAdjustAction", "(int,String,Set)", "", "Argument[2]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$FieldAdjustAction.aliases]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$FieldOrderAction", False, "FieldOrderAction", "(Schema$Field[])", "", "Argument[0]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$FieldOrderAction.fields]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Repeater", True, "flatten", "(Map,Map)", "", "Argument[0].MapValue", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol.production].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Repeater", True, "flatten", "(Map,Map)", "", "Argument[0].MapValue.Field[org.apache.avro.io.parsing.Symbol.production]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol.production]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Repeater", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$Repeater.end]", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol$Repeater.end]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Repeater", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol.production].ArrayElement", "Argument[0].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$Repeater", True, "flatten", "(Map,Map)", "", "Argument[this].Field[org.apache.avro.io.parsing.Symbol.production].ArrayElement", "ReturnValue.Field[org.apache.avro.io.parsing.Symbol.production].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$SkipAction", True, "SkipAction", "(Symbol)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$SkipAction.symToSkip]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "Symbol$UnionAdjustAction", True, "UnionAdjustAction", "(int,Symbol)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.io.parsing.Symbol$UnionAdjustAction.symToParse]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "ValidatingGrammarGenerator", True, "generate", "(Schema,Map)", "", "Argument[0]", "Argument[1].MapKey.Field[org.apache.avro.io.parsing.ValidatingGrammarGenerator$LitS.actual]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.io.parsing", "ValidatingGrammarGenerator", True, "generate", "(Schema,Map)", "", "Argument[1].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
@@ -0,0 +1,38 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.message", "BadHeaderException", True, "BadHeaderException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "BinaryMessageDecoder", "(GenericData,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "BinaryMessageDecoder", "(GenericData,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "BinaryMessageDecoder", "(GenericData,Schema,SchemaStore)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "BinaryMessageDecoder", "(GenericData,Schema,SchemaStore)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "BinaryMessageDecoder", "(GenericData,Schema,SchemaStore)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageEncoder", True, "encode", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "BinaryMessageEncoder", True, "encode", "(Object,OutputStream)", "", "Argument[this]", "Argument[1]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(ByteBuffer)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(ByteBuffer,Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(ByteBuffer,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(InputStream)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(byte[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(byte[],Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(byte[],Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "MissingSchemaException", True, "MissingSchemaException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "RawMessageDecoder", "(GenericData,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "RawMessageDecoder", "(GenericData,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "RawMessageDecoder", "(GenericData,Schema,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "RawMessageDecoder", "(GenericData,Schema,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "RawMessageDecoder", "(GenericData,Schema,Schema)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageEncoder", True, "RawMessageEncoder", "(GenericData,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageEncoder", True, "RawMessageEncoder", "(GenericData,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageEncoder", True, "RawMessageEncoder", "(GenericData,Schema,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageEncoder", True, "RawMessageEncoder", "(GenericData,Schema,boolean)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "RawMessageEncoder", True, "encode", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.message", "SchemaStore$Cache", True, "addSchema", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.message.SchemaStore$Cache.schemas].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.message", "SchemaStore$Cache", True, "findByFingerprint", "(long)", "", "Argument[this].SyntheticField[org.apache.avro.message.SchemaStore$Cache.schemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
@@ -1,5 +1,5 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro.git#68da8fb99da5c482f17853e01e79f714e3717b42 by codeql-mads-via-llm
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
@@ -12,18 +12,419 @@ extensions:
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(Path)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(URI,Charset)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(URI,Charset)", "", "Argument[0]", "request-forgery", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parseSingle", "(Path)", "", "Argument[0]", "path-injection", "ai-generated"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: sourceModel
|
||||
data:
|
||||
- ["org.apache.avro", "Protocol", True, "main", "(String[])", "", "Parameter[0]", "commandargs", "ai-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(File,Charset)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(Path)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(Path,Charset)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parse", "(URI,Charset)", "", "ReturnValue", "remote", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "parseSingle", "(Path)", "", "ReturnValue", "file", "ai-generated"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro", "AvroMissingFieldException", True, "AvroMissingFieldException", "(String,Schema$Field)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroMissingFieldException", True, "AvroMissingFieldException", "(String,Schema$Field)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroMissingFieldException", True, "addParentField", "(Schema$Field)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroRemoteException", True, "AvroRemoteException", "(Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.AvroRemoteException.value]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "AvroRemoteException", True, "AvroRemoteException", "(Object,Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.AvroRemoteException.value]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "AvroRemoteException", True, "AvroRemoteException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroRemoteException", True, "getValue", "()", "", "Argument[this].SyntheticField[org.apache.avro.AvroRemoteException.value]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "AvroRuntimeException", True, "AvroRuntimeException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroRuntimeException", True, "AvroRuntimeException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroRuntimeException", True, "AvroRuntimeException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroRuntimeException", True, "AvroRuntimeException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroTypeException", True, "AvroTypeException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroTypeException", True, "AvroTypeException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "AvroTypeException", True, "AvroTypeException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Conversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversion", True, "adjustAndSetValue", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversions", True, "convertToLogicalType", "(Object,Schema,LogicalType,Conversion)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversions", True, "convertToRawType", "(Object,Schema,LogicalType,Conversion)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversions$DecimalConversion", True, "toFixed", "(BigDecimal,Schema,LogicalType)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversions$DurationConversion", True, "toFixed", "(TimePeriod,Schema,LogicalType)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Conversions$UUIDConversion", True, "toFixed", "(UUID,Schema,LogicalType)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "FormattedSchemaParser", True, "parse", "(ParseContext,URI,CharSequence)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "InvalidAvroMagicException", True, "InvalidAvroMagicException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "InvalidNumberEncodingException", True, "InvalidNumberEncodingException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "addAllProps", "(JsonProperties)", "", "Argument[0].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "addAllProps", "(JsonProperties)", "", "Argument[0].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "addProp", "(String,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "addProp", "(String,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "addProp", "(String,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "getObjectProp", "(String,Object)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "getObjectProps", "()", "", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "ReturnValue.MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "putAll", "(JsonProperties)", "", "Argument[0].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "JsonProperties", True, "putAll", "(JsonProperties)", "", "Argument[0].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalType", True, "LogicalType", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.LogicalType.name]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalType", True, "addToSchema", "(Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalType", True, "addToSchema", "(Schema)", "", "Argument[this]", "Argument[0].SyntheticField[org.apache.avro.Schema.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalType", True, "addToSchema", "(Schema)", "", "Argument[this]", "ReturnValue.SyntheticField[org.apache.avro.Schema.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalType", True, "getName", "()", "", "Argument[this].SyntheticField[org.apache.avro.LogicalType.name]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalTypes$Decimal", True, "addToSchema", "(Schema)", "", "Argument[this]", "Argument[0].SyntheticField[org.apache.avro.Schema.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "LogicalTypes$Decimal", True, "addToSchema", "(Schema)", "", "Argument[this]", "ReturnValue.SyntheticField[org.apache.avro.Schema.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "NameValidator", True, "validate", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "NameValidator$Result", True, "Result", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.NameValidator$Result.errors]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "NameValidator$Result", True, "getErrors", "()", "", "Argument[this].SyntheticField[org.apache.avro.NameValidator$Result.errors]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "ParseContext", "(NameValidator)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "commit", "()", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.newSchemas].MapKey", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "commit", "()", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.newSchemas].MapValue", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "find", "(String,String)", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.newSchemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "find", "(String,String)", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "getNamedSchema", "(String)", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.newSchemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "getNamedSchema", "(String)", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "put", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.ParseContext.newSchemas].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "resolve", "(Schema)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "resolve", "(Schema)", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "resolveAllSchemas", "()", "", "Argument[this].SyntheticField[org.apache.avro.ParseContext.oldSchemas].MapValue", "ReturnValue.Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ParseContext", True, "typesByName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(Protocol)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(String,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Protocol.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(String,String)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Protocol.namespace]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(String,String,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Protocol.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(String,String,String)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Protocol.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "Protocol", "(String,String,String)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.Protocol.namespace]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(Protocol$Message,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.request]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(Protocol$Message,Schema,Schema,Schema)", "", "Argument[2]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.response]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(Protocol$Message,Schema,Schema,Schema)", "", "Argument[3]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.errors]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,JsonProperties,Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,JsonProperties,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,JsonProperties,Schema)", "", "Argument[3]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.request]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,JsonProperties,Schema,Schema,Schema)", "", "Argument[4]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.response]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,JsonProperties,Schema,Schema,Schema)", "", "Argument[5]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.errors]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Map,Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Map,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Map,Schema)", "", "Argument[3]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.request]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Map,Schema,Schema,Schema)", "", "Argument[4]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.response]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Map,Schema,Schema,Schema)", "", "Argument[5]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.errors]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Schema)", "", "Argument[2]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$Message.request]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Schema,Schema,Schema)", "", "Argument[3]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.response]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "createMessage", "(String,String,Schema,Schema,Schema)", "", "Argument[4]", "ReturnValue.SyntheticField[org.apache.avro.Protocol$TwoWayMessage.errors]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getDoc", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol.doc]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getMD5", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getMessages", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getName", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol.name]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getNamespace", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol.namespace]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getType", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getTypes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol", True, "getUnresolvedTypes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol$Message", True, "getDoc", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol$Message.doc]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol$Message", True, "getErrors", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Protocol$Message", True, "getName", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol$Message.name]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol$Message", True, "getRequest", "()", "", "Argument[this].SyntheticField[org.apache.avro.Protocol$Message.request]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Protocol$Message", True, "getResponse", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue.Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue.Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Container.elementAction].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$ReaderUnion.actualAction].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Container", True, "Container", "(Schema,Schema,GenericData,Resolver$Action)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Container", True, "Container", "(Schema,Schema,GenericData,Resolver$Action)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Container", True, "Container", "(Schema,Schema,GenericData,Resolver$Action)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "Argument[this].Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Container", True, "Container", "(Schema,Schema,GenericData,Resolver$Action)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[this].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Container", True, "Container", "(Schema,Schema,GenericData,Resolver$Action)", "", "Argument[3]", "Argument[this].Field[org.apache.avro.Resolver$Container.elementAction]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$DoNothing", True, "DoNothing", "(Schema,Schema,GenericData)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$DoNothing", True, "DoNothing", "(Schema,Schema,GenericData)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$DoNothing", True, "DoNothing", "(Schema,Schema,GenericData)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "Argument[this].Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$DoNothing", True, "DoNothing", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[this].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$EnumAdjust", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$EnumAdjust", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$EnumAdjust", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue.Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$EnumAdjust", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ErrorAction", True, "ErrorAction", "(Schema,Schema,GenericData,Resolver$ErrorAction$ErrorType)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ErrorAction", True, "ErrorAction", "(Schema,Schema,GenericData,Resolver$ErrorAction$ErrorType)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ErrorAction", True, "ErrorAction", "(Schema,Schema,GenericData,Resolver$ErrorAction$ErrorType)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "Argument[this].Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ErrorAction", True, "ErrorAction", "(Schema,Schema,GenericData,Resolver$ErrorAction$ErrorType)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[this].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Promote", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Promote", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Promote", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue.Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Promote", True, "resolve", "(Schema,Schema,GenericData)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "ReaderUnion", "(Schema,Schema,GenericData,int,Resolver$Action)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "ReaderUnion", "(Schema,Schema,GenericData,int,Resolver$Action)", "", "Argument[1]", "Argument[this].Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "ReaderUnion", "(Schema,Schema,GenericData,int,Resolver$Action)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "Argument[this].Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "ReaderUnion", "(Schema,Schema,GenericData,int,Resolver$Action)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[this].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "ReaderUnion", "(Schema,Schema,GenericData,int,Resolver$Action)", "", "Argument[4]", "Argument[this].Field[org.apache.avro.Resolver$ReaderUnion.actualAction]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[1]", "ReturnValue.Field[org.apache.avro.Resolver$Action.reader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[1].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue.Field[org.apache.avro.Resolver$Action.logicalType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[3].MapValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$ReaderUnion.actualAction].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[3].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$ReaderUnion.actualAction]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[3].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$ReaderUnion.actualAction].Field[org.apache.avro.Resolver$Container.elementAction]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$ReaderUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[3].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$ReaderUnion.actualAction].Field[org.apache.avro.Resolver$ReaderUnion.actualAction]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Skip", True, "Skip", "(Schema,GenericData)", "", "Argument[0]", "Argument[this].Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$Skip", True, "Skip", "(Schema,GenericData)", "", "Argument[1].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[this].Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$WriterUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[0]", "ReturnValue.Field[org.apache.avro.Resolver$Action.writer]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$WriterUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "Argument[3].MapValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$WriterUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[2].SyntheticField[org.apache.avro.generic.GenericData.conversions].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$Action.conversion]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Resolver$WriterUnion", True, "resolve", "(Schema,Schema,GenericData,Map)", "", "Argument[3].MapValue", "ReturnValue.Field[org.apache.avro.Resolver$WriterUnion.actions].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "addProp", "(String,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "addProp", "(String,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "addProp", "(String,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.JsonProperties.props].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "applyAliases", "(Schema,Schema)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "applyAliases", "(Schema,Schema)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createArray", "(Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.Schema$ArraySchema.elementType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createEnum", "(String,String,String,List)", "", "Argument[3].Element", "ReturnValue.SyntheticField[org.apache.avro.Schema$EnumSchema.symbols].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createEnum", "(String,String,String,List,String)", "", "Argument[3].Element", "ReturnValue.SyntheticField[org.apache.avro.Schema$EnumSchema.symbols].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createEnum", "(String,String,String,List,String)", "", "Argument[4]", "ReturnValue.SyntheticField[org.apache.avro.Schema$EnumSchema.enumDefault]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createFixed", "(String,String,String,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createFixed", "(String,String,String,int)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createFixed", "(String,String,String,int)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createMap", "(Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.Schema$MapSchema.valueType]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(List)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(String,String,String,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(String,String,String,boolean)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(String,String,String,boolean)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(String,String,String,boolean,List)", "", "Argument[4].Element", "ReturnValue.SyntheticField[org.apache.avro.Schema$RecordSchema.fieldMap].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createRecord", "(String,String,String,boolean,List)", "", "Argument[4].Element", "ReturnValue.SyntheticField[org.apache.avro.Schema$RecordSchema.fields].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "createUnion", "(List)", "", "Argument[0].Element", "ReturnValue.SyntheticField[org.apache.avro.Schema$UnionSchema.types].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getAliases", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getDoc", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getElementType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getEnumDefault", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getEnumSymbols", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getField", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getFields", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getFullName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getLogicalType", "()", "", "Argument[this].SyntheticField[org.apache.avro.Schema.logicalType]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getNamespace", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getTypes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "getValueType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema", True, "setFields", "(List)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(Schema$Field,Schema)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object,Schema$Field$Order)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.name]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object,Schema$Field$Order)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "Field", "(String,Schema,String,Object,Schema$Field$Order)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.doc]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "addAlias", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.aliases].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "aliases", "()", "", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.aliases].Element", "ReturnValue.Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "doc", "()", "", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.doc]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "name", "()", "", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.name]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Field", True, "schema", "()", "", "Argument[this].SyntheticField[org.apache.avro.Schema$Field.schema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "Parser", "(NameValidator)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "Parser", "(ParseContext)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "addTypes", "(Iterable)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "addTypes", "(Map)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "getTypes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parse", "(File)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parse", "(InputStream)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parse", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parse", "(String,String[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "parseInternal", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$Parser", True, "setValidateDefaults", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "Schema$SeenPair", True, "SeenPair", "(Object,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "Schema$SeenPair", True, "SeenPair", "(Object,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder", True, "builder", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder", True, "enumeration", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder", True, "fixed", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder", True, "record", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayBuilder", False, "ArrayBuilder", "(SchemaBuilder$Completion,SchemaBuilder$NameContext)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayBuilder", False, "ArrayBuilder", "(SchemaBuilder$Completion,SchemaBuilder$NameContext)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayBuilder", False, "items", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayBuilder", False, "items", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayBuilder", False, "items", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$ArrayDefault", True, "arrayDefault", "(List)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "array", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "booleanBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "booleanType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "bytesBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "bytesType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "doubleBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "doubleType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "enumeration", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "enumeration", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "fixed", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "fixed", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "floatBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "floatType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "intBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "intType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "longBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "longType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "map", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "nullBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "nullType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "record", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "record", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "stringBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseFieldTypeBuilder", True, "stringType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "array", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "booleanBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "booleanType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "bytesBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "bytesType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "doubleBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "doubleType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "enumeration", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "enumeration", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "fixed", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "fixed", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "floatBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "floatType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "intBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "intType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "longBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "longType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "map", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "nullBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "nullType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "record", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "record", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "stringBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "stringType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "type", "(Schema)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "type", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "type", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BaseTypeBuilder", True, "type", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BooleanBuilder", False, "endBoolean", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BooleanDefault", True, "booleanDefault", "(boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BytesBuilder", False, "endBytes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BytesDefault", True, "bytesDefault", "(ByteBuffer)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BytesDefault", True, "bytesDefault", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$BytesDefault", True, "bytesDefault", "(byte[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$DoubleBuilder", False, "endDouble", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$DoubleDefault", True, "doubleDefault", "(double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$EnumBuilder", False, "defaultSymbol", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$EnumBuilder", False, "symbols", "(String[])", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$EnumBuilder", False, "symbols", "(String[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$EnumDefault", True, "enumDefault", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldAssembler", False, "endRecord", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldAssembler", False, "name", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldAssembler", False, "name", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "notValidatingDefaults", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "orderAscending", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "orderDescending", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "orderIgnore", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "type", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "type", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "type", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "type", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "type", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldBuilder", False, "validatingDefaults", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldDefault", True, "noDefault", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldTypeBuilder", False, "nullable", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldTypeBuilder", False, "optional", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FieldTypeBuilder", False, "unionOf", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FixedBuilder", False, "size", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FixedDefault", True, "fixedDefault", "(ByteBuffer)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FixedDefault", True, "fixedDefault", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FixedDefault", True, "fixedDefault", "(byte[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FloatBuilder", False, "endFloat", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$FloatDefault", True, "floatDefault", "(float)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$GenericDefault", False, "noDefault", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$GenericDefault", False, "withDefault", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$IntBuilder", False, "endInt", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$IntDefault", True, "intDefault", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$LongBuilder", False, "endLong", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$LongDefault", True, "longDefault", "(long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$MapBuilder", False, "values", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$MapBuilder", False, "values", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$MapBuilder", False, "values", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$MapDefault", True, "mapDefault", "(Map)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$NamedBuilder", True, "aliases", "(String[])", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$NamedBuilder", True, "doc", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$NamespacedBuilder", True, "namespace", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$NullBuilder", False, "endNull", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$NullDefault", True, "nullDefault", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$PropBuilder", True, "prop", "(String,Object)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$PropBuilder", True, "prop", "(String,String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$RecordBuilder", False, "fields", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$RecordDefault", True, "recordDefault", "(GenericRecord)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$StringBldr", False, "endString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$StringDefault", True, "stringDefault", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$TypeBuilder", False, "nullable", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$TypeBuilder", False, "unionOf", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionAccumulator", False, "and", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionAccumulator", False, "endUnion", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "array", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "booleanBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "booleanType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "bytesBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "bytesType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "doubleBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "doubleType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "enumeration", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "enumeration", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "fixed", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "fixed", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "floatBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "floatType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "intBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "intType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "longBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "longType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "map", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "nullBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "nullType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "record", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "record", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "stringBuilder", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilder$UnionFieldTypeBuilder", False, "stringType", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilderException", True, "SchemaBuilderException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaBuilderException", True, "SchemaBuilderException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility", True, "checkReaderWriterCompatibility", "(Schema,Schema)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mReader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility", True, "checkReaderWriterCompatibility", "(Schema,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mWriter]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$Incompatibility", False, "getLocation", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$Incompatibility", False, "getMessage", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$Incompatibility", False, "getReaderFragment", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$Incompatibility", False, "getWriterFragment", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaCompatibilityResult", False, "getIncompatibilities", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaCompatibilityResult", False, "mergedWith", "(SchemaCompatibility$SchemaCompatibilityResult)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaCompatibilityResult", False, "mergedWith", "(SchemaCompatibility$SchemaCompatibilityResult)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "SchemaPairCompatibility", "(SchemaCompatibility$SchemaCompatibilityResult,Schema,Schema,String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mResult]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "SchemaPairCompatibility", "(SchemaCompatibility$SchemaCompatibilityResult,Schema,Schema,String)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mReader]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "SchemaPairCompatibility", "(SchemaCompatibility$SchemaCompatibilityResult,Schema,Schema,String)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mWriter]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "SchemaPairCompatibility", "(SchemaCompatibility$SchemaCompatibilityResult,Schema,Schema,String)", "", "Argument[3]", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mDescription]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "getDescription", "()", "", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mDescription]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "getReader", "()", "", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mReader]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "getResult", "()", "", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mResult]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaCompatibility$SchemaPairCompatibility", False, "getWriter", "()", "", "Argument[this].SyntheticField[org.apache.avro.SchemaCompatibility$SchemaPairCompatibility.mWriter]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaParseException", True, "SchemaParseException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaParseException", True, "SchemaParseException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "SchemaParser", "(NameValidator)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaParser", True, "getParsedNamedSchemas", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaParser$ParseResult", True, "mainSchema", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaParser$ParseResult", True, "parsedNamedSchemas", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-generated"]
|
||||
- ["org.apache.avro", "SchemaValidationException", True, "SchemaValidationException", "(Schema,Schema,Throwable)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "canBeReadStrategy", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "canReadStrategy", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "mutualReadStrategy", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "strategy", "(SchemaValidationStrategy)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "validateAll", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SchemaValidatorBuilder", False, "validateLatest", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "SystemLimitException", True, "SystemLimitException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "UnknownAvroCodecException", True, "UnknownAvroCodecException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "UnresolvedUnionException", "(Schema,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unionSchema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "UnresolvedUnionException", "(Schema,Object)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unresolvedDatum]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "UnresolvedUnionException", "(Schema,Schema$Field,Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unionSchema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "UnresolvedUnionException", "(Schema,Schema$Field,Object)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unresolvedDatum]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "getUnionSchema", "()", "", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unionSchema]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "UnresolvedUnionException", True, "getUnresolvedDatum", "()", "", "Argument[this].SyntheticField[org.apache.avro.UnresolvedUnionException.unresolvedDatum]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro", "ValidateAll", False, "ValidateAll", "(SchemaValidationStrategy)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro", "ValidateLatest", False, "ValidateLatest", "(SchemaValidationStrategy)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: neutralModel
|
||||
data:
|
||||
- ["org.apache.avro", "SchemaFormatterFactory", "getDefaultFormatter", "()", "summary", "ai-generated"]
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.path", "LocationStep", True, "LocationStep", "(String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "LocationStep", True, "LocationStep", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "MapKeyPredicate", True, "MapKeyPredicate", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.path.MapKeyPredicate.key]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.path", "MapKeyPredicate", True, "getKey", "()", "", "Argument[this].SyntheticField[org.apache.avro.path.MapKeyPredicate.key]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.path", "TracingAvroTypeException", True, "TracingAvroTypeException", "(AvroTypeException)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingAvroTypeException", True, "summarize", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingAvroTypeException", True, "tracePath", "(PathElement)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingClassCastException", True, "TracingClassCastException", "(ClassCastException,Object,Schema,boolean)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.path.TracingClassCastException.datum]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.path", "TracingClassCastException", True, "summarize", "(Schema)", "", "Argument[this].SyntheticField[org.apache.avro.path.TracingClassCastException.datum]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.path", "TracingClassCastException", True, "tracePath", "(PathElement)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingNullPointException", True, "TracingNullPointException", "(NullPointerException,Schema,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingNullPointException", True, "TracingNullPointException", "(NullPointerException,Schema,boolean)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingNullPointException", True, "summarize", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "TracingNullPointException", True, "tracePath", "(PathElement)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.path", "UnionTypePredicate", True, "UnionTypePredicate", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
@@ -0,0 +1,30 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.reflect", "MapEntry", True, "MapEntry", "(Object,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "MapEntry", True, "MapEntry", "(Object,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "ReflectData", "(ClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "addStringable", "(Class)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "createFixed", "(Object,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Fixed.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "getCustomEncoding", "(Schema)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "getField", "(Object,String,int)", "", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "makeNullable", "(Schema)", "", "Argument[0]", "ReturnValue", "value", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "newRecord", "(Object,Schema)", "", "Argument[1]", "ReturnValue.SyntheticField[org.apache.avro.generic.GenericData$Record.schema]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "setDefaultGeneratedValue", "(Type,Object)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "setDefaultsGenerated", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectData", True, "setField", "(Object,String,int,Object)", "", "Argument[3]", "Argument[0].SyntheticField[org.apache.avro.generic.GenericData$Record.values].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(ReflectData)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema,Schema,ReflectData)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema,Schema,ReflectData)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumReader", True, "ReflectDatumReader", "(Schema,Schema,ReflectData)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumWriter", True, "ReflectDatumWriter", "(Class,ReflectData)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumWriter", True, "ReflectDatumWriter", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumWriter", True, "ReflectDatumWriter", "(Schema,ReflectData)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.reflect", "ReflectDatumWriter", True, "ReflectDatumWriter", "(Schema,ReflectData)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
@@ -0,0 +1,47 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "SpecificData", "(ClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "getClassName", "(Schema)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "getDecoder", "(ObjectInput)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "getEncoder", "(ObjectOutput)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "getSchema", "(Type)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangle", "(String)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangle", "(String,Set)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangle", "(String,Set,boolean)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangle", "(String,boolean)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangleFullyQualified", "(String)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangleMethod", "(String,boolean)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangleTypeIdentifier", "(String)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificData", True, "mangleTypeIdentifier", "(String,boolean)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "SpecificDatumReader", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "SpecificDatumReader", "(Schema,Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "SpecificDatumReader", "(Schema,Schema)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "SpecificDatumReader", "(Schema,Schema,SpecificData)", "", "Argument[2]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.data]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "SpecificDatumReader", "(SpecificData)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.data]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "getSpecificData", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumReader.data]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumReader", True, "setSchema", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumWriter", True, "SpecificDatumWriter", "(Schema)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumWriter", True, "SpecificDatumWriter", "(Schema,SpecificData)", "", "Argument[1]", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumWriter.data]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificDatumWriter", True, "getSpecificData", "()", "", "Argument[this].SyntheticField[org.apache.avro.generic.GenericDatumWriter.data]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "clearCause", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "clearValue", "()", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "getCause", "()", "", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.cause]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "getValue", "()", "", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.value]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setCause", "(Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.cause]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setCause", "(Throwable)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.cause]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setCause", "(Throwable)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setValue", "(Object)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.value]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setValue", "(Object)", "", "Argument[0]", "ReturnValue.SyntheticField[org.apache.avro.specific.SpecificErrorBuilderBase.value]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificErrorBuilderBase", True, "setValue", "(Object)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificExceptionBase", True, "SpecificExceptionBase", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificExceptionBase", True, "SpecificExceptionBase", "(Object,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificExceptionBase", True, "SpecificExceptionBase", "(Object,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificExceptionBase", True, "SpecificExceptionBase", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificFixed", True, "SpecificFixed", "(byte[])", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificFixed.bytes]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificFixed", True, "bytes", "()", "", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificFixed.bytes]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.specific", "SpecificFixed", True, "bytes", "(byte[])", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.specific.SpecificFixed.bytes]", "value", "dfc-generated"]
|
||||
@@ -1,8 +1,63 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
# Generated from https://github.com/apache/avro.git#68da8fb99da5c482f17853e01e79f714e3717b42 by codeql-mads-via-llm
|
||||
# Generated from https://github.com/apache/avro#0f18ca801f25fa9435d727abba9fb979f9bde662 by codeql-mads-via-llm
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: sourceModel
|
||||
data:
|
||||
- ["org.apache.avro.util", "RandomData", True, "main", "(String[])", "", "Argument[0]", "commandargs", "ai-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "main", "(String[])", "", "Parameter[0]", "commandargs", "ai-generated"]
|
||||
- addsTo:
|
||||
pack: codeql/java-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["org.apache.avro.util", "ByteBufferInputStream", True, "ByteBufferInputStream", "(List)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferInputStream.buffers]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferInputStream", True, "readBuffer", "(int)", "", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferInputStream.buffers].Element", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferOutputStream", True, "append", "(List)", "", "Argument[0].Element", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferOutputStream.buffers].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferOutputStream", True, "getBufferList", "()", "", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferOutputStream.buffers]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferOutputStream", True, "write", "(ByteBuffer)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferOutputStream.buffers].Element", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferOutputStream", True, "writeBuffer", "(ByteBuffer)", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ByteBufferOutputStream", True, "writeBuffer", "(ByteBuffer)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.ByteBufferOutputStream.buffers].Element", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ClassSecurityValidator$Builder", True, "add", "(Class)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "ClassSecurityValidator$Builder", True, "add", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "MapEntry", True, "MapEntry", "(Object,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "MapEntry", True, "MapEntry", "(Object,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "MapUtil", True, "computeIfAbsent", "(ConcurrentMap,Object,Function)", "", "Argument[0].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "NonCopyingByteArrayOutputStream", True, "asByteBuffer", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "NonCopyingByteArrayOutputStream", True, "writeBytes", "(byte[])", "", "Argument[0]", "Argument[this]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,boolean)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,long)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,long)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,long,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(GenericData,Schema,int,long,boolean)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(Schema,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(Schema,int,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(Schema,int,long)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "RandomData", True, "RandomData", "(Schema,int,long,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "ReusableByteArrayInputStream", True, "setByteArray", "(byte[],int,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "ReusableByteBufferInputStream", True, "setByteBuffer", "(ByteBuffer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "ResolvingVisitor", "(Function)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "afterVisitNonTerminal", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.SchemaResolver$ResolvingVisitor.replace].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "copyProperties", "(Schema,Schema)", "", "Argument[0]", "Argument[1]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "getResolved", "(Schema)", "", "Argument[this].SyntheticField[org.apache.avro.util.SchemaResolver$ResolvingVisitor.replace].MapValue", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "visitNonTerminal", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.SchemaResolver$ResolvingVisitor.replace].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "visitTerminal", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.SchemaResolver$ResolvingVisitor.replace].MapKey", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "SchemaResolver$ResolvingVisitor", False, "visitTerminal", "(Schema)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.SchemaResolver$ResolvingVisitor.replace].MapValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "SchemaUtil", True, "describe", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Schemas", False, "visit", "(Schema,SchemaVisitor)", "", "Argument[0]", "Argument[1]", "taint", "df-generated"]
|
||||
- ["org.apache.avro.util", "TimePeriod", False, "from", "(TemporalAmount)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "Utf8", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "Utf8", "(Utf8)", "", "Argument[0].SyntheticField[org.apache.avro.util.Utf8.bytes].ArrayElement", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes].ArrayElement", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "Utf8", "(byte[])", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes]", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "getBytes", "()", "", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "getBytesFor", "(String)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "readExternal", "(ObjectInput)", "", "Argument[0]", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "set", "(String)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "set", "(Utf8)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "setByteLength", "(int)", "", "Argument[this]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "Utf8", True, "writeExternal", "(ObjectOutput)", "", "Argument[this].SyntheticField[org.apache.avro.util.Utf8.bytes]", "Argument[0]", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "UtfTextUtils", True, "asString", "(byte[],Charset)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "UtfTextUtils", True, "readAllBytes", "(InputStream,Charset)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["org.apache.avro.util", "UtfTextUtils", True, "readAllChars", "(Reader)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
|
||||
@@ -29,3 +29,8 @@ nodes
|
||||
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] | semmle.label | ciphertext : byte[] |
|
||||
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
||||
subpaths
|
||||
testFailures
|
||||
| BadMacUse.java:50:56:50:66 | // $ Source | Missing result: Source |
|
||||
| BadMacUse.java:63:118:63:128 | // $ Source | Missing result: Source |
|
||||
| BadMacUse.java:92:31:92:35 | bytes : byte[] | Unexpected result: Source |
|
||||
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||
|
||||
@@ -30,3 +30,8 @@ nodes
|
||||
| BadMacUse.java:118:83:118:84 | iv : byte[] | semmle.label | iv : byte[] |
|
||||
| BadMacUse.java:124:42:124:51 | ciphertext | semmle.label | ciphertext |
|
||||
subpaths
|
||||
testFailures
|
||||
| BadMacUse.java:63:118:63:128 | // $ Source | Missing result: Source |
|
||||
| BadMacUse.java:92:16:92:36 | doFinal(...) : byte[] | Unexpected result: Source |
|
||||
| BadMacUse.java:124:42:124:51 | ciphertext | Unexpected result: Alert |
|
||||
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||
|
||||
@@ -44,3 +44,8 @@ nodes
|
||||
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] [[]] : Object | semmle.label | ciphertext : byte[] [[]] : Object |
|
||||
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
||||
subpaths
|
||||
testFailures
|
||||
| BadMacUse.java:50:56:50:66 | // $ Source | Missing result: Source |
|
||||
| BadMacUse.java:139:79:139:90 | input : byte[] | Unexpected result: Source |
|
||||
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||
| BadMacUse.java:152:42:152:51 | ciphertext | Unexpected result: Alert |
|
||||
|
||||
@@ -47,7 +47,7 @@ class BadMacUse {
|
||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||
cipher.init(Cipher.DECRYPT_MODE, encryptionKey, new SecureRandom());
|
||||
byte[] plaintext = cipher.doFinal(ciphertext); // $ Source[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
byte[] plaintext = cipher.doFinal(ciphertext); // $ Source
|
||||
|
||||
// Now verify MAC (too late)
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
@@ -60,7 +60,7 @@ class BadMacUse {
|
||||
}
|
||||
}
|
||||
|
||||
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $ Source[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
||||
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $ Source
|
||||
// Create keys directly from provided byte arrays
|
||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
@@ -89,7 +89,7 @@ class BadMacUse {
|
||||
|
||||
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
|
||||
cipher.init(mode, secretKeySpec, ivParameterSpec);
|
||||
return cipher.doFinal(bytes); // $ Source[java/quantum/examples/bad-mac-order-decrypt-then-mac] Source[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
return cipher.doFinal(bytes);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -121,7 +121,7 @@ class BadMacUse {
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
Mac mac = Mac.getInstance("HmacSHA256");
|
||||
mac.init(macKey);
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // $ SPURIOUS: Alert[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // False Positive
|
||||
|
||||
// Concatenate ciphertext and MAC
|
||||
byte[] output = new byte[ciphertext.length + computedMac.length];
|
||||
@@ -136,20 +136,20 @@ class BadMacUse {
|
||||
* The function decrypts THEN computes the MAC on the plaintext.
|
||||
* It should have the MAC computed on the ciphertext first.
|
||||
*/
|
||||
public void decryptThenMac(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] input) throws Exception { // $ SPURIOUS: Source[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
||||
public void decryptThenMac(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] input) throws Exception {
|
||||
// Split input into ciphertext and MAC
|
||||
int macLength = 32; // HMAC-SHA256 output length
|
||||
byte[] ciphertext = Arrays.copyOfRange(input, 0, input.length - macLength);
|
||||
byte[] receivedMac = Arrays.copyOfRange(input, input.length - macLength, input.length);
|
||||
|
||||
// Decrypt first (unsafe)
|
||||
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]);
|
||||
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]); // $ Source
|
||||
|
||||
// Now verify MAC (too late)
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
Mac mac = Mac.getInstance("HmacSHA256");
|
||||
mac.init(macKey);
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac] SPURIOUS: Alert[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac], False positive for Plaintext reuse
|
||||
|
||||
if (!MessageDigest.isEqual(receivedMac, computedMac)) {
|
||||
throw new SecurityException("MAC verification failed");
|
||||
|
||||
@@ -126,3 +126,5 @@ nodes
|
||||
| InsecureIVorNonceSource.java:202:54:202:55 | iv : byte[] | semmle.label | iv : byte[] |
|
||||
| InsecureIVorNonceSource.java:206:51:206:56 | ivSpec | semmle.label | ivSpec |
|
||||
subpaths
|
||||
testFailures
|
||||
| InsecureIVorNonceSource.java:42:21:42:21 | 1 : Number | Unexpected result: Source |
|
||||
|
||||
@@ -39,7 +39,7 @@ public class InsecureIVorNonceSource {
|
||||
public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[] iv = new byte[16];
|
||||
for (byte i = 0; i < iv.length; i++) {
|
||||
iv[i] = 1; // $ Source[java/quantum/examples/insecure-iv-or-nonce]
|
||||
iv[i] = 1;
|
||||
}
|
||||
|
||||
IvParameterSpec ivSpec = new IvParameterSpec(iv);
|
||||
|
||||
@@ -40,11 +40,11 @@ public class Test {
|
||||
* SAST/CBOM: - Parent: PBKDF2. - Iteration count is only 10, which is far
|
||||
* below acceptable security standards. - Flagged as insecure.
|
||||
*/
|
||||
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $ Source[java/quantum/examples/unknown-kdf-iteration-count]
|
||||
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $ Source
|
||||
byte[] salt = generateSalt(16);
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256);
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $ Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded(); // $ Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1 +1,5 @@
|
||||
#select
|
||||
| Test.java:47:22:47:49 | KeyDerivation | Key derivation operation with unknown iteration: $@ | Test.java:43:53:43:70 | iterationCount | iterationCount |
|
||||
testFailures
|
||||
| Test.java:45:94:45:154 | // $ Alert[java/quantum/examples/unknown-kdf-iteration-count] | Missing result: Alert[java/quantum/examples/unknown-kdf-iteration-count] |
|
||||
| Test.java:47:22:47:49 | Key derivation operation with unknown iteration: $@ | Unexpected result: Alert |
|
||||
|
||||
@@ -12,3 +12,5 @@ nodes
|
||||
| Test.java:58:30:58:38 | 1_000_000 : Number | semmle.label | 1_000_000 : Number |
|
||||
| Test.java:59:72:59:85 | iterationCount | semmle.label | iterationCount |
|
||||
subpaths
|
||||
testFailures
|
||||
| Test.java:43:92:43:102 | // $ Source | Missing result: Source |
|
||||
|
||||
@@ -36,6 +36,8 @@ private module Input implements InputSig<Location, PythonDataFlow> {
|
||||
// parameter, but dataflow-consistency queries should _not_ complain about there not
|
||||
// being a post-update node for the synthetic `**kwargs` parameter.
|
||||
n instanceof SynthDictSplatParameterNode
|
||||
or
|
||||
Private::Conversions::readStep(n, _, _)
|
||||
}
|
||||
|
||||
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
|
||||
- Temporarily disabled the `instanceFieldStep` disjunct of the internal `TypeTrackingInput::levelStepCall` predicate, which was introduced in 7.2.0 and caused catastrophic query slowdowns on some OOP-heavy Python codebases (e.g. `mypy` and `dask`).
|
||||
@@ -753,7 +753,7 @@ predicate jumpStepNotSharedWithTypeTracker(Node nodeFrom, Node nodeTo) {
|
||||
* As of 2024-04-02 the type-tracking library only supports precise content, so there is
|
||||
* no reason to include steps for list content right now.
|
||||
*/
|
||||
predicate storeStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
predicate storeStepCommon(Node nodeFrom, Content c, Node nodeTo) {
|
||||
tupleStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
dictStoreStep(nodeFrom, c, nodeTo)
|
||||
@@ -767,29 +767,31 @@ predicate storeStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
* Holds if data can flow from `nodeFrom` to `nodeTo` via an assignment to
|
||||
* content `c`.
|
||||
*/
|
||||
predicate storeStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
storeStepCommon(nodeFrom, c, nodeTo)
|
||||
predicate storeStep(Node nodeFrom, ContentSet cs, Node nodeTo) {
|
||||
exists(Content c | cs = singleton(c) |
|
||||
storeStepCommon(nodeFrom, c, nodeTo)
|
||||
or
|
||||
listStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
setStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
attributeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
matchStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
any(Orm::AdditionalOrmSteps es).storeStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
synthStarArgsElementParameterNodeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
synthDictSplatArgumentNodeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
yieldStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
VariableCapture::storeStep(nodeFrom, c, nodeTo)
|
||||
)
|
||||
or
|
||||
listStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
setStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
attributeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
matchStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
any(Orm::AdditionalOrmSteps es).storeStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
FlowSummaryImpl::Private::Steps::summaryStoreStep(nodeFrom.(FlowSummaryNode).getSummaryNode(), c,
|
||||
FlowSummaryImpl::Private::Steps::summaryStoreStep(nodeFrom.(FlowSummaryNode).getSummaryNode(), cs,
|
||||
nodeTo.(FlowSummaryNode).getSummaryNode())
|
||||
or
|
||||
synthStarArgsElementParameterNodeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
synthDictSplatArgumentNodeStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
yieldStoreStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
VariableCapture::storeStep(nodeFrom, c, nodeTo)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -985,7 +987,7 @@ predicate attributeStoreStep(Node nodeFrom, AttributeContent c, Node nodeTo) {
|
||||
/**
|
||||
* Subset of `readStep` that should be shared with type-tracking.
|
||||
*/
|
||||
predicate readStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
predicate readStepCommon(Node nodeFrom, Content c, Node nodeTo) {
|
||||
subscriptReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
iterableUnpackingReadStep(nodeFrom, c, nodeTo)
|
||||
@@ -994,21 +996,25 @@ predicate readStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
/**
|
||||
* Holds if data can flow from `nodeFrom` to `nodeTo` via a read of content `c`.
|
||||
*/
|
||||
predicate readStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
readStepCommon(nodeFrom, c, nodeTo)
|
||||
predicate readStep(Node nodeFrom, ContentSet cs, Node nodeTo) {
|
||||
exists(Content c | cs = singleton(c) |
|
||||
readStepCommon(nodeFrom, c, nodeTo)
|
||||
or
|
||||
matchReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
forReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
attributeReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
synthDictSplatParameterNodeReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
VariableCapture::readStep(nodeFrom, c, nodeTo)
|
||||
)
|
||||
or
|
||||
matchReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
forReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
attributeReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
FlowSummaryImpl::Private::Steps::summaryReadStep(nodeFrom.(FlowSummaryNode).getSummaryNode(), c,
|
||||
FlowSummaryImpl::Private::Steps::summaryReadStep(nodeFrom.(FlowSummaryNode).getSummaryNode(), cs,
|
||||
nodeTo.(FlowSummaryNode).getSummaryNode())
|
||||
or
|
||||
synthDictSplatParameterNodeReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
VariableCapture::readStep(nodeFrom, c, nodeTo)
|
||||
Conversions::readStep(nodeFrom, cs, nodeTo)
|
||||
}
|
||||
|
||||
/** Data flows from a sequence to a subscript of the sequence. */
|
||||
@@ -1064,23 +1070,68 @@ predicate attributeReadStep(Node nodeFrom, AttributeContent c, AttrRead nodeTo)
|
||||
nodeTo.accesses(nodeFrom, c.getAttribute())
|
||||
}
|
||||
|
||||
module Conversions {
|
||||
private import semmle.python.Concepts
|
||||
|
||||
predicate decoderReadStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
exists(Decoding decoding |
|
||||
nodeFrom = decoding.getAnInput() and
|
||||
nodeTo = decoding.getOutput()
|
||||
) and
|
||||
c.isAnyTupleOrDictionaryElement()
|
||||
}
|
||||
|
||||
predicate encoderReadStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
exists(Encoding encoding |
|
||||
nodeFrom = encoding.getAnInput() and
|
||||
nodeTo = encoding.getOutput()
|
||||
) and
|
||||
c.isAnyTupleOrDictionaryElement()
|
||||
}
|
||||
|
||||
predicate formatReadStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
// % formatting
|
||||
exists(BinaryExprNode fmt | fmt = nodeTo.asCfgNode() |
|
||||
fmt.getOp() instanceof Mod and
|
||||
fmt.getRight() = nodeFrom.asCfgNode()
|
||||
) and
|
||||
c.isAnyTupleElement()
|
||||
or
|
||||
// format_map
|
||||
// see https://docs.python.org/3/library/stdtypes.html#str.format_map
|
||||
nodeTo.(MethodCallNode).calls(_, "format_map") and
|
||||
nodeTo.(MethodCallNode).getArg(0) = nodeFrom and
|
||||
c.isAnyDictionaryElement()
|
||||
}
|
||||
|
||||
predicate readStep(Node nodeFrom, ContentSet c, Node nodeTo) {
|
||||
decoderReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
encoderReadStep(nodeFrom, c, nodeTo)
|
||||
or
|
||||
formatReadStep(nodeFrom, c, nodeTo)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if values stored inside content `c` are cleared at node `n`. For example,
|
||||
* any value stored inside `f` is cleared at the pre-update node associated with `x`
|
||||
* in `x.f = newValue`.
|
||||
*/
|
||||
predicate clearsContent(Node n, ContentSet c) {
|
||||
matchClearStep(n, c)
|
||||
predicate clearsContent(Node n, ContentSet cs) {
|
||||
exists(Content c | cs = singleton(c) |
|
||||
matchClearStep(n, c)
|
||||
or
|
||||
attributeClearStep(n, c)
|
||||
or
|
||||
dictClearStep(n, c)
|
||||
or
|
||||
dictSplatParameterNodeClearStep(n, c)
|
||||
or
|
||||
VariableCapture::clearsContent(n, c)
|
||||
)
|
||||
or
|
||||
attributeClearStep(n, c)
|
||||
or
|
||||
dictClearStep(n, c)
|
||||
or
|
||||
FlowSummaryImpl::Private::Steps::summaryClearsContent(n.(FlowSummaryNode).getSummaryNode(), c)
|
||||
or
|
||||
dictSplatParameterNodeClearStep(n, c)
|
||||
or
|
||||
VariableCapture::clearsContent(n, c)
|
||||
FlowSummaryImpl::Private::Steps::summaryClearsContent(n.(FlowSummaryNode).getSummaryNode(), cs)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1198,12 +1249,65 @@ predicate allowParameterReturnInSelf(ParameterNode p) {
|
||||
)
|
||||
}
|
||||
|
||||
bindingset[s]
|
||||
private string getFirstChar(string s) {
|
||||
result =
|
||||
min(int i, string c |
|
||||
c = s.charAt(i) and c != "_"
|
||||
or
|
||||
c = "" and i = s.length()
|
||||
|
|
||||
c order by i
|
||||
)
|
||||
}
|
||||
|
||||
private string getAttributeContentFirstChar(AttributeContent ac) {
|
||||
result = getFirstChar(ac.getAttribute())
|
||||
}
|
||||
|
||||
private string getDictionaryElementContentKeyFirstChar(DictionaryElementContent dec) {
|
||||
result = getFirstChar(dec.getKey())
|
||||
}
|
||||
|
||||
private newtype TContentApprox =
|
||||
TListElementContentApprox() or
|
||||
TSetElementContentApprox() or
|
||||
TTupleElementContentApprox() or
|
||||
TDictionaryElementContentApprox(string first) {
|
||||
first = "" // for `TDictionaryElementAnyContent`
|
||||
or
|
||||
first = getDictionaryElementContentKeyFirstChar(_)
|
||||
} or
|
||||
TAttributeContentApprox(string first) { first = getAttributeContentFirstChar(_) } or
|
||||
TCapturedVariableContentApprox()
|
||||
|
||||
/** An approximated `Content`. */
|
||||
class ContentApprox = Unit;
|
||||
class ContentApprox extends TContentApprox {
|
||||
/** Gets a textual representation of this element. */
|
||||
string toString() { result = "" }
|
||||
}
|
||||
|
||||
/** Gets an approximated value for content `c`. */
|
||||
pragma[inline]
|
||||
ContentApprox getContentApprox(Content c) { any() }
|
||||
ContentApprox getContentApprox(Content c) {
|
||||
c = TListElementContent() and
|
||||
result = TListElementContentApprox()
|
||||
or
|
||||
c = TSetElementContent() and
|
||||
result = TSetElementContentApprox()
|
||||
or
|
||||
c = TTupleElementContent(_) and
|
||||
result = TTupleElementContentApprox()
|
||||
or
|
||||
result = TDictionaryElementContentApprox(getDictionaryElementContentKeyFirstChar(c))
|
||||
or
|
||||
c = TDictionaryElementAnyContent() and
|
||||
result = TDictionaryElementContentApprox("")
|
||||
or
|
||||
result = TAttributeContentApprox(getAttributeContentFirstChar(c))
|
||||
or
|
||||
c = TCapturedVariableContent(_) and
|
||||
result = TCapturedVariableContentApprox()
|
||||
}
|
||||
|
||||
/** Helper for `.getEnclosingCallable`. */
|
||||
DataFlowCallable getCallableScope(Scope s) {
|
||||
|
||||
@@ -898,19 +898,78 @@ class CapturedVariableContent extends Content, TCapturedVariableContent {
|
||||
override string getMaDRepresentation() { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
* An entity that represents a set of `Content`s.
|
||||
*
|
||||
* Most `ContentSet`s are singletons (i.e. they consist of a single `Content`),
|
||||
* but `AnyDictionaryElement` and `AnyTupleElement` act as wildcards on the
|
||||
* read side: a read at such a `ContentSet` matches any specific dictionary
|
||||
* key / tuple index store, as well as (for dictionaries) the
|
||||
* "unknown-bucket" Content `DictionaryElementAnyContent`.
|
||||
*
|
||||
* Keeping these as wildcard `ContentSet`s (rather than enumerating one
|
||||
* `ContentSet` per key/index) keeps the dataflow `readSetEx` relation small
|
||||
* when implicit reads are used (e.g. at sinks via `defaultImplicitTaintRead`).
|
||||
*/
|
||||
private newtype TContentSet =
|
||||
TSingletonContent(Content c) or
|
||||
TAnyTupleElement() or
|
||||
TAnyDictionaryElement() or
|
||||
TAnyTupleOrDictionaryElement()
|
||||
|
||||
/**
|
||||
* An entity that represents a set of `Content`s.
|
||||
*
|
||||
* The set may be interpreted differently depending on whether it is
|
||||
* stored into (`getAStoreContent`) or read from (`getAReadContent`).
|
||||
*/
|
||||
class ContentSet instanceof Content {
|
||||
class ContentSet extends TContentSet {
|
||||
/** Holds if this content set is the singleton `{c}`. */
|
||||
predicate isSingleton(Content c) { this = TSingletonContent(c) }
|
||||
|
||||
/** Holds if this content set is the wildcard for all tuple elements. */
|
||||
predicate isAnyTupleElement() { this = TAnyTupleElement() }
|
||||
|
||||
/** Holds if this content set is the wildcard for all dictionary elements. */
|
||||
predicate isAnyDictionaryElement() { this = TAnyDictionaryElement() }
|
||||
|
||||
/** Holds if this content set is the wildcard for all tuple elements or dictionary elements. */
|
||||
predicate isAnyTupleOrDictionaryElement() { this = TAnyTupleOrDictionaryElement() }
|
||||
|
||||
/** Gets a content that may be stored into when storing into this set. */
|
||||
Content getAStoreContent() { result = this }
|
||||
Content getAStoreContent() { this = TSingletonContent(result) }
|
||||
|
||||
/** Gets a content that may be read from when reading from this set. */
|
||||
Content getAReadContent() { result = this }
|
||||
Content getAReadContent() {
|
||||
this = TSingletonContent(result)
|
||||
or
|
||||
// Wildcard expansion: a read at "any tuple element" matches a store at any
|
||||
// specific tuple index. (Stores always target a specific index, so we don't
|
||||
// need a `TupleElementAnyContent` Content kind here.)
|
||||
this = TAnyTupleElement() and result instanceof TupleElementContent
|
||||
or
|
||||
this = TAnyDictionaryElement() and
|
||||
(result instanceof DictionaryElementContent or result instanceof DictionaryElementAnyContent)
|
||||
or
|
||||
this = TAnyTupleOrDictionaryElement() and
|
||||
(
|
||||
result instanceof TupleElementContent or
|
||||
result instanceof DictionaryElementContent or
|
||||
result instanceof DictionaryElementAnyContent
|
||||
)
|
||||
}
|
||||
|
||||
/** Gets a textual representation of this content set. */
|
||||
string toString() { result = super.toString() }
|
||||
string toString() {
|
||||
exists(Content c | this = TSingletonContent(c) | result = c.toString())
|
||||
or
|
||||
this = TAnyTupleElement() and result = "Any tuple element"
|
||||
or
|
||||
this = TAnyDictionaryElement() and result = "Any dictionary element"
|
||||
or
|
||||
this = TAnyTupleOrDictionaryElement() and result = "Any tuple or dictionary element"
|
||||
}
|
||||
}
|
||||
|
||||
/** Gets the singleton `ContentSet` wrapping the `Content` `c`. */
|
||||
ContentSet singleton(Content c) { result = TSingletonContent(c) }
|
||||
|
||||
@@ -66,21 +66,29 @@ module Input implements InputSig<Location, DataFlowImplSpecific::PythonDataFlow>
|
||||
}
|
||||
|
||||
string encodeContent(ContentSet cs, string arg) {
|
||||
cs = TListElementContent() and result = "ListElement" and arg = ""
|
||||
or
|
||||
cs = TSetElementContent() and result = "SetElement" and arg = ""
|
||||
or
|
||||
exists(int index |
|
||||
cs = TTupleElementContent(index) and result = "TupleElement" and arg = index.toString()
|
||||
exists(Content c | cs.isSingleton(c) |
|
||||
c = TListElementContent() and result = "ListElement" and arg = ""
|
||||
or
|
||||
c = TSetElementContent() and result = "SetElement" and arg = ""
|
||||
or
|
||||
exists(int index |
|
||||
c = TTupleElementContent(index) and result = "TupleElement" and arg = index.toString()
|
||||
)
|
||||
or
|
||||
exists(string key |
|
||||
c = TDictionaryElementContent(key) and result = "DictionaryElement" and arg = key
|
||||
)
|
||||
or
|
||||
c = TDictionaryElementAnyContent() and result = "DictionaryElementAny" and arg = ""
|
||||
or
|
||||
exists(string attr | c = TAttributeContent(attr) and result = "Attribute" and arg = attr)
|
||||
)
|
||||
or
|
||||
exists(string key |
|
||||
cs = TDictionaryElementContent(key) and result = "DictionaryElement" and arg = key
|
||||
)
|
||||
cs.isAnyTupleElement() and result = "AnyTupleElement" and arg = ""
|
||||
or
|
||||
cs = TDictionaryElementAnyContent() and result = "DictionaryElementAny" and arg = ""
|
||||
cs.isAnyDictionaryElement() and result = "AnyDictionaryElement" and arg = ""
|
||||
or
|
||||
exists(string attr | cs = TAttributeContent(attr) and result = "Attribute" and arg = attr)
|
||||
cs.isAnyTupleOrDictionaryElement() and result = "AnyTupleOrDictionaryElement" and arg = ""
|
||||
}
|
||||
|
||||
bindingset[token]
|
||||
@@ -139,27 +147,29 @@ module Private {
|
||||
predicate withContent = SC::withContent/1;
|
||||
|
||||
/** Gets a summary component that represents a list element. */
|
||||
SummaryComponent listElement() { result = content(any(ListElementContent c)) }
|
||||
SummaryComponent listElement() { result = content(singleton(any(ListElementContent c))) }
|
||||
|
||||
/** Gets a summary component that represents a set element. */
|
||||
SummaryComponent setElement() { result = content(any(SetElementContent c)) }
|
||||
SummaryComponent setElement() { result = content(singleton(any(SetElementContent c))) }
|
||||
|
||||
/** Gets a summary component that represents a tuple element. */
|
||||
SummaryComponent tupleElement(int index) {
|
||||
exists(TupleElementContent c | c.getIndex() = index and result = content(c))
|
||||
exists(TupleElementContent c | c.getIndex() = index and result = content(singleton(c)))
|
||||
}
|
||||
|
||||
/** Gets a summary component that represents a dictionary element. */
|
||||
SummaryComponent dictionaryElement(string key) {
|
||||
exists(DictionaryElementContent c | c.getKey() = key and result = content(c))
|
||||
exists(DictionaryElementContent c | c.getKey() = key and result = content(singleton(c)))
|
||||
}
|
||||
|
||||
/** Gets a summary component that represents a dictionary element at any key. */
|
||||
SummaryComponent dictionaryElementAny() { result = content(any(DictionaryElementAnyContent c)) }
|
||||
SummaryComponent dictionaryElementAny() {
|
||||
result = content(singleton(any(DictionaryElementAnyContent c)))
|
||||
}
|
||||
|
||||
/** Gets a summary component that represents an attribute element. */
|
||||
SummaryComponent attribute(string attr) {
|
||||
exists(AttributeContent c | c.getAttribute() = attr and result = content(c))
|
||||
exists(AttributeContent c | c.getAttribute() = attr and result = content(singleton(c)))
|
||||
}
|
||||
|
||||
/** Gets a summary component that represents the return value of a call. */
|
||||
|
||||
@@ -11,12 +11,34 @@ private import semmle.python.ApiGraphs
|
||||
*/
|
||||
predicate defaultTaintSanitizer(DataFlow::Node node) { none() }
|
||||
|
||||
/**
|
||||
* Holds if default taint tracking should read content `contentSet` implicitly and
|
||||
* propagate taint from a container to reads of that content.
|
||||
*/
|
||||
private predicate defaultTaintReadContent(DataFlow::ContentSet contentSet) {
|
||||
// Tuple and dictionary content is precise, so use wildcard content sets to avoid
|
||||
// blowing up the size of `Stage1::readSetEx` (otherwise this predicate would
|
||||
// expand to one row per (node, distinct key or index) and the framework's
|
||||
// read-set relation grows quadratically). `ContentSet.getAReadContent` expands
|
||||
// these wildcards back to the specific contents when matching against stores.
|
||||
contentSet.isAnyTupleOrDictionaryElement()
|
||||
or
|
||||
// List and set element content is already imprecise, so no wildcard expansion is
|
||||
// needed.
|
||||
contentSet.getAStoreContent() instanceof DataFlow::ListElementContent
|
||||
or
|
||||
contentSet.getAStoreContent() instanceof DataFlow::SetElementContent
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if default `TaintTracking::Configuration`s should allow implicit reads
|
||||
* of `c` at sinks and inputs to additional taint steps.
|
||||
*/
|
||||
bindingset[node]
|
||||
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet c) { none() }
|
||||
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet c) {
|
||||
exists(node) and
|
||||
defaultTaintReadContent(c)
|
||||
}
|
||||
|
||||
private module Cached {
|
||||
/**
|
||||
@@ -128,11 +150,6 @@ predicate stringManipulation(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeT
|
||||
nodeFrom.getNode() = object and
|
||||
method_name in ["partition", "rpartition", "rsplit", "split", "splitlines"]
|
||||
or
|
||||
// Iterable[str] -> str
|
||||
// TODO: check if these should be handled differently in regards to content
|
||||
method_name = "join" and
|
||||
nodeFrom.getNode() = call.getArg(0)
|
||||
or
|
||||
// Mapping[str, Any] -> str
|
||||
method_name = "format_map" and
|
||||
nodeFrom.getNode() = call.getArg(0)
|
||||
@@ -161,32 +178,21 @@ predicate stringManipulation(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeT
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if taint can flow from `nodeFrom` to `nodeTo` with a step related to containers
|
||||
* (lists/sets/dictionaries): literals, constructor invocation, methods. Note that this
|
||||
* is currently very imprecise, as an example, since we model `dict.get`, we treat any
|
||||
* `<tainted object>.get(<arg>)` will be tainted, whether it's true or not.
|
||||
* Holds if taint can flow from `nodeFrom` to `nodeTo` with a step related to reading
|
||||
* content from containers (lists/sets/dictionaries/tuples): subscripts, iteration,
|
||||
* constructor invocation, methods.
|
||||
*/
|
||||
predicate containerStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
|
||||
// construction by literal
|
||||
//
|
||||
// TODO: once we have proper flow-summary modeling, we might not need this step any
|
||||
// longer -- but there needs to be a matching read-step for the store-step, and we
|
||||
// don't provide that right now.
|
||||
DataFlowPrivate::listStoreStep(nodeFrom, _, nodeTo)
|
||||
or
|
||||
DataFlowPrivate::setStoreStep(nodeFrom, _, nodeTo)
|
||||
or
|
||||
DataFlowPrivate::tupleStoreStep(nodeFrom, _, nodeTo)
|
||||
or
|
||||
DataFlowPrivate::dictStoreStep(nodeFrom, _, nodeTo)
|
||||
or
|
||||
// comprehension, so there is taint-flow from `x` in `[x for x in xs]` to the
|
||||
// resulting list of the list-comprehension.
|
||||
//
|
||||
// TODO: once we have proper flow-summary modeling, we might not need this step any
|
||||
// longer -- but there needs to be a matching read-step for the store-step, and we
|
||||
// don't provide that right now.
|
||||
DataFlowPrivate::yieldStoreStep(nodeFrom, _, nodeTo)
|
||||
exists(DataFlow::ContentSet contentSet |
|
||||
DataFlowPrivate::readStep(nodeFrom, contentSet, nodeTo) and
|
||||
exists(DataFlow::Content c | c = contentSet.getAReadContent() |
|
||||
c instanceof DataFlow::TupleElementContent or
|
||||
c instanceof DataFlow::DictionaryElementContent or
|
||||
c instanceof DataFlow::DictionaryElementAnyContent or
|
||||
c instanceof DataFlow::ListElementContent or
|
||||
c instanceof DataFlow::SetElementContent
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -170,13 +170,7 @@ module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
|
||||
|
||||
/** Holds if there is a level step from `nodeFrom` to `nodeTo`, which may depend on the call graph. */
|
||||
predicate levelStepCall(Node nodeFrom, LocalSourceNode nodeTo) {
|
||||
// HOTFIX: `instanceFieldStep` is temporarily disabled (via `and none()`).
|
||||
// It uses `classInstanceTracker(cls)` -- itself a type-tracker run --
|
||||
// from inside `levelStepCall`, creating a structural mutual recursion
|
||||
// that causes catastrophic query slowdowns on some OOP-heavy Python
|
||||
// codebases (e.g. mypy and dask). The `and none()` should be removed
|
||||
// once that recursion is redesigned.
|
||||
instanceFieldStep(nodeFrom, nodeTo) and none()
|
||||
instanceFieldStep(nodeFrom, nodeTo)
|
||||
or
|
||||
inheritedFieldStep(nodeFrom, nodeTo)
|
||||
}
|
||||
@@ -255,7 +249,7 @@ module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
|
||||
// is only fed set/list content)
|
||||
not nodeFrom instanceof DataFlowPublic::IterableElementNode
|
||||
or
|
||||
TypeTrackerSummaryFlow::basicStoreStep(nodeFrom, nodeTo, content)
|
||||
TypeTrackerSummaryFlow::basicStoreStep(nodeFrom, nodeTo, DataFlowPublic::singleton(content))
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -286,14 +280,15 @@ module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
|
||||
nodeFrom.asCfgNode() instanceof SequenceNode
|
||||
)
|
||||
or
|
||||
TypeTrackerSummaryFlow::basicLoadStep(nodeFrom, nodeTo, content)
|
||||
TypeTrackerSummaryFlow::basicLoadStep(nodeFrom, nodeTo, DataFlowPublic::singleton(content))
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if the `loadContent` of `nodeFrom` is stored in the `storeContent` of `nodeTo`.
|
||||
*/
|
||||
predicate loadStoreStep(Node nodeFrom, Node nodeTo, Content loadContent, Content storeContent) {
|
||||
TypeTrackerSummaryFlow::basicLoadStoreStep(nodeFrom, nodeTo, loadContent, storeContent)
|
||||
TypeTrackerSummaryFlow::basicLoadStoreStep(nodeFrom, nodeTo,
|
||||
DataFlowPublic::singleton(loadContent), DataFlowPublic::singleton(storeContent))
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -4245,6 +4245,7 @@ module StdlibPrivate {
|
||||
)
|
||||
// TODO: Once we have DictKeyContent, we need to transform that into ListElementContent
|
||||
) and
|
||||
// Element content is mutated into list element content
|
||||
output = "ReturnValue.ListElement" and
|
||||
preservesValue = true
|
||||
or
|
||||
@@ -4271,11 +4272,9 @@ module StdlibPrivate {
|
||||
preservesValue = true
|
||||
)
|
||||
or
|
||||
// TODO: We need to also translate iterable content such as list element
|
||||
// but we currently lack TupleElementAny
|
||||
input = "Argument[0]" and
|
||||
input = "Argument[0].ListElement" and
|
||||
output = "ReturnValue" and
|
||||
preservesValue = false
|
||||
preservesValue = true
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4970,6 +4969,26 @@ module StdlibPrivate {
|
||||
}
|
||||
}
|
||||
|
||||
/** A flow summary for `str.join`. */
|
||||
class StrJoinSummary extends SummarizedCallable::Range {
|
||||
StrJoinSummary() { this = "str.join" }
|
||||
|
||||
override DataFlow::CallCfgNode getACall() { result.(DataFlow::MethodCallNode).calls(_, "join") }
|
||||
|
||||
override DataFlow::ArgumentNode getACallback() {
|
||||
result.(DataFlow::AttrRead).getAttributeName() = "join"
|
||||
}
|
||||
|
||||
override predicate propagatesFlow(string input, string output, boolean preservesValue) {
|
||||
(
|
||||
// For code like `" ".join([name])`
|
||||
input = "Argument[0,iterable:].ListElement" and
|
||||
preservesValue = true
|
||||
) and
|
||||
output = "ReturnValue"
|
||||
}
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// asyncio
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
6
python/ql/lib/semmle/python/frameworks/lxml.model.yml
Normal file
6
python/ql/lib/semmle/python/frameworks/lxml.model.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/python-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ['lxml', 'Member[etree].Member[fromstringlist]', 'Argument[0,strings:].ListElement', 'ReturnValue', 'taint']
|
||||
6
python/ql/lib/semmle/python/frameworks/xml.model.yml
Normal file
6
python/ql/lib/semmle/python/frameworks/xml.model.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/python-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ['xml', 'Member[etree].Member[fromstringlist]', 'Argument[0,strings:].ListElement', 'ReturnValue', 'taint']
|
||||
@@ -61,10 +61,11 @@ module EscapingCaptureFlowConfig implements DataFlow::ConfigSig {
|
||||
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {
|
||||
isSink(node) and
|
||||
(
|
||||
cs.(DataFlow::TupleElementContent).getIndex() in [0 .. 10] or
|
||||
cs instanceof DataFlow::ListElementContent or
|
||||
cs instanceof DataFlow::SetElementContent or
|
||||
cs instanceof DataFlow::DictionaryElementAnyContent
|
||||
cs.isAnyTupleOrDictionaryElement()
|
||||
or
|
||||
cs.getAStoreContent() instanceof DataFlow::ListElementContent
|
||||
or
|
||||
cs.getAStoreContent() instanceof DataFlow::SetElementContent
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,11 +3,15 @@ edges
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result [List element] | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result [List element] | provenance | list.append |
|
||||
| TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result [List element] | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result [List element] | provenance | |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result [List element] | provenance | list.append |
|
||||
| TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | provenance | |
|
||||
@@ -34,16 +38,19 @@ edges
|
||||
| TarSlipImprov.py:142:9:142:13 | ControlFlowNode for entry | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | provenance | |
|
||||
| TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | provenance | Config |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | provenance | |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | provenance | |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield [List element] | TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() [List element] | provenance | |
|
||||
| TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield [List element] | provenance | |
|
||||
| TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm [List element] | TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc [List element] | provenance | |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | provenance | |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() [List element] | TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm [List element] | provenance | |
|
||||
| TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | provenance | |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | provenance | Config |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc [List element] | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | TarSlipImprov.py:177:9:177:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:177:9:177:13 | ControlFlowNode for entry | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | provenance | |
|
||||
@@ -60,7 +67,9 @@ edges
|
||||
| TarSlipImprov.py:231:43:231:52 | ControlFlowNode for corpus_tar | TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | provenance | |
|
||||
| TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | provenance | |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | provenance | |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members [List element] | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | provenance | |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | provenance | list.append |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members [List element] | provenance | list.append |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:258:31:258:33 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:258:31:258:33 | ControlFlowNode for tar | TarSlipImprov.py:259:9:259:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:259:9:259:13 | ControlFlowNode for entry | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | provenance | |
|
||||
@@ -85,19 +94,24 @@ edges
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:304:1:304:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:306:5:306:10 | ControlFlowNode for member | TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result [List element] | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result [List element] | provenance | list.append |
|
||||
nodes
|
||||
| TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result [List element] | semmle.label | [post] ControlFlowNode for result [List element] |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | semmle.label | ControlFlowNode for tarfile |
|
||||
| TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result [List element] | semmle.label | [post] ControlFlowNode for result [List element] |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result [List element] | semmle.label | ControlFlowNode for result [List element] |
|
||||
| TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | semmle.label | ControlFlowNode for members_filter1() |
|
||||
@@ -133,14 +147,17 @@ nodes
|
||||
| TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | semmle.label | ControlFlowNode for closing() |
|
||||
| TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | semmle.label | ControlFlowNode for tf |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | semmle.label | ControlFlowNode for Yield |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield [List element] | semmle.label | ControlFlowNode for Yield [List element] |
|
||||
| TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | semmle.label | ControlFlowNode for tf |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | semmle.label | ControlFlowNode for tar_cm |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm [List element] | semmle.label | ControlFlowNode for tar_cm [List element] |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | semmle.label | ControlFlowNode for py2_tarxz() |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() [List element] | semmle.label | ControlFlowNode for py2_tarxz() [List element] |
|
||||
| TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | semmle.label | ControlFlowNode for tar_cm |
|
||||
| TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | semmle.label | ControlFlowNode for closing() |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc [List element] | semmle.label | ControlFlowNode for tarc [List element] |
|
||||
| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
@@ -163,6 +180,7 @@ nodes
|
||||
| TarSlipImprov.py:231:43:231:52 | ControlFlowNode for corpus_tar | semmle.label | ControlFlowNode for corpus_tar |
|
||||
| TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | semmle.label | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | semmle.label | [post] ControlFlowNode for members |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members [List element] | semmle.label | [post] ControlFlowNode for members [List element] |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | semmle.label | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | semmle.label | ControlFlowNode for members |
|
||||
| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
@@ -198,11 +216,13 @@ nodes
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:306:5:306:10 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result [List element] | semmle.label | [post] ControlFlowNode for result [List element] |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
subpaths
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result [List element] | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
|
||||
#select
|
||||
| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | ControlFlowNode for members_filter1() |
|
||||
|
||||
@@ -93,7 +93,9 @@ edges
|
||||
| UnsafeUnpack.py:163:23:163:28 | ControlFlowNode for member | UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | provenance | |
|
||||
| UnsafeUnpack.py:163:33:163:35 | ControlFlowNode for tar | UnsafeUnpack.py:163:23:163:28 | ControlFlowNode for member | provenance | |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | provenance | |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result [List element] | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | provenance | |
|
||||
| UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result [List element] | provenance | list.append |
|
||||
| UnsafeUnpack.py:171:1:171:8 | ControlFlowNode for response | UnsafeUnpack.py:174:15:174:22 | ControlFlowNode for response | provenance | |
|
||||
| UnsafeUnpack.py:171:12:171:50 | ControlFlowNode for Attribute() | UnsafeUnpack.py:171:1:171:8 | ControlFlowNode for response | provenance | |
|
||||
| UnsafeUnpack.py:173:11:173:17 | ControlFlowNode for tarpath | UnsafeUnpack.py:176:17:176:23 | ControlFlowNode for tarpath | provenance | |
|
||||
@@ -189,6 +191,7 @@ nodes
|
||||
| UnsafeUnpack.py:163:23:163:28 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| UnsafeUnpack.py:163:33:163:35 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result [List element] | semmle.label | [post] ControlFlowNode for result [List element] |
|
||||
| UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:171:1:171:8 | ControlFlowNode for response | semmle.label | ControlFlowNode for response |
|
||||
|
||||
@@ -3,8 +3,10 @@ edges
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:20:45:20:47 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:23:41:23:57 | ControlFlowNode for List | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:23:43:23:45 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:23:42:23:56 | ControlFlowNode for List [List element] | Netmiko.py:23:41:23:57 | ControlFlowNode for List | provenance | |
|
||||
| Netmiko.py:23:43:23:45 | ControlFlowNode for cmd | Netmiko.py:23:42:23:56 | ControlFlowNode for List [List element] | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:18:18:18:20 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:24:42:24:44 | ControlFlowNode for cmd | provenance | |
|
||||
@@ -32,6 +34,8 @@ nodes
|
||||
| Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:23:41:23:57 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
| Netmiko.py:23:42:23:56 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| Netmiko.py:23:43:23:45 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
|
||||
@@ -14,6 +14,7 @@ edges
|
||||
| xslt.py:10:17:10:43 | ControlFlowNode for Attribute() | xslt.py:10:5:10:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xslt.py:11:5:11:13 | ControlFlowNode for xslt_root | xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | xslt.py:11:5:11:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:3:26:3:32 | ControlFlowNode for request | provenance | |
|
||||
@@ -28,6 +29,7 @@ edges
|
||||
| xsltInjection.py:10:17:10:43 | ControlFlowNode for Attribute() | xsltInjection.py:10:5:10:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:11:5:11:13 | ControlFlowNode for xslt_root | xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | xsltInjection.py:11:5:11:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:17:5:17:13 | ControlFlowNode for xsltQuery | xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
@@ -36,6 +38,7 @@ edges
|
||||
| xsltInjection.py:17:17:17:43 | ControlFlowNode for Attribute() | xsltInjection.py:17:5:17:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:18:5:18:13 | ControlFlowNode for xslt_root | xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | xsltInjection.py:18:5:18:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:26:5:26:13 | ControlFlowNode for xsltQuery | xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
@@ -44,6 +47,7 @@ edges
|
||||
| xsltInjection.py:26:17:26:43 | ControlFlowNode for Attribute() | xsltInjection.py:26:5:26:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:27:5:27:13 | ControlFlowNode for xslt_root | xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | xsltInjection.py:27:5:27:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:35:5:35:13 | ControlFlowNode for xsltQuery | xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | provenance | |
|
||||
@@ -52,17 +56,22 @@ edges
|
||||
| xsltInjection.py:35:17:35:43 | ControlFlowNode for Attribute() | xsltInjection.py:35:5:35:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:36:5:36:13 | ControlFlowNode for xslt_root | xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | xsltInjection.py:36:5:36:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | provenance | |
|
||||
| xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | xsltInjection.py:45:20:45:28 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:44:17:44:23 | ControlFlowNode for request | xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | provenance | |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings [List element] | xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | provenance | |
|
||||
| xsltInjection.py:45:19:45:44 | ControlFlowNode for List [List element] | xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings [List element] | provenance | |
|
||||
| xsltInjection.py:45:20:45:28 | ControlFlowNode for xsltQuery | xsltInjection.py:45:19:45:44 | ControlFlowNode for List [List element] | provenance | |
|
||||
| xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | MaD:58660 |
|
||||
nodes
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
@@ -112,9 +121,11 @@ nodes
|
||||
| xsltInjection.py:44:17:44:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | semmle.label | ControlFlowNode for xsltStrings |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings [List element] | semmle.label | ControlFlowNode for xsltStrings [List element] |
|
||||
| xsltInjection.py:45:19:45:44 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| xsltInjection.py:45:20:45:28 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | semmle.label | ControlFlowNode for xsltStrings |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | semmle.label | ControlFlowNode for xsltStrings [List element] |
|
||||
| xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
subpaths
|
||||
|
||||
@@ -32,11 +32,13 @@ edges
|
||||
| agent_instructions.py:7:5:7:9 | ControlFlowNode for input | agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:11 |
|
||||
| agent_instructions.py:7:13:7:19 | ControlFlowNode for request | agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | provenance | dict.get(input) |
|
||||
| agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | agent_instructions.py:7:5:7:9 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:25:28:25:32 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:35:28:35:32 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:13:17:19 | ControlFlowNode for request | agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | provenance | dict.get(input) |
|
||||
| agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | agent_instructions.py:17:5:17:9 | ControlFlowNode for input | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for request | anthropic_test.py:11:15:11:21 | ControlFlowNode for request | provenance | |
|
||||
@@ -61,7 +63,7 @@ edges
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for request | openai_test.py:13:13:13:19 | ControlFlowNode for request | provenance | |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:8 |
|
||||
@@ -72,7 +74,7 @@ edges
|
||||
| openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | openai_test.py:12:5:12:11 | ControlFlowNode for persona | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:18:15:18:19 | ControlFlowNode for query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:33:33:33:37 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:33:33:33:37 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:42:15:42:19 | ControlFlowNode for query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:53:33:53:37 | ControlFlowNode for query | provenance | |
|
||||
@@ -82,6 +84,14 @@ edges
|
||||
| openai_test.py:13:13:13:19 | ControlFlowNode for request | openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | openai_test.py:13:5:13:9 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:24:13:27:13 | ControlFlowNode for Dict [Dictionary element at key content] | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 Sink:MaD:9 |
|
||||
| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | openai_test.py:24:13:27:13 | ControlFlowNode for Dict [Dictionary element at key content] | provenance | |
|
||||
| openai_test.py:28:13:36:13 | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 Sink:MaD:9 |
|
||||
| openai_test.py:28:13:36:13 | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 Sink:MaD:9 Sink:MaD:9 |
|
||||
| openai_test.py:28:13:36:13 | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 Sink:MaD:9 Sink:MaD:9 Sink:MaD:9 |
|
||||
| openai_test.py:30:28:35:17 | ControlFlowNode for List [List element, Dictionary element at key text] | openai_test.py:28:13:36:13 | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] | provenance | |
|
||||
| openai_test.py:31:21:34:21 | ControlFlowNode for Dict [Dictionary element at key text] | openai_test.py:30:28:35:17 | ControlFlowNode for List [List element, Dictionary element at key text] | provenance | |
|
||||
| openai_test.py:33:33:33:37 | ControlFlowNode for query | openai_test.py:31:21:34:21 | ControlFlowNode for Dict [Dictionary element at key text] | provenance | |
|
||||
models
|
||||
| 1 | Sink: Anthropic; Member[beta].Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]; prompt-injection |
|
||||
| 2 | Sink: Anthropic; Member[beta].Member[messages].Member[create].Argument[system:]; prompt-injection |
|
||||
@@ -140,7 +150,13 @@ nodes
|
||||
| openai_test.py:18:15:18:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:23:15:37:9 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
| openai_test.py:24:13:27:13 | ControlFlowNode for Dict [Dictionary element at key content] | semmle.label | ControlFlowNode for Dict [Dictionary element at key content] |
|
||||
| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:28:13:36:13 | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] | semmle.label | ControlFlowNode for Dict [Dictionary element at key content, List element, Dictionary element at key text] |
|
||||
| openai_test.py:30:28:35:17 | ControlFlowNode for List [List element, Dictionary element at key text] | semmle.label | ControlFlowNode for List [List element, Dictionary element at key text] |
|
||||
| openai_test.py:31:21:34:21 | ControlFlowNode for Dict [Dictionary element at key text] | semmle.label | ControlFlowNode for Dict [Dictionary element at key text] |
|
||||
| openai_test.py:33:33:33:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:33:33:33:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:42:15:42:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
|
||||
@@ -131,6 +131,5 @@ from unknown_settings import password # $ SensitiveDataSource=password
|
||||
print(password) # $ SensitiveUse=password
|
||||
_config = {"sleep_timer": 5, "mysql_password": password}
|
||||
|
||||
# since we have taint-step from store of `password`, we will consider any item in the
|
||||
# dictionary to be a password :(
|
||||
print(_config["sleep_timer"]) # $ SPURIOUS: SensitiveUse=password
|
||||
# since we have precise dictionary content, other items of the config are not tainted
|
||||
print(_config["sleep_timer"])
|
||||
|
||||
@@ -7,13 +7,9 @@ edges
|
||||
| summaries.py:36:38:36:38 | ControlFlowNode for x | summaries.py:36:41:36:45 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() | provenance | apply_lambda |
|
||||
| summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | summaries.py:36:38:36:38 | ControlFlowNode for x | provenance | apply_lambda |
|
||||
| summaries.py:44:1:44:12 | ControlFlowNode for tainted_list | summaries.py:45:6:45:20 | ControlFlowNode for Subscript | provenance | |
|
||||
| summaries.py:44:1:44:12 | ControlFlowNode for tainted_list [List element] | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | provenance | |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() | summaries.py:44:1:44:12 | ControlFlowNode for tainted_list | provenance | |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | summaries.py:44:1:44:12 | ControlFlowNode for tainted_list [List element] | provenance | |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List | summaries.py:44:16:44:33 | ControlFlowNode for reversed() | provenance | builtins.reversed |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | provenance | builtins.reversed |
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List | provenance | |
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | provenance | |
|
||||
| summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | summaries.py:45:6:45:20 | ControlFlowNode for Subscript | provenance | |
|
||||
| summaries.py:48:15:48:15 | ControlFlowNode for x | summaries.py:49:12:49:18 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
@@ -42,6 +38,7 @@ edges
|
||||
| summaries.py:67:1:67:18 | ControlFlowNode for tainted_resultlist | summaries.py:68:6:68:26 | ControlFlowNode for Subscript | provenance | |
|
||||
| summaries.py:67:1:67:18 | ControlFlowNode for tainted_resultlist [List element] | summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] | provenance | |
|
||||
| summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] | summaries.py:67:1:67:18 | ControlFlowNode for tainted_resultlist [List element] | provenance | |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:67:1:67:18 | ControlFlowNode for tainted_resultlist | provenance | |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:67:1:67:18 | ControlFlowNode for tainted_resultlist | provenance | Decoding-JSON |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] | provenance | json.loads |
|
||||
| summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] | summaries.py:68:6:68:26 | ControlFlowNode for Subscript | provenance | |
|
||||
@@ -56,11 +53,8 @@ nodes
|
||||
| summaries.py:36:41:36:45 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda | semmle.label | ControlFlowNode for tainted_lambda |
|
||||
| summaries.py:44:1:44:12 | ControlFlowNode for tainted_list | semmle.label | ControlFlowNode for tainted_list |
|
||||
| summaries.py:44:1:44:12 | ControlFlowNode for tainted_list [List element] | semmle.label | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() | semmle.label | ControlFlowNode for reversed() |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | semmle.label | ControlFlowNode for reversed() [List element] |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | semmle.label | ControlFlowNode for tainted_list [List element] |
|
||||
|
||||
@@ -32,7 +32,6 @@ def test_construction():
|
||||
list(tainted_tuple), # $ tainted
|
||||
list(tainted_set), # $ tainted
|
||||
list(tainted_dict.values()), # $ tainted
|
||||
list(tainted_dict.items()), # $ tainted
|
||||
|
||||
tuple(tainted_list), # $ tainted
|
||||
set(tainted_list), # $ tainted
|
||||
@@ -41,10 +40,11 @@ def test_construction():
|
||||
dict(k = tainted_string)["k"], # $ tainted
|
||||
dict(dict(k = tainted_string))["k"], # $ tainted
|
||||
dict(["k", tainted_string]), # $ tainted
|
||||
list(tainted_dict.items()), # $ tainted
|
||||
)
|
||||
|
||||
ensure_not_tainted(
|
||||
dict(k = tainted_string)["k1"]
|
||||
dict(k = tainted_string)["k1"],
|
||||
)
|
||||
|
||||
|
||||
@@ -59,7 +59,7 @@ def test_access(x, y, z):
|
||||
sorted(tainted_list), # $ tainted
|
||||
reversed(tainted_list), # $ tainted
|
||||
iter(tainted_list), # $ tainted
|
||||
next(iter(tainted_list)), # $ MISSING: tainted
|
||||
next(iter(tainted_list)), # $ tainted
|
||||
[i for i in tainted_list], # $ tainted
|
||||
[tainted_list for _i in [1,2,3]], # $ tainted
|
||||
)
|
||||
|
||||
@@ -53,7 +53,7 @@ def contrived_1():
|
||||
|
||||
(a, b, c), (d, e, f) = tainted_list, no_taint_list
|
||||
ensure_tainted(a, b, c) # $ tainted
|
||||
ensure_not_tainted(d, e, f) # $ SPURIOUS: tainted
|
||||
ensure_not_tainted(d, e, f)
|
||||
|
||||
|
||||
def contrived_2():
|
||||
|
||||
@@ -157,7 +157,7 @@ class MyClass2(object):
|
||||
print(self.foo) # $ tracked MISSING: tracked=foo
|
||||
|
||||
instance = MyClass2()
|
||||
print(instance.foo) # $ MISSING: tracked=foo tracked
|
||||
print(instance.foo) # $ tracked MISSING: tracked=foo
|
||||
instance.print_foo() # $ MISSING: tracked=foo
|
||||
|
||||
|
||||
@@ -195,7 +195,7 @@ class Sub1(Base1):
|
||||
|
||||
sub1 = Sub1()
|
||||
sub1.read_foo()
|
||||
print(sub1.foo) # $ MISSING: tracked=foo tracked
|
||||
print(sub1.foo) # $ tracked MISSING: tracked=foo
|
||||
|
||||
|
||||
# attribute written in a subclass method, read in an inherited base class method
|
||||
@@ -210,7 +210,7 @@ class Sub2(Base2):
|
||||
|
||||
sub2 = Sub2()
|
||||
sub2.read_bar()
|
||||
print(sub2.bar) # $ MISSING: tracked=bar tracked
|
||||
print(sub2.bar) # $ tracked MISSING: tracked=bar
|
||||
|
||||
|
||||
# attribute written in a base class method, read on an instance of the subclass
|
||||
@@ -223,4 +223,4 @@ class Sub3(Base3):
|
||||
pass
|
||||
|
||||
sub3 = Sub3()
|
||||
print(sub3.baz) # $ MISSING: tracked=baz tracked
|
||||
print(sub3.baz) # $ tracked MISSING: tracked=baz
|
||||
|
||||
@@ -3,10 +3,12 @@ edges
|
||||
| taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | taint_step_test.py:5:5:5:8 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:6:5:6:8 | ControlFlowNode for file | taint_step_test.py:19:48:19:51 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | taint_step_test.py:6:5:6:8 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:33:12:36 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:12:20:12:43 | ControlFlowNode for Attribute() | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:12:33:12:36 | ControlFlowNode for path | taint_step_test.py:12:20:12:43 | ControlFlowNode for Attribute() | provenance | str.join |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | taint_step_test.py:11:18:11:21 | ControlFlowNode for path | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | taint_step_test.py:11:24:11:27 | ControlFlowNode for file | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
@@ -17,6 +19,8 @@ nodes
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:12:20:12:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| taint_step_test.py:12:33:12:36 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
|
||||
@@ -6,16 +6,16 @@ pat = ... # some pattern
|
||||
compiled_pat = re.compile(pat)
|
||||
|
||||
# see https://docs.python.org/3/library/re.html#functions
|
||||
ensure_not_tainted(
|
||||
# returns Match object, which is tested properly below. (note: with the flow summary
|
||||
# modeling, objects containing tainted values are not themselves tainted).
|
||||
re.search(pat, ts),
|
||||
re.match(pat, ts),
|
||||
re.fullmatch(pat, ts),
|
||||
ensure_tainted(
|
||||
# returns Match object, which is tested properly below. (note: the match objects contain
|
||||
# tainted values but are not themselves tainted - this test relies on implicit reads at sinks).
|
||||
re.search(pat, ts), # $ tainted
|
||||
re.match(pat, ts), # $ tainted
|
||||
re.fullmatch(pat, ts), # $ tainted
|
||||
|
||||
compiled_pat.search(ts),
|
||||
compiled_pat.match(ts),
|
||||
compiled_pat.fullmatch(ts),
|
||||
compiled_pat.search(ts), # $ tainted
|
||||
compiled_pat.match(ts), # $ tainted
|
||||
compiled_pat.fullmatch(ts), # $ tainted
|
||||
)
|
||||
|
||||
# Match object
|
||||
@@ -80,9 +80,9 @@ ensure_tainted(
|
||||
)
|
||||
|
||||
ensure_not_tainted(
|
||||
re.subn(pat, repl="safe", string=ts),
|
||||
re.subn(pat, repl="safe", string=ts)[1], # // the number of substitutions made
|
||||
)
|
||||
ensure_tainted(
|
||||
re.subn(pat, repl="safe", string=ts), # $ tainted // implicit read at sink
|
||||
re.subn(pat, repl="safe", string=ts)[0], # $ tainted // the string
|
||||
)
|
||||
|
||||
@@ -63,7 +63,8 @@ class TaintTest(tornado.web.RequestHandler):
|
||||
request.headers["header-name"], # $ tainted
|
||||
request.headers.get_list("header-name"), # $ tainted
|
||||
request.headers.get_all(), # $ tainted
|
||||
[(k, v) for (k, v) in request.headers.get_all()], # $ tainted
|
||||
[(k, v) for (k, v) in request.headers.get_all()][0], # $ tainted
|
||||
list([(k, v) for (k, v) in request.headers.get_all()])[0], # $ tainted
|
||||
|
||||
# Dict[str, http.cookies.Morsel]
|
||||
request.cookies, # $ tainted
|
||||
@@ -71,6 +72,11 @@ class TaintTest(tornado.web.RequestHandler):
|
||||
request.cookies["cookie-name"].key, # $ tainted
|
||||
request.cookies["cookie-name"].value, # $ tainted
|
||||
request.cookies["cookie-name"].coded_value, # $ tainted
|
||||
|
||||
# The comprehension is not tainted, only the elements, but this passes due to implicit reads at sinks
|
||||
[(k, v) for (k, v) in request.headers.get_all()], # $ tainted
|
||||
# The list is not tainted, only the elements, but this passes due to implicit reads at sinks
|
||||
list([(k, v) for (k, v) in request.headers.get_all()]), # $ tainted
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -11,10 +11,13 @@
|
||||
edges
|
||||
| BindToAllInterfaces_test.py:5:9:5:17 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:5:9:5:24 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:9:9:9:10 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | provenance | |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:17:9:17:18 | ControlFlowNode for ALL_LOCALS | provenance | |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:20:8:20:17 | ControlFlowNode for ALL_LOCALS | provenance | |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | provenance | |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:17:9:17:18 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup [Tuple element at index 0] | BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:20:8:20:17 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:20:8:20:23 | ControlFlowNode for Tuple [Tuple element at index 0] | provenance | |
|
||||
| BindToAllInterfaces_test.py:20:8:20:23 | ControlFlowNode for Tuple [Tuple element at index 0] | BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup [Tuple element at index 0] | provenance | |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:33:18:33:21 | ControlFlowNode for self [Return] [Attribute bind_addr] | BindToAllInterfaces_test.py:41:10:41:17 | ControlFlowNode for Server() [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:34:9:34:12 | [post] ControlFlowNode for self [Attribute bind_addr] | BindToAllInterfaces_test.py:33:18:33:21 | ControlFlowNode for self [Return] [Attribute bind_addr] | provenance | |
|
||||
@@ -25,9 +28,10 @@ edges
|
||||
| BindToAllInterfaces_test.py:41:1:41:6 | ControlFlowNode for server [Attribute bind_addr] | BindToAllInterfaces_test.py:42:1:42:6 | ControlFlowNode for server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:41:10:41:17 | ControlFlowNode for Server() [Attribute bind_addr] | BindToAllInterfaces_test.py:41:1:41:6 | ControlFlowNode for server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:42:1:42:6 | ControlFlowNode for server [Attribute bind_addr] | BindToAllInterfaces_test.py:37:15:37:18 | ControlFlowNode for self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | BindToAllInterfaces_test.py:48:9:48:12 | ControlFlowNode for host | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| BindToAllInterfaces_test.py:48:9:48:12 | ControlFlowNode for host | BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:58:10:58:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:58:10:58:25 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
nodes
|
||||
@@ -37,8 +41,11 @@ nodes
|
||||
| BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | semmle.label | ControlFlowNode for ALL_LOCALS |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:17:9:17:18 | ControlFlowNode for ALL_LOCALS | semmle.label | ControlFlowNode for ALL_LOCALS |
|
||||
| BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | semmle.label | ControlFlowNode for tup |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup [Tuple element at index 0] | semmle.label | ControlFlowNode for tup [Tuple element at index 0] |
|
||||
| BindToAllInterfaces_test.py:20:8:20:17 | ControlFlowNode for ALL_LOCALS | semmle.label | ControlFlowNode for ALL_LOCALS |
|
||||
| BindToAllInterfaces_test.py:20:8:20:23 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
|
||||
| BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | semmle.label | ControlFlowNode for tup |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
@@ -55,6 +62,7 @@ nodes
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:48:9:48:12 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
|
||||
@@ -5,11 +5,13 @@ edges
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:34:12:34:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:42:12:42:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:54:12:54:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:13:5:13:12 | ControlFlowNode for data_raw | test.py:14:5:14:8 | ControlFlowNode for data | provenance | |
|
||||
| test.py:13:5:13:12 | ControlFlowNode for data_raw | test.py:14:5:14:8 | ControlFlowNode for data | provenance | Decoding-Base64 |
|
||||
| test.py:13:16:13:22 | ControlFlowNode for request | test.py:13:16:13:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:13:16:13:27 | ControlFlowNode for Attribute | test.py:13:16:13:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:13:16:13:39 | ControlFlowNode for Attribute() | test.py:13:5:13:12 | ControlFlowNode for data_raw | provenance | |
|
||||
| test.py:14:5:14:8 | ControlFlowNode for data | test.py:15:36:15:39 | ControlFlowNode for data | provenance | |
|
||||
| test.py:23:5:23:12 | ControlFlowNode for data_raw | test.py:24:5:24:8 | ControlFlowNode for data | provenance | |
|
||||
| test.py:23:5:23:12 | ControlFlowNode for data_raw | test.py:24:5:24:8 | ControlFlowNode for data | provenance | Decoding-Base64 |
|
||||
| test.py:23:16:23:22 | ControlFlowNode for request | test.py:23:16:23:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:23:16:23:27 | ControlFlowNode for Attribute | test.py:23:16:23:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
edges
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:5:25:5:28 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:8:23:8:26 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:11:34:11:37 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:14:35:14:38 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:17:32:17:35 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:20:27:20:30 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:11:34:11:37 | ControlFlowNode for name | src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | provenance | str.join |
|
||||
| src/unsafe_shell_test.py:14:34:14:39 | ControlFlowNode for List [List element] | src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | provenance | str.join |
|
||||
| src/unsafe_shell_test.py:14:35:14:38 | ControlFlowNode for name | src/unsafe_shell_test.py:14:34:14:39 | ControlFlowNode for List [List element] | provenance | |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | src/unsafe_shell_test.py:29:30:29:33 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:39:30:39:33 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:44:20:44:23 | ControlFlowNode for name | provenance | |
|
||||
@@ -15,7 +18,10 @@ nodes
|
||||
| src/unsafe_shell_test.py:5:25:5:28 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:8:23:8:26 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| src/unsafe_shell_test.py:11:34:11:37 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| src/unsafe_shell_test.py:14:34:14:39 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| src/unsafe_shell_test.py:14:35:14:38 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:17:32:17:35 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:20:27:20:30 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
|
||||
@@ -11,8 +11,10 @@ edges
|
||||
| reflected_xss.py:9:18:9:24 | ControlFlowNode for request | reflected_xss.py:9:18:9:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:9:18:9:29 | ControlFlowNode for Attribute | reflected_xss.py:9:18:9:45 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| reflected_xss.py:9:18:9:45 | ControlFlowNode for Attribute() | reflected_xss.py:9:5:9:14 | ControlFlowNode for first_name | provenance | |
|
||||
| reflected_xss.py:21:5:21:8 | ControlFlowNode for data | reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | provenance | |
|
||||
| reflected_xss.py:21:5:21:8 | ControlFlowNode for data | reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:21:23:21:29 | ControlFlowNode for request | reflected_xss.py:21:5:21:8 | ControlFlowNode for data | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:5:27:8 | ControlFlowNode for data | reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | provenance | |
|
||||
| reflected_xss.py:27:5:27:8 | ControlFlowNode for data | reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:23:27:29 | ControlFlowNode for request | reflected_xss.py:27:5:27:8 | ControlFlowNode for data | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
#select
|
||||
| app.py:23:20:23:24 | ControlFlowNode for query | app.py:20:18:20:21 | ControlFlowNode for name | app.py:23:20:23:24 | ControlFlowNode for query | This SQL query depends on a $@. | app.py:20:18:20:21 | ControlFlowNode for name | user-provided value |
|
||||
| app.py:30:20:30:24 | ControlFlowNode for query | app.py:27:19:27:22 | ControlFlowNode for name | app.py:30:20:30:24 | ControlFlowNode for query | This SQL query depends on a $@. | app.py:27:19:27:22 | ControlFlowNode for name | user-provided value |
|
||||
| app.py:37:20:37:24 | ControlFlowNode for query | app.py:34:19:34:22 | ControlFlowNode for name | app.py:37:20:37:24 | ControlFlowNode for query | This SQL query depends on a $@. | app.py:34:19:34:22 | ControlFlowNode for name | user-provided value |
|
||||
| app.py:44:20:44:24 | ControlFlowNode for query | app.py:41:19:41:22 | ControlFlowNode for name | app.py:44:20:44:24 | ControlFlowNode for query | This SQL query depends on a $@. | app.py:41:19:41:22 | ControlFlowNode for name | user-provided value |
|
||||
| app.py:51:20:51:24 | ControlFlowNode for query | app.py:48:19:48:22 | ControlFlowNode for name | app.py:51:20:51:24 | ControlFlowNode for query | This SQL query depends on a $@. | app.py:48:19:48:22 | ControlFlowNode for name | user-provided value |
|
||||
| sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | ControlFlowNode for username | user-provided value |
|
||||
@@ -24,6 +25,8 @@ edges
|
||||
| app.py:21:5:21:9 | ControlFlowNode for query | app.py:23:20:23:24 | ControlFlowNode for query | provenance | |
|
||||
| app.py:27:19:27:22 | ControlFlowNode for name | app.py:28:5:28:9 | ControlFlowNode for query | provenance | |
|
||||
| app.py:28:5:28:9 | ControlFlowNode for query | app.py:30:20:30:24 | ControlFlowNode for query | provenance | |
|
||||
| app.py:34:19:34:22 | ControlFlowNode for name | app.py:35:5:35:9 | ControlFlowNode for query | provenance | |
|
||||
| app.py:35:5:35:9 | ControlFlowNode for query | app.py:37:20:37:24 | ControlFlowNode for query | provenance | |
|
||||
| app.py:41:19:41:22 | ControlFlowNode for name | app.py:42:5:42:9 | ControlFlowNode for query | provenance | |
|
||||
| app.py:42:5:42:9 | ControlFlowNode for query | app.py:44:20:44:24 | ControlFlowNode for query | provenance | |
|
||||
| app.py:48:19:48:22 | ControlFlowNode for name | app.py:49:5:49:9 | ControlFlowNode for query | provenance | |
|
||||
@@ -51,6 +54,9 @@ nodes
|
||||
| app.py:27:19:27:22 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| app.py:28:5:28:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| app.py:30:20:30:24 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| app.py:34:19:34:22 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| app.py:35:5:35:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| app.py:37:20:37:24 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| app.py:41:19:41:22 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| app.py:42:5:42:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| app.py:44:20:44:24 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
|
||||
@@ -31,10 +31,10 @@ async def unsafe2(name: str): # $ Source
|
||||
cursor.close()
|
||||
|
||||
@app.get("/unsafe3/")
|
||||
async def unsafe3(name: str): # $ MISSING: Source
|
||||
async def unsafe3(name: str): # $ Source
|
||||
query = "select * from users where name=" + name
|
||||
cursor = hdb_con3.cursor()
|
||||
cursor.execute(query) # $ MISSING: Alert
|
||||
cursor.execute(query) # $ Alert
|
||||
cursor.close()
|
||||
|
||||
@app.get("/unsafe4/")
|
||||
|
||||
@@ -7,7 +7,8 @@ edges
|
||||
| test.py:50:29:50:31 | ControlFlowNode for err | test.py:50:16:50:32 | ControlFlowNode for format_error() | provenance | |
|
||||
| test.py:50:29:50:31 | ControlFlowNode for err | test.py:52:18:52:20 | ControlFlowNode for msg | provenance | |
|
||||
| test.py:52:18:52:20 | ControlFlowNode for msg | test.py:53:12:53:27 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| test.py:65:25:65:25 | ControlFlowNode for e | test.py:66:24:66:40 | ControlFlowNode for Dict | provenance | |
|
||||
| test.py:65:25:65:25 | ControlFlowNode for e | test.py:66:34:66:39 | ControlFlowNode for str() | provenance | |
|
||||
| test.py:66:34:66:39 | ControlFlowNode for str() | test.py:66:24:66:40 | ControlFlowNode for Dict | provenance | |
|
||||
nodes
|
||||
| test.py:16:16:16:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:23:25:23:25 | ControlFlowNode for e | semmle.label | ControlFlowNode for e |
|
||||
@@ -23,6 +24,7 @@ nodes
|
||||
| test.py:53:12:53:27 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| test.py:65:25:65:25 | ControlFlowNode for e | semmle.label | ControlFlowNode for e |
|
||||
| test.py:66:24:66:40 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| test.py:66:34:66:39 | ControlFlowNode for str() | semmle.label | ControlFlowNode for str() |
|
||||
subpaths
|
||||
| test.py:50:29:50:31 | ControlFlowNode for err | test.py:52:18:52:20 | ControlFlowNode for msg | test.py:53:12:53:27 | ControlFlowNode for BinaryExpr | test.py:50:16:50:32 | ControlFlowNode for format_error() |
|
||||
#select
|
||||
|
||||
@@ -23,7 +23,6 @@
|
||||
| test.py:70:15:70:25 | ControlFlowNode for bank_number | test.py:67:38:67:48 | ControlFlowNode for bank_number | test.py:70:15:70:25 | ControlFlowNode for bank_number | This expression logs $@ as clear text. | test.py:67:38:67:48 | ControlFlowNode for bank_number | sensitive data (private) |
|
||||
| test.py:73:15:73:17 | ControlFlowNode for ccn | test.py:67:76:67:78 | ControlFlowNode for ccn | test.py:73:15:73:17 | ControlFlowNode for ccn | This expression logs $@ as clear text. | test.py:67:76:67:78 | ControlFlowNode for ccn | sensitive data (private) |
|
||||
| test.py:74:15:74:22 | ControlFlowNode for user_ccn | test.py:67:81:67:88 | ControlFlowNode for user_ccn | test.py:74:15:74:22 | ControlFlowNode for user_ccn | This expression logs $@ as clear text. | test.py:67:81:67:88 | ControlFlowNode for user_ccn | sensitive data (private) |
|
||||
| test.py:105:11:105:31 | ControlFlowNode for Subscript | test.py:103:21:103:37 | ControlFlowNode for Attribute | test.py:105:11:105:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:103:21:103:37 | ControlFlowNode for Attribute | sensitive data (password) |
|
||||
edges
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:20:48:20:55 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:22:58:22:65 | ControlFlowNode for password | provenance | |
|
||||
@@ -48,8 +47,6 @@ edges
|
||||
| test.py:67:38:67:48 | ControlFlowNode for bank_number | test.py:70:15:70:25 | ControlFlowNode for bank_number | provenance | |
|
||||
| test.py:67:76:67:78 | ControlFlowNode for ccn | test.py:73:15:73:17 | ControlFlowNode for ccn | provenance | |
|
||||
| test.py:67:81:67:88 | ControlFlowNode for user_ccn | test.py:74:15:74:22 | ControlFlowNode for user_ccn | provenance | |
|
||||
| test.py:101:5:101:10 | ControlFlowNode for config | test.py:105:11:105:31 | ControlFlowNode for Subscript | provenance | |
|
||||
| test.py:103:21:103:37 | ControlFlowNode for Attribute | test.py:101:5:101:10 | ControlFlowNode for config | provenance | |
|
||||
nodes
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:19:16:19:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
@@ -94,7 +91,4 @@ nodes
|
||||
| test.py:70:15:70:25 | ControlFlowNode for bank_number | semmle.label | ControlFlowNode for bank_number |
|
||||
| test.py:73:15:73:17 | ControlFlowNode for ccn | semmle.label | ControlFlowNode for ccn |
|
||||
| test.py:74:15:74:22 | ControlFlowNode for user_ccn | semmle.label | ControlFlowNode for user_ccn |
|
||||
| test.py:101:5:101:10 | ControlFlowNode for config | semmle.label | ControlFlowNode for config |
|
||||
| test.py:103:21:103:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:105:11:105:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
subpaths
|
||||
|
||||
@@ -100,9 +100,9 @@ def FPs(account, account_id):
|
||||
import settings
|
||||
config = {
|
||||
"sleep_timer": 5,
|
||||
"password": settings.password # $ SPURIOUS: Source
|
||||
"password": settings.password
|
||||
}
|
||||
print(config["sleep_timer"]) # $ SPURIOUS: Alert # OK
|
||||
print(config["sleep_timer"]) # OK
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
@@ -9,9 +9,11 @@ edges
|
||||
| password_in_cookie.py:14:5:14:12 | ControlFlowNode for password | password_in_cookie.py:16:33:16:40 | ControlFlowNode for password | provenance | |
|
||||
| password_in_cookie.py:14:16:14:43 | ControlFlowNode for Attribute() | password_in_cookie.py:14:5:14:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | test.py:17:20:17:27 | ControlFlowNode for password | provenance | |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | test.py:18:9:18:13 | ControlFlowNode for lines | provenance | |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | test.py:18:18:18:32 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| test.py:15:16:15:29 | ControlFlowNode for get_password() | test.py:15:5:15:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines | test.py:19:25:19:29 | ControlFlowNode for lines | provenance | |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines [List element] | test.py:19:25:19:29 | ControlFlowNode for lines | provenance | |
|
||||
| test.py:18:17:18:33 | ControlFlowNode for List [List element] | test.py:18:9:18:13 | ControlFlowNode for lines [List element] | provenance | |
|
||||
| test.py:18:18:18:32 | ControlFlowNode for BinaryExpr | test.py:18:17:18:33 | ControlFlowNode for List [List element] | provenance | |
|
||||
nodes
|
||||
| password_in_cookie.py:7:5:7:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| password_in_cookie.py:7:16:7:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
@@ -22,6 +24,8 @@ nodes
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:15:16:15:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:17:20:17:27 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines | semmle.label | ControlFlowNode for lines |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines [List element] | semmle.label | ControlFlowNode for lines [List element] |
|
||||
| test.py:18:17:18:33 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| test.py:18:18:18:32 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| test.py:19:25:19:29 | ControlFlowNode for lines | semmle.label | ControlFlowNode for lines |
|
||||
subpaths
|
||||
|
||||
@@ -82,14 +82,19 @@ edges
|
||||
| full_partial_test.py:61:5:61:7 | ControlFlowNode for url | full_partial_test.py:63:18:63:20 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:66:5:66:14 | ControlFlowNode for user_input | full_partial_test.py:70:5:70:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:66:5:66:14 | ControlFlowNode for user_input | full_partial_test.py:74:5:74:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:66:5:66:14 | ControlFlowNode for user_input | full_partial_test.py:78:5:78:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:66:5:66:14 | ControlFlowNode for user_input | full_partial_test.py:78:38:78:47 | ControlFlowNode for user_input | provenance | |
|
||||
| full_partial_test.py:66:18:66:24 | ControlFlowNode for request | full_partial_test.py:66:5:66:14 | ControlFlowNode for user_input | provenance | AdditionalTaintStep |
|
||||
| full_partial_test.py:66:18:66:24 | ControlFlowNode for request | full_partial_test.py:67:5:67:13 | ControlFlowNode for query_val | provenance | AdditionalTaintStep |
|
||||
| full_partial_test.py:67:5:67:13 | ControlFlowNode for query_val | full_partial_test.py:78:5:78:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:67:5:67:13 | ControlFlowNode for query_val | full_partial_test.py:78:50:78:58 | ControlFlowNode for query_val | provenance | |
|
||||
| full_partial_test.py:67:17:67:23 | ControlFlowNode for request | full_partial_test.py:67:5:67:13 | ControlFlowNode for query_val | provenance | AdditionalTaintStep |
|
||||
| full_partial_test.py:70:5:70:7 | ControlFlowNode for url | full_partial_test.py:72:18:72:20 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:74:5:74:7 | ControlFlowNode for url | full_partial_test.py:76:18:76:20 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:78:5:78:7 | ControlFlowNode for url | full_partial_test.py:80:18:80:20 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:78:11:78:59 | ControlFlowNode for BinaryExpr | full_partial_test.py:78:5:78:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:78:38:78:47 | ControlFlowNode for user_input | full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 0] | provenance | |
|
||||
| full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 0] | full_partial_test.py:78:11:78:59 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 1] | full_partial_test.py:78:11:78:59 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| full_partial_test.py:78:50:78:58 | ControlFlowNode for query_val | full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 1] | provenance | |
|
||||
| full_partial_test.py:83:5:83:14 | ControlFlowNode for user_input | full_partial_test.py:87:5:87:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:83:5:83:14 | ControlFlowNode for user_input | full_partial_test.py:91:5:91:7 | ControlFlowNode for url | provenance | |
|
||||
| full_partial_test.py:83:5:83:14 | ControlFlowNode for user_input | full_partial_test.py:95:5:95:7 | ControlFlowNode for url | provenance | |
|
||||
@@ -274,6 +279,11 @@ nodes
|
||||
| full_partial_test.py:74:5:74:7 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
|
||||
| full_partial_test.py:76:18:76:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
|
||||
| full_partial_test.py:78:5:78:7 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
|
||||
| full_partial_test.py:78:11:78:59 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| full_partial_test.py:78:38:78:47 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
|
||||
| full_partial_test.py:78:38:78:58 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
|
||||
| full_partial_test.py:78:50:78:58 | ControlFlowNode for query_val | semmle.label | ControlFlowNode for query_val |
|
||||
| full_partial_test.py:80:18:80:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
|
||||
| full_partial_test.py:83:5:83:14 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| full_partial_test.py:83:18:83:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
|
||||
@@ -7,25 +7,34 @@ edges
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:98:14:98:20 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:26:5:26:17 | ControlFlowNode for author_string | PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | provenance | |
|
||||
| PoC/server.py:26:21:26:27 | ControlFlowNode for request | PoC/server.py:26:5:26:17 | ControlFlowNode for author_string | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:30:38:30:43 | ControlFlowNode for author | provenance | |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:31:45:31:50 | ControlFlowNode for author | provenance | |
|
||||
| PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | PoC/server.py:27:5:27:10 | ControlFlowNode for author | provenance | |
|
||||
| PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| PoC/server.py:30:38:30:43 | ControlFlowNode for author | PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:31:45:31:50 | ControlFlowNode for author | PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:43:5:43:10 | ControlFlowNode for author | PoC/server.py:47:38:47:67 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:43:14:43:20 | ControlFlowNode for request | PoC/server.py:43:5:43:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:47:38:47:67 | ControlFlowNode for BinaryExpr | PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:52:5:52:10 | ControlFlowNode for author | PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:52:14:52:20 | ControlFlowNode for request | PoC/server.py:52:5:52:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:53:5:53:10 | ControlFlowNode for search | PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:53:5:53:10 | ControlFlowNode for search | PoC/server.py:61:51:61:56 | ControlFlowNode for search | provenance | |
|
||||
| PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | PoC/server.py:53:5:53:10 | ControlFlowNode for search | provenance | |
|
||||
| PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:61:37:61:57 | ControlFlowNode for Dict [Dictionary element at key $function] | PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:61:51:61:56 | ControlFlowNode for search | PoC/server.py:61:37:61:57 | ControlFlowNode for Dict [Dictionary element at key $function] | provenance | |
|
||||
| PoC/server.py:77:5:77:10 | ControlFlowNode for author | PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:77:14:77:20 | ControlFlowNode for request | PoC/server.py:77:5:77:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | PoC/server.py:84:5:84:9 | ControlFlowNode for group | provenance | |
|
||||
| PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | PoC/server.py:86:37:86:47 | ControlFlowNode for accumulator | provenance | |
|
||||
| PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | provenance | |
|
||||
| PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | PoC/server.py:91:41:91:45 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | provenance | |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | PoC/server.py:92:50:92:54 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | provenance | |
|
||||
| PoC/server.py:84:13:87:5 | ControlFlowNode for Dict [Dictionary element at key author, Dictionary element at key $accumulator] | PoC/server.py:84:5:84:9 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | provenance | |
|
||||
| PoC/server.py:86:19:86:49 | ControlFlowNode for Dict [Dictionary element at key $accumulator] | PoC/server.py:84:13:87:5 | ControlFlowNode for Dict [Dictionary element at key author, Dictionary element at key $accumulator] | provenance | |
|
||||
| PoC/server.py:86:37:86:47 | ControlFlowNode for accumulator | PoC/server.py:86:19:86:49 | ControlFlowNode for Dict [Dictionary element at key $accumulator] | provenance | |
|
||||
| PoC/server.py:91:41:91:45 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:92:50:92:54 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:98:5:98:10 | ControlFlowNode for author | PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | provenance | |
|
||||
| PoC/server.py:98:14:98:20 | ControlFlowNode for request | PoC/server.py:98:5:98:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | PoC/server.py:102:9:102:14 | ControlFlowNode for mapper | provenance | |
|
||||
@@ -39,16 +48,18 @@ edges
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | flask_mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | provenance | |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | flask_mongoengine_bad.py:30:48:30:58 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| flask_mongoengine_bad.py:30:48:30:58 | ControlFlowNode for json_search | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | provenance | |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | provenance | |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | provenance | |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | flask_pymongo_bad.py:14:40:14:50 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| flask_pymongo_bad.py:14:40:14:50 | ControlFlowNode for json_search | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | provenance | |
|
||||
@@ -58,24 +69,28 @@ edges
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | mongoengine_bad.py:22:35:22:45 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:22:35:22:45 | ControlFlowNode for json_search | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | mongoengine_bad.py:30:35:30:45 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:30:35:30:45 | ControlFlowNode for json_search | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | mongoengine_bad.py:38:35:38:45 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:38:35:38:45 | ControlFlowNode for json_search | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | mongoengine_bad.py:46:35:46:45 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:46:35:46:45 | ControlFlowNode for json_search | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:51:5:51:15 | ControlFlowNode for json_search | mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | provenance | |
|
||||
@@ -83,9 +98,10 @@ edges
|
||||
| mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:57:5:57:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | mongoengine_bad.py:57:5:57:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | mongoengine_bad.py:61:38:61:48 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:61:38:61:48 | ControlFlowNode for json_search | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:12:21:12:27 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:29:27:29:33 | ControlFlowNode for request | provenance | |
|
||||
@@ -93,9 +109,10 @@ edges
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:52:26:52:32 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | pymongo_test.py:15:51:15:61 | ControlFlowNode for json_search | provenance | |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | provenance | |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:15:51:15:61 | ControlFlowNode for json_search | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | pymongo_test.py:33:45:33:72 | ControlFlowNode for Fstring | provenance | |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | provenance | |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
@@ -112,13 +129,23 @@ edges
|
||||
| pymongo_test.py:52:15:52:50 | ControlFlowNode for Attribute() | pymongo_test.py:52:5:52:11 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:52:26:52:32 | ControlFlowNode for request | pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | pymongo_test.py:52:15:52:50 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search | pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search | pymongo_test.py:59:49:59:54 | ControlFlowNode for search | provenance | |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search [Dictionary element at key body] | pymongo_test.py:59:49:59:54 | ControlFlowNode for search [Dictionary element at key body] | provenance | |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | pymongo_test.py:54:5:54:10 | ControlFlowNode for search | provenance | |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict [Dictionary element at key body] | pymongo_test.py:54:5:54:10 | ControlFlowNode for search [Dictionary element at key body] | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict [Dictionary element at key body] | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:61:49:61:55 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:62:35:62:41 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function, Dictionary element at key body] | pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function] | pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:59:49:59:54 | ControlFlowNode for search | pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function] | provenance | |
|
||||
| pymongo_test.py:59:49:59:54 | ControlFlowNode for search [Dictionary element at key body] | pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function, Dictionary element at key body] | provenance | |
|
||||
| pymongo_test.py:61:35:61:56 | ControlFlowNode for Dict [Dictionary element at key $function] | pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:61:49:61:55 | ControlFlowNode for decoded | pymongo_test.py:61:35:61:56 | ControlFlowNode for Dict [Dictionary element at key $function] | provenance | |
|
||||
| pymongo_test.py:62:35:62:41 | ControlFlowNode for decoded | pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | provenance | |
|
||||
nodes
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
@@ -128,7 +155,9 @@ nodes
|
||||
| PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | semmle.label | ControlFlowNode for author_string |
|
||||
| PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:30:38:30:43 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:31:45:31:50 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:43:5:43:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:43:14:43:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
@@ -139,14 +168,21 @@ nodes
|
||||
| PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:61:37:61:57 | ControlFlowNode for Dict [Dictionary element at key $function] | semmle.label | ControlFlowNode for Dict [Dictionary element at key $function] |
|
||||
| PoC/server.py:61:51:61:56 | ControlFlowNode for search | semmle.label | ControlFlowNode for search |
|
||||
| PoC/server.py:77:5:77:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:77:14:77:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | semmle.label | ControlFlowNode for accumulator |
|
||||
| PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | semmle.label | ControlFlowNode for group |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | semmle.label | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] |
|
||||
| PoC/server.py:84:13:87:5 | ControlFlowNode for Dict [Dictionary element at key author, Dictionary element at key $accumulator] | semmle.label | ControlFlowNode for Dict [Dictionary element at key author, Dictionary element at key $accumulator] |
|
||||
| PoC/server.py:86:19:86:49 | ControlFlowNode for Dict [Dictionary element at key $accumulator] | semmle.label | ControlFlowNode for Dict [Dictionary element at key $accumulator] |
|
||||
| PoC/server.py:86:37:86:47 | ControlFlowNode for accumulator | semmle.label | ControlFlowNode for accumulator |
|
||||
| PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:91:41:91:45 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | semmle.label | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] |
|
||||
| PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:92:50:92:54 | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] | semmle.label | ControlFlowNode for group [Dictionary element at key author, Dictionary element at key $accumulator] |
|
||||
| PoC/server.py:98:5:98:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:98:14:98:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | semmle.label | ControlFlowNode for mapper |
|
||||
@@ -165,6 +201,7 @@ nodes
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| flask_mongoengine_bad.py:30:48:30:58 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
@@ -173,6 +210,7 @@ nodes
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| flask_pymongo_bad.py:14:40:14:50 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
@@ -181,24 +219,28 @@ nodes
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:22:35:22:45 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:30:35:30:45 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:38:35:38:45 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:46:35:46:45 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:51:5:51:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
@@ -211,6 +253,7 @@ nodes
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:61:38:61:48 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
@@ -219,6 +262,7 @@ nodes
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:15:51:15:61 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | semmle.label | ControlFlowNode for event_id |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
@@ -236,11 +280,20 @@ nodes
|
||||
| pymongo_test.py:52:26:52:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search | semmle.label | ControlFlowNode for search |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search [Dictionary element at key body] | semmle.label | ControlFlowNode for search [Dictionary element at key body] |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict [Dictionary element at key body] | semmle.label | ControlFlowNode for Dict [Dictionary element at key body] |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function, Dictionary element at key body] | semmle.label | ControlFlowNode for Dict [Dictionary element at key $function, Dictionary element at key body] |
|
||||
| pymongo_test.py:59:35:59:55 | ControlFlowNode for Dict [Dictionary element at key $function] | semmle.label | ControlFlowNode for Dict [Dictionary element at key $function] |
|
||||
| pymongo_test.py:59:49:59:54 | ControlFlowNode for search | semmle.label | ControlFlowNode for search |
|
||||
| pymongo_test.py:59:49:59:54 | ControlFlowNode for search [Dictionary element at key body] | semmle.label | ControlFlowNode for search [Dictionary element at key body] |
|
||||
| pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:61:35:61:56 | ControlFlowNode for Dict [Dictionary element at key $function] | semmle.label | ControlFlowNode for Dict [Dictionary element at key $function] |
|
||||
| pymongo_test.py:61:49:61:55 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:62:35:62:41 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
BIN
ql/Cargo.lock
generated
BIN
ql/Cargo.lock
generated
Binary file not shown.
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -4,35 +4,11 @@ private import codeql.util.test.InlineExpectationsTest
|
||||
module Impl implements InlineExpectationsTestSig {
|
||||
private import codeql.ruby.ast.internal.TreeSitter
|
||||
|
||||
private newtype TAnyComment =
|
||||
RubyComment(Ruby::Comment comment) or
|
||||
ErbComment(R::ErbComment comment)
|
||||
|
||||
/**
|
||||
* A class representing comments that may contain inline expectations (Ruby line comments and ERB comments).
|
||||
* A class representing line comments in Ruby.
|
||||
*/
|
||||
class ExpectationComment extends TAnyComment {
|
||||
Ruby::Comment asRubyComment() { this = RubyComment(result) }
|
||||
|
||||
R::ErbComment asErbComment() { this = ErbComment(result) }
|
||||
|
||||
string toString() {
|
||||
result = this.asRubyComment().toString()
|
||||
or
|
||||
result = this.asErbComment().toString()
|
||||
}
|
||||
|
||||
Location getLocation() {
|
||||
result = this.asRubyComment().getLocation()
|
||||
or
|
||||
result = this.asErbComment().getLocation()
|
||||
}
|
||||
|
||||
string getContents() {
|
||||
result = this.asRubyComment().getValue().suffix(1)
|
||||
or
|
||||
result = this.asErbComment().getValue().suffix(1)
|
||||
}
|
||||
class ExpectationComment extends Ruby::Comment {
|
||||
string getContents() { result = this.getValue().suffix(1) }
|
||||
}
|
||||
|
||||
class Location = R::Location;
|
||||
|
||||
@@ -28,6 +28,8 @@ nodes
|
||||
| string_flow.rb:227:10:227:10 | a | semmle.label | a |
|
||||
subpaths
|
||||
testFailures
|
||||
| string_flow.rb:85:10:85:10 | a | Unexpected result: hasValueFlow=a |
|
||||
| string_flow.rb:227:10:227:10 | a | Unexpected result: hasValueFlow=a |
|
||||
#select
|
||||
| string_flow.rb:3:10:3:22 | call to new | string_flow.rb:2:9:2:18 | call to source | string_flow.rb:3:10:3:22 | call to new | $@ | string_flow.rb:2:9:2:18 | call to source | call to source |
|
||||
| string_flow.rb:85:10:85:10 | a | string_flow.rb:83:9:83:18 | call to source | string_flow.rb:85:10:85:10 | a | $@ | string_flow.rb:83:9:83:18 | call to source | call to source |
|
||||
|
||||
@@ -82,7 +82,7 @@ end
|
||||
def m_clear
|
||||
a = source "a"
|
||||
a.clear
|
||||
sink a # $ SPURIOUS: hasValueFlow=a
|
||||
sink a
|
||||
end
|
||||
|
||||
# concat and prepend omitted because they clash with the summaries for
|
||||
@@ -224,7 +224,7 @@ def m_replace
|
||||
b = source "b"
|
||||
sink a.replace(b) # $ hasTaintFlow=b
|
||||
# TODO: currently we get value flow for a, because we don't clear content
|
||||
sink a # $ hasTaintFlow=b SPURIOUS: hasValueFlow=a
|
||||
sink a # $ hasTaintFlow=b
|
||||
end
|
||||
|
||||
def m_reverse
|
||||
@@ -316,4 +316,4 @@ def m_upto(i)
|
||||
a.upto("b", true) { |x| sink x } # $ hasTaintFlow=a
|
||||
"b".upto(a) { |x| sink x } # $ hasTaintFlow=a
|
||||
"b".upto(a, true) { |x| sink x }
|
||||
end
|
||||
end
|
||||
@@ -9,7 +9,7 @@ end
|
||||
class OneController < ActionController::Base
|
||||
before_action :a
|
||||
after_action :c
|
||||
|
||||
|
||||
def a
|
||||
@foo = params[:foo]
|
||||
end
|
||||
@@ -18,14 +18,14 @@ class OneController < ActionController::Base
|
||||
end
|
||||
|
||||
def c
|
||||
sink @foo # $ hasTaintFlow
|
||||
sink @foo
|
||||
end
|
||||
end
|
||||
|
||||
class TwoController < ActionController::Base
|
||||
before_action :a
|
||||
after_action :c
|
||||
|
||||
|
||||
def a
|
||||
@foo = params[:foo]
|
||||
end
|
||||
@@ -35,14 +35,14 @@ class TwoController < ActionController::Base
|
||||
end
|
||||
|
||||
def c
|
||||
sink @foo # $ SPURIOUS: hasTaintFlow
|
||||
sink @foo
|
||||
end
|
||||
end
|
||||
|
||||
class ThreeController < ActionController::Base
|
||||
before_action :a
|
||||
after_action :c
|
||||
|
||||
|
||||
def a
|
||||
@foo = params[:foo]
|
||||
@foo = "safe"
|
||||
@@ -52,14 +52,14 @@ class ThreeController < ActionController::Base
|
||||
end
|
||||
|
||||
def c
|
||||
sink @foo # $ SPURIOUS: hasTaintFlow
|
||||
sink @foo
|
||||
end
|
||||
end
|
||||
|
||||
class FourController < ActionController::Base
|
||||
before_action :a
|
||||
after_action :c
|
||||
|
||||
|
||||
def a
|
||||
@foo.bar = params[:foo]
|
||||
end
|
||||
@@ -68,14 +68,14 @@ class FourController < ActionController::Base
|
||||
end
|
||||
|
||||
def c
|
||||
sink(@foo.bar) # $ hasTaintFlow
|
||||
sink(@foo.bar)
|
||||
end
|
||||
end
|
||||
|
||||
class FiveController < ActionController::Base
|
||||
before_action :a
|
||||
after_action :c
|
||||
|
||||
|
||||
def a
|
||||
self.taint_foo
|
||||
end
|
||||
@@ -84,10 +84,10 @@ class FiveController < ActionController::Base
|
||||
end
|
||||
|
||||
def c
|
||||
sink @foo # $ hasTaintFlow
|
||||
sink @foo
|
||||
end
|
||||
|
||||
|
||||
def taint_foo
|
||||
@foo = params[:foo]
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -270,6 +270,11 @@ nodes
|
||||
| params_flow.rb:205:10:205:10 | a | semmle.label | a |
|
||||
subpaths
|
||||
testFailures
|
||||
| filter_flow.rb:21:10:21:13 | @foo | Unexpected result: hasTaintFlow |
|
||||
| filter_flow.rb:38:10:38:13 | @foo | Unexpected result: hasTaintFlow |
|
||||
| filter_flow.rb:55:10:55:13 | @foo | Unexpected result: hasTaintFlow |
|
||||
| filter_flow.rb:71:10:71:17 | call to bar | Unexpected result: hasTaintFlow |
|
||||
| filter_flow.rb:87:11:87:14 | @foo | Unexpected result: hasTaintFlow |
|
||||
#select
|
||||
| filter_flow.rb:21:10:21:13 | @foo | filter_flow.rb:14:12:14:17 | call to params | filter_flow.rb:21:10:21:13 | @foo | $@ | filter_flow.rb:14:12:14:17 | call to params | call to params |
|
||||
| filter_flow.rb:38:10:38:13 | @foo | filter_flow.rb:30:12:30:17 | call to params | filter_flow.rb:38:10:38:13 | @foo | $@ | filter_flow.rb:30:12:30:17 | call to params | call to params |
|
||||
|
||||
@@ -23,6 +23,7 @@ nodes
|
||||
| views/index.erb:2:10:2:12 | call to foo | semmle.label | call to foo |
|
||||
subpaths
|
||||
testFailures
|
||||
| views/index.erb:2:10:2:12 | call to foo | Unexpected result: hasTaintFlow |
|
||||
#select
|
||||
| app.rb:95:10:95:14 | @user | app.rb:103:13:103:22 | call to source | app.rb:95:10:95:14 | @user | $@ | app.rb:103:13:103:22 | call to source | call to source |
|
||||
| views/index.erb:2:10:2:12 | call to foo | app.rb:75:12:75:17 | call to params | views/index.erb:2:10:2:12 | call to foo | $@ | app.rb:75:12:75:17 | call to params | call to params |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
<%= @foo %>
|
||||
<%= sink foo %> <%# $ hasTaintFlow %>
|
||||
<%= sink foo %>
|
||||
@@ -1,4 +1,5 @@
|
||||
testFailures
|
||||
| improper_memoization.rb:100:1:104:3 | m14 | Unexpected result: result=BAD |
|
||||
#select
|
||||
| improper_memoization.rb:50:1:55:3 | m7 | improper_memoization.rb:50:8:50:10 | arg | improper_memoization.rb:51:3:53:5 | ... \|\|= ... |
|
||||
| improper_memoization.rb:58:1:63:3 | m8 | improper_memoization.rb:58:8:58:10 | arg | improper_memoization.rb:59:3:61:5 | ... \|\|= ... |
|
||||
|
||||
@@ -101,4 +101,4 @@ def m14(arg)
|
||||
@m14 ||= {}
|
||||
key = "foo/#{arg}"
|
||||
@m14[key] ||= long_running_method(arg)
|
||||
end # $ SPURIOUS: result=BAD
|
||||
end
|
||||
|
||||
@@ -66,7 +66,7 @@ impl<'a> AstNode for Node<'a> {
|
||||
|
||||
impl AstNode for yeast::Node {
|
||||
fn kind(&self) -> &str {
|
||||
yeast::Node::kind_name(self)
|
||||
yeast::Node::kind(self)
|
||||
}
|
||||
fn is_named(&self) -> bool {
|
||||
yeast::Node::is_named(self)
|
||||
@@ -882,6 +882,7 @@ fn emit_extras_in(visitor: &mut Visitor, node: Node<'_>) {
|
||||
}
|
||||
|
||||
fn traverse_yeast(tree: &yeast::Ast, visitor: &mut Visitor) {
|
||||
use yeast::Cursor;
|
||||
let mut cursor = tree.walk();
|
||||
visitor.enter_node(cursor.node());
|
||||
let mut recurse = true;
|
||||
|
||||
@@ -120,20 +120,14 @@ pub fn generate(
|
||||
)));
|
||||
dbscheme::write(&mut dbscheme_writer, &dbscheme_tail)?;
|
||||
|
||||
let mut body = vec![];
|
||||
|
||||
for c in ql_gen::create_ast_node_class(
|
||||
&ast_node_name,
|
||||
&node_location_table_name,
|
||||
&node_parent_table_name,
|
||||
) {
|
||||
body.push(ql::TopLevel::Class(c));
|
||||
}
|
||||
|
||||
for c in ql_gen::create_token_class(&token_name, &tokeninfo_name) {
|
||||
body.push(ql::TopLevel::Class(c));
|
||||
}
|
||||
|
||||
let mut body = vec![
|
||||
ql::TopLevel::Class(ql_gen::create_ast_node_class(
|
||||
&ast_node_name,
|
||||
&node_location_table_name,
|
||||
&node_parent_table_name,
|
||||
)),
|
||||
ql::TopLevel::Class(ql_gen::create_token_class(&token_name, &tokeninfo_name)),
|
||||
];
|
||||
if has_trivia_tokens {
|
||||
body.push(ql::TopLevel::Class(ql_gen::create_trivia_token_class(
|
||||
&trivia_token_name,
|
||||
|
||||
@@ -40,12 +40,9 @@ pub struct Class<'a> {
|
||||
pub qldoc: Option<String>,
|
||||
pub name: &'a str,
|
||||
pub is_abstract: bool,
|
||||
pub is_final: bool,
|
||||
pub is_private: bool,
|
||||
pub supertypes: BTreeSet<Type<'a>>,
|
||||
pub characteristic_predicate: Option<Expression<'a>>,
|
||||
pub predicates: Vec<Predicate<'a>>,
|
||||
pub alias: Option<String>,
|
||||
}
|
||||
|
||||
impl fmt::Display for Class<'_> {
|
||||
@@ -53,16 +50,6 @@ impl fmt::Display for Class<'_> {
|
||||
if let Some(qldoc) = &self.qldoc {
|
||||
write!(f, "/** {qldoc} */")?;
|
||||
}
|
||||
if self.is_final {
|
||||
write!(f, "final ")?;
|
||||
}
|
||||
if self.is_private {
|
||||
write!(f, "private ")?;
|
||||
}
|
||||
if let Some(alias) = &self.alias {
|
||||
write!(f, "class {} = {alias};", &self.name)?;
|
||||
return Ok(());
|
||||
}
|
||||
if self.is_abstract {
|
||||
write!(f, "abstract ")?;
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ pub fn create_ast_node_class<'a>(
|
||||
ast_node: &'a str,
|
||||
node_location_table: &'a str,
|
||||
node_parent_table: &'a str,
|
||||
) -> [ql::Class<'a>; 2] {
|
||||
) -> ql::Class<'a> {
|
||||
// Default implementation of `toString` calls `this.getAPrimaryQlClass()`
|
||||
let to_string = ql::Predicate {
|
||||
qldoc: Some(String::from(
|
||||
@@ -132,41 +132,25 @@ pub fn create_ast_node_class<'a>(
|
||||
),
|
||||
overlay: None,
|
||||
};
|
||||
[
|
||||
ql::Class {
|
||||
qldoc: Some(String::from("The base class for all AST nodes")),
|
||||
name: "AstNodeImpl",
|
||||
is_abstract: false,
|
||||
is_final: false,
|
||||
is_private: true,
|
||||
alias: None,
|
||||
supertypes: vec![ql::Type::At(ast_node)].into_iter().collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![
|
||||
to_string,
|
||||
get_location,
|
||||
get_parent,
|
||||
get_parent_index,
|
||||
get_a_field_or_child,
|
||||
get_a_primary_ql_class,
|
||||
get_primary_ql_classes,
|
||||
],
|
||||
},
|
||||
ql::Class {
|
||||
qldoc: None,
|
||||
name: "AstNode",
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: Some("AstNodeImpl".to_string()),
|
||||
supertypes: vec![].into_iter().collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![],
|
||||
},
|
||||
]
|
||||
ql::Class {
|
||||
qldoc: Some(String::from("The base class for all AST nodes")),
|
||||
name: "AstNode",
|
||||
is_abstract: false,
|
||||
supertypes: vec![ql::Type::At(ast_node)].into_iter().collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![
|
||||
to_string,
|
||||
get_location,
|
||||
get_parent,
|
||||
get_parent_index,
|
||||
get_a_field_or_child,
|
||||
get_a_primary_ql_class,
|
||||
get_primary_ql_classes,
|
||||
],
|
||||
}
|
||||
}
|
||||
|
||||
pub fn create_token_class<'a>(token_type: &'a str, tokeninfo: &'a str) -> [ql::Class<'a>; 2] {
|
||||
pub fn create_token_class<'a>(token_type: &'a str, tokeninfo: &'a str) -> ql::Class<'a> {
|
||||
let tokeninfo_arity = 3; // id, kind, value
|
||||
let get_value = ql::Predicate {
|
||||
qldoc: Some(String::from("Gets the value of this token.")),
|
||||
@@ -199,36 +183,20 @@ pub fn create_token_class<'a>(token_type: &'a str, tokeninfo: &'a str) -> [ql::C
|
||||
),
|
||||
overlay: None,
|
||||
};
|
||||
[
|
||||
ql::Class {
|
||||
qldoc: Some(String::from("A token.")),
|
||||
name: "TokenImpl",
|
||||
is_abstract: false,
|
||||
is_final: false,
|
||||
is_private: true,
|
||||
alias: None,
|
||||
supertypes: vec![ql::Type::At(token_type), ql::Type::Normal("AstNodeImpl")]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![
|
||||
get_value,
|
||||
to_string,
|
||||
create_get_a_primary_ql_class("Token", false),
|
||||
],
|
||||
},
|
||||
ql::Class {
|
||||
qldoc: None,
|
||||
name: "Token",
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: Some("TokenImpl".to_string()),
|
||||
supertypes: vec![].into_iter().collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![],
|
||||
},
|
||||
]
|
||||
ql::Class {
|
||||
qldoc: Some(String::from("A token.")),
|
||||
name: "Token",
|
||||
is_abstract: false,
|
||||
supertypes: vec![ql::Type::At(token_type), ql::Type::Normal("AstNode")]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![
|
||||
get_value,
|
||||
to_string,
|
||||
create_get_a_primary_ql_class("Token", false),
|
||||
],
|
||||
}
|
||||
}
|
||||
|
||||
/// Creates the `TriviaToken` class. Trivia tokens (e.g. comments) are
|
||||
@@ -283,15 +251,9 @@ pub fn create_trivia_token_class<'a>(
|
||||
)),
|
||||
name: "TriviaToken",
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: None,
|
||||
supertypes: vec![
|
||||
ql::Type::At(trivia_token_type),
|
||||
ql::Type::Normal("AstNodeImpl"),
|
||||
]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
supertypes: vec![ql::Type::At(trivia_token_type), ql::Type::Normal("AstNode")]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![
|
||||
get_value,
|
||||
@@ -309,10 +271,7 @@ pub fn create_reserved_word_class(db_name: &str) -> ql::Class<'_> {
|
||||
qldoc: Some(String::from("A reserved word.")),
|
||||
name: class_name,
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: None,
|
||||
supertypes: vec![ql::Type::At(db_name), ql::Type::Normal("TokenImpl")]
|
||||
supertypes: vec![ql::Type::At(db_name), ql::Type::Normal("Token")]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
characteristic_predicate: None,
|
||||
@@ -816,14 +775,11 @@ pub fn convert_nodes(nodes: &node_types::NodeTypeMap) -> Vec<ql::TopLevel<'_>> {
|
||||
create_get_a_primary_ql_class(&node.ql_class_name, true);
|
||||
let mut supertypes: BTreeSet<ql::Type> = BTreeSet::new();
|
||||
supertypes.insert(ql::Type::At(&node.dbscheme_name));
|
||||
supertypes.insert(ql::Type::Normal("TokenImpl"));
|
||||
supertypes.insert(ql::Type::Normal("Token"));
|
||||
classes.push(ql::TopLevel::Class(ql::Class {
|
||||
qldoc: Some(format!("A class representing `{}` tokens.", type_name.kind)),
|
||||
name: &node.ql_class_name,
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: None,
|
||||
supertypes,
|
||||
characteristic_predicate: None,
|
||||
predicates: vec![get_a_primary_ql_class],
|
||||
@@ -837,12 +793,9 @@ pub fn convert_nodes(nodes: &node_types::NodeTypeMap) -> Vec<ql::TopLevel<'_>> {
|
||||
qldoc: None,
|
||||
name: &node.ql_class_name,
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: None,
|
||||
supertypes: vec![
|
||||
ql::Type::At(&node.dbscheme_name),
|
||||
ql::Type::Normal("AstNodeImpl"),
|
||||
ql::Type::Normal("AstNode"),
|
||||
]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
@@ -871,12 +824,9 @@ pub fn convert_nodes(nodes: &node_types::NodeTypeMap) -> Vec<ql::TopLevel<'_>> {
|
||||
qldoc: Some(format!("A class representing `{}` nodes.", type_name.kind)),
|
||||
name: main_class_name,
|
||||
is_abstract: false,
|
||||
is_final: true,
|
||||
is_private: false,
|
||||
alias: None,
|
||||
supertypes: vec![
|
||||
ql::Type::At(&node.dbscheme_name),
|
||||
ql::Type::Normal("AstNodeImpl"),
|
||||
ql::Type::Normal("AstNode"),
|
||||
]
|
||||
.into_iter()
|
||||
.collect(),
|
||||
|
||||
@@ -41,14 +41,22 @@ pub fn query(input: TokenStream) -> TokenStream {
|
||||
/// (kind "literal") - leaf with static content
|
||||
/// (kind #{expr}) - leaf with computed content (expr.to_string())
|
||||
/// (kind $fresh) - leaf with auto-generated unique name
|
||||
/// {expr} - embed a Rust expression, dispatched via
|
||||
/// the `IntoFieldIds` trait: `Id` pushes a
|
||||
/// single id; iterables (`Vec<Id>`,
|
||||
/// `Option<Id>`, iterator chains) splice
|
||||
/// their elements
|
||||
/// field: {expr} - extend a named field with `{expr}`'s ids
|
||||
/// {expr} - embed a Rust expression returning Id
|
||||
/// {..expr} - splice an iterable of Id (in child/field position)
|
||||
/// field: {..expr} - splice into a named field
|
||||
/// {expr}.map(p -> tpl) - apply tpl to each element; splice result
|
||||
/// {expr}.reduce_left(f -> init, acc, e -> fold)
|
||||
/// - fold with per-element init; splice 0 or 1 result
|
||||
/// ```
|
||||
///
|
||||
/// Chain syntax after `{expr}` or `{..expr}`:
|
||||
/// - `.map(param -> template)` — one output node per input element.
|
||||
/// - `.reduce_left(first -> init, acc, elem -> fold)` — fold left; the first
|
||||
/// element is converted by `init`, subsequent elements are folded by `fold`
|
||||
/// with the accumulator bound to `acc`. An empty iterable yields nothing.
|
||||
/// - Chains always splice (the result is iterable).
|
||||
/// - Multiple chains can be chained, e.g. `.map(...).reduce_left(...)`.
|
||||
///
|
||||
/// Can be called with an explicit context or using the implicit context
|
||||
/// from an enclosing `rule!`:
|
||||
///
|
||||
@@ -92,7 +100,7 @@ pub fn trees(input: TokenStream) -> TokenStream {
|
||||
/// rule!(
|
||||
/// (query_pattern field: (_) @name (kind)* @repeated (_)? @optional)
|
||||
/// =>
|
||||
/// (output_template field: {name} {repeated})
|
||||
/// (output_template field: {name} {..repeated})
|
||||
/// )
|
||||
///
|
||||
/// // Shorthand: captures become fields on the output node
|
||||
@@ -113,3 +121,37 @@ pub fn rule(input: TokenStream) -> TokenStream {
|
||||
Err(err) => err.to_compile_error().into(),
|
||||
}
|
||||
}
|
||||
|
||||
/// Define a desugaring rule whose transform is a hand-written Rust block.
|
||||
///
|
||||
/// Use `manual_rule!` when the transform needs control over capture
|
||||
/// translation timing — for example, when an outer rule needs to set
|
||||
/// state in `ctx` (the `BuildCtx`'s user context) before recursive
|
||||
/// translation reaches inner rules that read that state.
|
||||
///
|
||||
/// ```text
|
||||
/// manual_rule!(
|
||||
/// (query_pattern field: (_) @name)
|
||||
/// {
|
||||
/// // `ctx` is a `&mut BuildCtx<'_, C>`; capture variables
|
||||
/// // (`name: NodeRef`, etc.) are bound from the query.
|
||||
/// let translated = ctx.translate(name)?;
|
||||
/// Ok(translated)
|
||||
/// }
|
||||
/// )
|
||||
/// ```
|
||||
///
|
||||
/// Differences from [`rule!`]:
|
||||
/// - Captures are **not** auto-translated before the body runs; they
|
||||
/// refer to raw input-schema nodes. Use [`BuildCtx::translate`] (or
|
||||
/// [`BuildCtx::translate_opt`]) to translate them when you choose.
|
||||
/// - The body is plain Rust returning `Result<Vec<Id>, String>` — no
|
||||
/// tree template, no `Ok(...)` wrap.
|
||||
#[proc_macro]
|
||||
pub fn manual_rule(input: TokenStream) -> TokenStream {
|
||||
let input2: TokenStream2 = input.into();
|
||||
match parse::parse_manual_rule_top(input2) {
|
||||
Ok(output) => output.into(),
|
||||
Err(err) => err.to_compile_error().into(),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,9 +22,10 @@ pub fn parse_query_top(input: TokenStream) -> Result<TokenStream> {
|
||||
/// Parse a single query node (possibly with a trailing `@capture`).
|
||||
fn parse_query_node(tokens: &mut Tokens) -> Result<TokenStream> {
|
||||
let base = parse_query_atom(tokens)?;
|
||||
// Check for trailing @capture or @@capture
|
||||
// Check for trailing @capture
|
||||
if peek_is_at(tokens) {
|
||||
let capture_name = consume_capture_marker(tokens)?;
|
||||
tokens.next(); // consume @
|
||||
let capture_name = expect_ident(tokens, "expected capture name after @")?;
|
||||
let name_str = capture_name.to_string();
|
||||
Ok(quote! {
|
||||
yeast::query::QueryNode::Capture {
|
||||
@@ -158,7 +159,8 @@ fn parse_query_fields(tokens: &mut Tokens) -> Result<Vec<TokenStream>> {
|
||||
push_field_elem(&mut field_order, &mut field_elems, field_str, elem);
|
||||
} else {
|
||||
let child = if peek_is_at(tokens) {
|
||||
let capture_name = consume_capture_marker(tokens)?;
|
||||
tokens.next();
|
||||
let capture_name = expect_ident(tokens, "expected capture name after @")?;
|
||||
let name_str = capture_name.to_string();
|
||||
quote! {
|
||||
yeast::query::QueryNode::Capture {
|
||||
@@ -304,8 +306,7 @@ fn parse_ctx_or_implicit(tokens: &mut Tokens) -> Ident {
|
||||
&& matches!(lookahead.next(), Some(TokenTree::Punct(p)) if p.as_char() == ',');
|
||||
|
||||
if is_explicit {
|
||||
let ctx = expect_ident(tokens, "unreachable: ident was just peeked")
|
||||
.expect("unreachable: ident was just peeked");
|
||||
let ctx = expect_ident(tokens, "").unwrap();
|
||||
let _ = tokens.next(); // consume comma
|
||||
ctx
|
||||
} else {
|
||||
@@ -343,7 +344,7 @@ pub fn parse_trees_top(input: TokenStream) -> Result<TokenStream> {
|
||||
}
|
||||
Ok(quote! {
|
||||
{
|
||||
let mut __nodes: Vec<yeast::Id> = Vec::new();
|
||||
let mut __nodes: Vec<usize> = Vec::new();
|
||||
#(#items)*
|
||||
__nodes
|
||||
}
|
||||
@@ -357,7 +358,7 @@ fn parse_direct_node(tokens: &mut Tokens, ctx: &Ident) -> Result<TokenStream> {
|
||||
Some(TokenTree::Group(g)) if g.delimiter() == Delimiter::Brace => {
|
||||
let group = expect_group(tokens, Delimiter::Brace)?;
|
||||
let expr = group.stream();
|
||||
Ok(quote! { ::std::convert::Into::<yeast::Id>::into({ #expr }) })
|
||||
Ok(quote! { ::std::convert::Into::<usize>::into({ #expr }) })
|
||||
}
|
||||
Some(TokenTree::Group(g)) if g.delimiter() == Delimiter::Parenthesis => {
|
||||
let group = expect_group(tokens, Delimiter::Parenthesis)?;
|
||||
@@ -430,24 +431,49 @@ fn parse_direct_node_inner(tokens: &mut Tokens, ctx: &Ident) -> Result<TokenStre
|
||||
);
|
||||
field_counter += 1;
|
||||
|
||||
// Plain `field: {expr}` — trait-dispatched extend.
|
||||
// Check for field: {..expr}.chain or field: {expr}.chain — splice a Vec<Id> into the field
|
||||
if peek_is_group(tokens, Delimiter::Brace) {
|
||||
let group = expect_group(tokens, Delimiter::Brace)?;
|
||||
let expr = group.stream();
|
||||
stmts.push(quote! {
|
||||
let mut #temp: Vec<yeast::Id> = Vec::new();
|
||||
yeast::IntoFieldIds::extend_into({ #expr }, &mut #temp);
|
||||
});
|
||||
// An empty `{expr}` means the field is absent — skip it
|
||||
// entirely rather than emitting an empty named field.
|
||||
field_args.push(quote! {
|
||||
if !#temp.is_empty() { __fields.push((#field_str, #temp)); }
|
||||
});
|
||||
continue;
|
||||
let group_clone = tokens.clone().next().unwrap();
|
||||
if let TokenTree::Group(g) = &group_clone {
|
||||
let mut inner_check = g.stream().into_iter();
|
||||
let is_splice = matches!(inner_check.next(), Some(TokenTree::Punct(p)) if p.as_char() == '.')
|
||||
&& matches!(inner_check.next(), Some(TokenTree::Punct(p)) if p.as_char() == '.');
|
||||
// Determine if a chain (.map(..)) follows the `{}` group.
|
||||
let mut after = tokens.clone();
|
||||
after.next(); // skip the brace group
|
||||
let has_chain =
|
||||
matches!(after.peek(), Some(TokenTree::Punct(p)) if p.as_char() == '.');
|
||||
|
||||
if is_splice || has_chain {
|
||||
let group = expect_group(tokens, Delimiter::Brace)?;
|
||||
let base: TokenStream = if is_splice {
|
||||
let mut inner = group.stream().into_iter().peekable();
|
||||
inner.next(); // consume first .
|
||||
inner.next(); // consume second .
|
||||
let expr: TokenStream = inner.collect();
|
||||
quote! {
|
||||
{ #expr }.into_iter().map(::std::convert::Into::<usize>::into)
|
||||
}
|
||||
} else {
|
||||
let expr = group.stream();
|
||||
quote! { { #expr }.into_iter() }
|
||||
};
|
||||
let chained = parse_chain_suffix(tokens, ctx, base)?;
|
||||
stmts.push(quote! {
|
||||
let #temp: Vec<usize> = #chained.collect();
|
||||
});
|
||||
// An empty splice means the field is absent — skip it
|
||||
// entirely rather than emitting an empty named field.
|
||||
field_args.push(quote! {
|
||||
if !#temp.is_empty() { __fields.push((#field_str, #temp)); }
|
||||
});
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let value = parse_direct_node(tokens, ctx)?;
|
||||
stmts.push(quote! { let #temp: yeast::Id = #value; });
|
||||
stmts.push(quote! { let #temp: usize = #value; });
|
||||
field_args.push(quote! { __fields.push((#field_str, vec![#temp])); });
|
||||
}
|
||||
|
||||
@@ -464,13 +490,101 @@ fn parse_direct_node_inner(tokens: &mut Tokens, ctx: &Ident) -> Result<TokenStre
|
||||
Ok(quote! {
|
||||
{
|
||||
#(#stmts)*
|
||||
let mut __fields: Vec<(&str, Vec<yeast::Id>)> = Vec::new();
|
||||
let mut __fields: Vec<(&str, Vec<usize>)> = Vec::new();
|
||||
#(#field_args)*
|
||||
#ctx.node(#kind_str, __fields)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
/// Parse a chain of `.method(args)` suffixes after a `{expr}` or `{..expr}`
|
||||
/// placeholder in tree templates. Currently supports:
|
||||
///
|
||||
/// ```text
|
||||
/// .map(param -> template) -- iterator map: produces Vec<usize>
|
||||
/// ```
|
||||
///
|
||||
/// The chain may be empty (returns `base` unchanged). Multiple chained calls
|
||||
/// are supported, e.g. `.map(p -> ...).map(q -> ...)`.
|
||||
///
|
||||
/// Each call expects the receiver to be an iterator. The `base` argument
|
||||
/// should therefore already be an iterator (use `.into_iter()` on it before
|
||||
/// calling this function).
|
||||
fn parse_chain_suffix(tokens: &mut Tokens, ctx: &Ident, base: TokenStream) -> Result<TokenStream> {
|
||||
let mut current = base;
|
||||
while matches!(tokens.peek(), Some(TokenTree::Punct(p)) if p.as_char() == '.') {
|
||||
tokens.next(); // consume .
|
||||
let method = expect_ident(tokens, "expected method name after `.`")?;
|
||||
let method_str = method.to_string();
|
||||
let args_group = expect_group(tokens, Delimiter::Parenthesis)?;
|
||||
match method_str.as_str() {
|
||||
"map" => {
|
||||
let mut inner = args_group.stream().into_iter().peekable();
|
||||
let param = expect_ident(&mut inner, "expected lambda parameter name")?;
|
||||
expect_punct(&mut inner, '-', "expected `->` after lambda parameter")?;
|
||||
expect_punct(&mut inner, '>', "expected `->` after lambda parameter")?;
|
||||
let body = parse_direct_node(&mut inner, ctx)?;
|
||||
if let Some(tok) = inner.next() {
|
||||
return Err(syn::Error::new_spanned(
|
||||
tok,
|
||||
"unexpected token after lambda body",
|
||||
));
|
||||
}
|
||||
current = quote! {
|
||||
#current.map(|#param| #body)
|
||||
};
|
||||
}
|
||||
"reduce_left" => {
|
||||
// Syntax: reduce_left(first -> init_tpl, acc, elem -> fold_tpl)
|
||||
// - first -> init_tpl : converts the first element to the initial accumulator
|
||||
// - acc, elem -> fold_tpl : fold step (acc = current accumulator, elem = next element)
|
||||
// Empty iterator produces an empty iterator; non-empty produces a single-element iterator.
|
||||
let mut inner = args_group.stream().into_iter().peekable();
|
||||
let init_param = expect_ident(&mut inner, "expected initial lambda parameter")?;
|
||||
expect_punct(&mut inner, '-', "expected `->` after init parameter")?;
|
||||
expect_punct(&mut inner, '>', "expected `->` after init parameter")?;
|
||||
let init_body = parse_direct_node(&mut inner, ctx)?;
|
||||
expect_punct(&mut inner, ',', "expected `,` after init template")?;
|
||||
let acc_param = expect_ident(&mut inner, "expected accumulator parameter")?;
|
||||
expect_punct(&mut inner, ',', "expected `,` after accumulator parameter")?;
|
||||
let elem_param = expect_ident(&mut inner, "expected element parameter")?;
|
||||
expect_punct(&mut inner, '-', "expected `->` after element parameter")?;
|
||||
expect_punct(&mut inner, '>', "expected `->` after element parameter")?;
|
||||
let fold_body = parse_direct_node(&mut inner, ctx)?;
|
||||
if let Some(tok) = inner.next() {
|
||||
return Err(syn::Error::new_spanned(
|
||||
tok,
|
||||
"unexpected token after fold template",
|
||||
));
|
||||
}
|
||||
current = quote! {
|
||||
{
|
||||
let mut __iter = #current;
|
||||
let __result: Option<usize> = if let Some(#init_param) = __iter.next() {
|
||||
let mut __acc: usize = #init_body;
|
||||
for #elem_param in __iter {
|
||||
let #acc_param: usize = __acc;
|
||||
__acc = #fold_body;
|
||||
}
|
||||
Some(__acc)
|
||||
} else {
|
||||
None
|
||||
};
|
||||
__result.into_iter()
|
||||
}
|
||||
};
|
||||
}
|
||||
_ => {
|
||||
return Err(syn::Error::new_spanned(
|
||||
method,
|
||||
format!("unknown builtin method `.{method_str}()`"),
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
Ok(current)
|
||||
}
|
||||
|
||||
/// Parse the top-level list of a `trees!` template.
|
||||
/// Each item is a node template or `{expr}` splice.
|
||||
fn parse_direct_list(tokens: &mut Tokens, ctx: &Ident) -> Result<Vec<TokenStream>> {
|
||||
@@ -491,14 +605,35 @@ fn parse_direct_list(tokens: &mut Tokens, ctx: &Ident) -> Result<Vec<TokenStream
|
||||
continue;
|
||||
}
|
||||
|
||||
// `{expr}` — extend `__nodes` via `IntoFieldIds`, which handles
|
||||
// single ids and iterables uniformly.
|
||||
// {expr} or {..expr} (with optional .chain) — single node or splice
|
||||
if peek_is_group(tokens, Delimiter::Brace) {
|
||||
let group = expect_group(tokens, Delimiter::Brace)?;
|
||||
let expr = group.stream();
|
||||
items.push(quote! {
|
||||
yeast::IntoFieldIds::extend_into({ #expr }, &mut __nodes);
|
||||
});
|
||||
let has_chain =
|
||||
matches!(tokens.peek(), Some(TokenTree::Punct(p)) if p.as_char() == '.');
|
||||
let mut inner = group.stream().into_iter().peekable();
|
||||
let is_splice = peek_is_dotdot(&inner);
|
||||
if is_splice || has_chain {
|
||||
let base: TokenStream = if is_splice {
|
||||
inner.next(); // consume first .
|
||||
inner.next(); // consume second .
|
||||
let expr: TokenStream = inner.collect();
|
||||
quote! {
|
||||
{ #expr }.into_iter().map(::std::convert::Into::<usize>::into)
|
||||
}
|
||||
} else {
|
||||
let expr = group.stream();
|
||||
quote! { { #expr }.into_iter() }
|
||||
};
|
||||
let chained = parse_chain_suffix(tokens, ctx, base)?;
|
||||
items.push(quote! {
|
||||
__nodes.extend(#chained);
|
||||
});
|
||||
} else {
|
||||
let expr = group.stream();
|
||||
items.push(quote! {
|
||||
__nodes.push(::std::convert::Into::<usize>::into({ #expr }));
|
||||
});
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -515,9 +650,6 @@ fn parse_direct_list(tokens: &mut Tokens, ctx: &Ident) -> Result<Vec<TokenStream
|
||||
struct CaptureInfo {
|
||||
name: String,
|
||||
multiplicity: CaptureMultiplicity,
|
||||
/// `true` for `@@name` captures: the auto-translate prefix skips them,
|
||||
/// so the bound `Id` refers to the raw (input-schema) node.
|
||||
raw: bool,
|
||||
}
|
||||
|
||||
#[derive(Clone, Copy, PartialEq)]
|
||||
@@ -576,14 +708,6 @@ fn extract_captures_inner(
|
||||
extract_captures_inner(&mut inner, captures, child_mult);
|
||||
}
|
||||
TokenTree::Punct(p) if p.as_char() == '@' => {
|
||||
// `@@name` marks the capture as raw (skip auto-translate).
|
||||
let raw = matches!(
|
||||
tokens.peek(),
|
||||
Some(TokenTree::Punct(p)) if p.as_char() == '@'
|
||||
);
|
||||
if raw {
|
||||
tokens.next(); // consume the second `@`
|
||||
}
|
||||
if let Some(TokenTree::Ident(name)) = tokens.next() {
|
||||
let mult = if parent_mult == CaptureMultiplicity::Repeated
|
||||
|| last_mult == CaptureMultiplicity::Repeated
|
||||
@@ -599,7 +723,6 @@ fn extract_captures_inner(
|
||||
captures.push(CaptureInfo {
|
||||
name: name.to_string(),
|
||||
multiplicity: mult,
|
||||
raw,
|
||||
});
|
||||
}
|
||||
last_mult = CaptureMultiplicity::Single;
|
||||
@@ -653,14 +776,6 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
// Parse query
|
||||
let query_code = parse_query_top(query_stream.clone())?;
|
||||
|
||||
// Capture names marked `@@name` (raw) — passed to the auto-translate
|
||||
// prefix as a skip list so those captures keep their input-schema ids.
|
||||
let raw_capture_names: Vec<&str> = captures
|
||||
.iter()
|
||||
.filter(|c| c.raw)
|
||||
.map(|c| c.name.as_str())
|
||||
.collect();
|
||||
|
||||
// Generate capture bindings
|
||||
let ctx_ident = Ident::new(IMPLICIT_CTX, Span::call_site());
|
||||
let bindings: Vec<TokenStream> = captures
|
||||
@@ -671,17 +786,22 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
match cap.multiplicity {
|
||||
CaptureMultiplicity::Repeated => {
|
||||
quote! {
|
||||
let #name: Vec<yeast::Id> = __captures.get_all(#name_str);
|
||||
let #name: Vec<yeast::NodeRef> = __captures.get_all(#name_str)
|
||||
.into_iter()
|
||||
.map(yeast::NodeRef)
|
||||
.collect();
|
||||
}
|
||||
}
|
||||
CaptureMultiplicity::Optional => {
|
||||
quote! {
|
||||
let #name: Option<yeast::Id> = __captures.get_opt(#name_str);
|
||||
let #name: Option<yeast::NodeRef> =
|
||||
__captures.get_opt(#name_str).map(yeast::NodeRef);
|
||||
}
|
||||
}
|
||||
CaptureMultiplicity::Single => {
|
||||
quote! {
|
||||
let #name: yeast::Id = __captures.get_var(#name_str).unwrap();
|
||||
let #name: yeast::NodeRef =
|
||||
yeast::NodeRef(__captures.get_var(#name_str).unwrap());
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -712,7 +832,7 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
__fields.insert(
|
||||
__field_id,
|
||||
#name.into_iter()
|
||||
.map(::std::convert::Into::<yeast::Id>::into)
|
||||
.map(::std::convert::Into::<usize>::into)
|
||||
.collect(),
|
||||
);
|
||||
},
|
||||
@@ -721,14 +841,14 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
.unwrap_or_else(|| panic!("field '{}' not found", #name_str));
|
||||
if let Some(__id) = #name {
|
||||
__fields.entry(__field_id).or_insert_with(Vec::new)
|
||||
.push(::std::convert::Into::<yeast::Id>::into(__id));
|
||||
.push(::std::convert::Into::<usize>::into(__id));
|
||||
}
|
||||
},
|
||||
CaptureMultiplicity::Single => quote! {
|
||||
let __field_id = #ctx_ident.ast.field_id_for_name(#name_str)
|
||||
.unwrap_or_else(|| panic!("field '{}' not found", #name_str));
|
||||
__fields.entry(__field_id).or_insert_with(Vec::new)
|
||||
.push(::std::convert::Into::<yeast::Id>::into(#name));
|
||||
.push(::std::convert::Into::<usize>::into(#name));
|
||||
},
|
||||
}
|
||||
})
|
||||
@@ -760,7 +880,7 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
}
|
||||
|
||||
quote! {
|
||||
let mut __nodes: Vec<yeast::Id> = Vec::new();
|
||||
let mut __nodes: Vec<usize> = Vec::new();
|
||||
#(#transform_items)*
|
||||
__nodes
|
||||
}
|
||||
@@ -771,23 +891,120 @@ pub fn parse_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
let __query = #query_code;
|
||||
yeast::Rule::new(__query, Box::new(|__ast: &mut yeast::Ast, mut __captures: yeast::captures::Captures, __fresh: &yeast::tree_builder::FreshScope, __source_range: Option<tree_sitter::Range>, __user_ctx: &mut _, __translator: yeast::TranslatorHandle<'_, _>| {
|
||||
// Auto-translation prefix: recursively translate every
|
||||
// captured node before invoking the user's transform body,
|
||||
// except for `@@name` captures listed in `__skip` which the
|
||||
// body consumes raw.
|
||||
// captured node before invoking the user's transform body.
|
||||
// For OneShot rules this preserves the legacy behaviour
|
||||
// (input-schema captures translated to output-schema
|
||||
// nodes); for Repeating rules it is a no-op.
|
||||
let __skip: &[&str] = &[#(#raw_capture_names),*];
|
||||
__translator.auto_translate_captures(&mut __captures, __ast, __user_ctx, __skip)?;
|
||||
__translator.auto_translate_captures(&mut __captures, __ast, __user_ctx)?;
|
||||
#(#bindings)*
|
||||
let mut #ctx_ident = yeast::build::BuildCtx::with_translator(__ast, &__captures, __fresh, __source_range, __user_ctx, __translator);
|
||||
let __result: Vec<yeast::Id> = { #transform_body };
|
||||
let __result: Vec<usize> = { #transform_body };
|
||||
Ok(__result)
|
||||
}))
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
/// Parse `manual_rule!( query { body } )`.
|
||||
///
|
||||
/// Like [`parse_rule_top`] but:
|
||||
/// - Expects a Rust block `{ ... }` after the query (no `=>` arrow).
|
||||
/// - Generates code that does NOT auto-translate captures before
|
||||
/// running the body. Capture variables refer to raw (input-schema)
|
||||
/// nodes; the body is responsible for explicit translation via
|
||||
/// `ctx.translate(...)`.
|
||||
/// - The body is included verbatim and must evaluate to
|
||||
/// `Result<Vec<usize>, String>`.
|
||||
pub fn parse_manual_rule_top(input: TokenStream) -> Result<TokenStream> {
|
||||
let mut tokens = input.into_iter().peekable();
|
||||
|
||||
// Collect query tokens up to the body block `{ ... }`.
|
||||
let mut query_tokens = Vec::new();
|
||||
loop {
|
||||
match tokens.peek() {
|
||||
None => {
|
||||
return Err(syn::Error::new(
|
||||
Span::call_site(),
|
||||
"expected a Rust block `{ ... }` after the query in manual_rule!",
|
||||
))
|
||||
}
|
||||
Some(TokenTree::Group(g)) if g.delimiter() == Delimiter::Brace => break,
|
||||
_ => {
|
||||
query_tokens.push(tokens.next().unwrap());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let query_stream: TokenStream = query_tokens.into_iter().collect();
|
||||
|
||||
// Extract captures from the query (same as in `rule!`).
|
||||
let captures = extract_captures(&query_stream);
|
||||
|
||||
// Parse the query into the QueryNode-building expression.
|
||||
let query_code = parse_query_top(query_stream)?;
|
||||
|
||||
// Generate capture bindings (same as in `rule!`).
|
||||
let ctx_ident = Ident::new(IMPLICIT_CTX, Span::call_site());
|
||||
let bindings: Vec<TokenStream> = captures
|
||||
.iter()
|
||||
.map(|cap| {
|
||||
let name = Ident::new(&cap.name, Span::call_site());
|
||||
let name_str = &cap.name;
|
||||
match cap.multiplicity {
|
||||
CaptureMultiplicity::Repeated => quote! {
|
||||
let #name: Vec<yeast::NodeRef> = __captures.get_all(#name_str)
|
||||
.into_iter()
|
||||
.map(yeast::NodeRef)
|
||||
.collect();
|
||||
},
|
||||
CaptureMultiplicity::Optional => quote! {
|
||||
let #name: Option<yeast::NodeRef> =
|
||||
__captures.get_opt(#name_str).map(yeast::NodeRef);
|
||||
},
|
||||
CaptureMultiplicity::Single => quote! {
|
||||
let #name: yeast::NodeRef =
|
||||
yeast::NodeRef(__captures.get_var(#name_str).unwrap());
|
||||
},
|
||||
}
|
||||
})
|
||||
.collect();
|
||||
|
||||
// Consume the body block.
|
||||
let body_group = match tokens.next() {
|
||||
Some(TokenTree::Group(g)) if g.delimiter() == Delimiter::Brace => g,
|
||||
other => {
|
||||
return Err(syn::Error::new(
|
||||
Span::call_site(),
|
||||
format!(
|
||||
"expected a Rust block `{{ ... }}` after the query in manual_rule!, found: {other:?}"
|
||||
),
|
||||
))
|
||||
}
|
||||
};
|
||||
let body_stream = body_group.stream();
|
||||
|
||||
// No tokens should follow the body.
|
||||
if let Some(tok) = tokens.next() {
|
||||
return Err(syn::Error::new_spanned(
|
||||
tok,
|
||||
"unexpected token after manual_rule! body",
|
||||
));
|
||||
}
|
||||
|
||||
Ok(quote! {
|
||||
{
|
||||
let __query = #query_code;
|
||||
yeast::Rule::new(__query, Box::new(|__ast: &mut yeast::Ast, __captures: yeast::captures::Captures, __fresh: &yeast::tree_builder::FreshScope, __source_range: Option<tree_sitter::Range>, __user_ctx: &mut _, __translator: yeast::TranslatorHandle<'_, _>| {
|
||||
// No auto-translate prefix for manual rules — the body
|
||||
// is responsible for translating captures explicitly.
|
||||
#(#bindings)*
|
||||
let mut #ctx_ident = yeast::build::BuildCtx::with_translator(__ast, &__captures, __fresh, __source_range, __user_ctx, __translator);
|
||||
#body_stream
|
||||
}))
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// Token utilities
|
||||
// ---------------------------------------------------------------------------
|
||||
@@ -796,16 +1013,6 @@ fn peek_is_at(tokens: &mut Tokens) -> bool {
|
||||
matches!(tokens.peek(), Some(TokenTree::Punct(p)) if p.as_char() == '@')
|
||||
}
|
||||
|
||||
/// Consume an `@` or `@@` capture marker and the following name ident.
|
||||
/// Caller has already verified `peek_is_at(tokens)`.
|
||||
fn consume_capture_marker(tokens: &mut Tokens) -> Result<Ident> {
|
||||
tokens.next(); // consume the first `@`
|
||||
if peek_is_at(tokens) {
|
||||
tokens.next(); // consume the second `@` of `@@`
|
||||
}
|
||||
expect_ident(tokens, "expected capture name after `@` or `@@`")
|
||||
}
|
||||
|
||||
fn peek_is_literal(tokens: &mut Tokens) -> bool {
|
||||
matches!(tokens.peek(), Some(TokenTree::Literal(_)))
|
||||
}
|
||||
@@ -818,6 +1025,13 @@ fn peek_is_hash(tokens: &mut Tokens) -> bool {
|
||||
matches!(tokens.peek(), Some(TokenTree::Punct(p)) if p.as_char() == '#')
|
||||
}
|
||||
|
||||
/// Check for `..` (two consecutive dot punctuation tokens).
|
||||
fn peek_is_dotdot(tokens: &Tokens) -> bool {
|
||||
let mut lookahead = tokens.clone();
|
||||
matches!(lookahead.next(), Some(TokenTree::Punct(p)) if p.as_char() == '.')
|
||||
&& matches!(lookahead.next(), Some(TokenTree::Punct(p)) if p.as_char() == '.')
|
||||
}
|
||||
|
||||
fn peek_is_underscore(tokens: &mut Tokens) -> bool {
|
||||
matches!(tokens.peek(), Some(TokenTree::Ident(id)) if *id == "_")
|
||||
}
|
||||
@@ -899,7 +1113,8 @@ fn expect_repetition(tokens: &mut Tokens) -> Result<TokenStream> {
|
||||
|
||||
fn maybe_wrap_capture(tokens: &mut Tokens, base: TokenStream) -> Result<TokenStream> {
|
||||
if peek_is_at(tokens) {
|
||||
let name = consume_capture_marker(tokens)?;
|
||||
tokens.next(); // consume @
|
||||
let name = expect_ident(tokens, "expected capture name after @")?;
|
||||
let name_str = name.to_string();
|
||||
Ok(quote! {
|
||||
yeast::query::QueryNode::Capture {
|
||||
@@ -926,12 +1141,13 @@ fn maybe_wrap_repetition(tokens: &mut Tokens, single: TokenStream) -> Result<Tok
|
||||
}
|
||||
}
|
||||
|
||||
/// If `@name` (or `@@name`) follows a Repeated list element, wrap each
|
||||
/// child SingleNode inside the repetition with a Capture. This matches
|
||||
/// tree-sitter semantics where `(_)* @name` captures each matched node.
|
||||
/// If `@name` follows a Repeated list element, wrap each child SingleNode
|
||||
/// inside the repetition with a Capture. This matches tree-sitter semantics
|
||||
/// where `(_)* @name` captures each matched node.
|
||||
fn maybe_wrap_list_capture(tokens: &mut Tokens, elem: TokenStream) -> Result<TokenStream> {
|
||||
if peek_is_at(tokens) {
|
||||
let name = consume_capture_marker(tokens)?;
|
||||
tokens.next();
|
||||
let name = expect_ident(tokens, "expected capture name after @")?;
|
||||
let name_str = name.to_string();
|
||||
// Re-parse the element isn't practical, so we generate a wrapper
|
||||
// that creates a new Repeated with each child wrapped in a capture.
|
||||
|
||||
@@ -214,7 +214,7 @@ yeast::tree!(ctx,
|
||||
```rust
|
||||
yeast::trees!(ctx,
|
||||
(assignment left: {tmp} right: {right})
|
||||
{body}
|
||||
{..body}
|
||||
)
|
||||
```
|
||||
|
||||
@@ -256,26 +256,12 @@ occurrences of the same `$name` within one `BuildCtx` share the same value:
|
||||
|
||||
### Embedded Rust expressions
|
||||
|
||||
`{expr}` embeds a Rust expression whose value is appended to the
|
||||
enclosing field (or to the rule body's id list). Dispatch happens via
|
||||
the [`IntoFieldIds`] trait, which is implemented for:
|
||||
|
||||
- `Id` — pushes the single id.
|
||||
- Any `IntoIterator<Item: Into<Id>>` — extends with all yielded ids
|
||||
(covers `Vec<Id>`, `Option<Id>`, iterator chains, etc.).
|
||||
|
||||
So the same `{expr}` syntax handles single ids, splices, and zero-or-many
|
||||
options uniformly:
|
||||
`{expr}` embeds a Rust expression that returns a single node `Id`:
|
||||
|
||||
```rust
|
||||
(assignment
|
||||
left: {some_node_id} // a single Id
|
||||
right: {rhs} // a captured value (inside rule!)
|
||||
)
|
||||
|
||||
yeast::trees!(ctx,
|
||||
(assignment left: {tmp} right: {right})
|
||||
{extra_nodes} // splices a Vec<Id>
|
||||
left: {some_node_id} // insert a pre-built node
|
||||
right: {rhs} // insert a captured value (inside rule!)
|
||||
)
|
||||
```
|
||||
|
||||
@@ -291,47 +277,20 @@ expressions (with `let` bindings) work too:
|
||||
})
|
||||
```
|
||||
|
||||
Inside `rule!`, captures are Rust variables — `{name}` works for
|
||||
single, optional, and repeated captures alike:
|
||||
`{..expr}` splices a `Vec<Id>` (or any iterable of `Id`); the contents
|
||||
are likewise a Rust block, so the splice can be the result of arbitrary
|
||||
computation:
|
||||
|
||||
```rust
|
||||
rule!(
|
||||
(assignment left: @lhs right: _* @parts)
|
||||
=>
|
||||
(assignment left: {lhs} right: (block stmt: {parts}))
|
||||
yeast::trees!(ctx,
|
||||
(assignment left: {tmp} right: {right})
|
||||
{..extra_nodes} // splice a Vec<Id>
|
||||
)
|
||||
```
|
||||
|
||||
### Raw captures (`@@name`)
|
||||
|
||||
The default `@name` capture marker is *auto-translated*: in OneShot
|
||||
phases the macro recursively translates the captured node before
|
||||
binding it, so `{name}` in the output template splices a node that
|
||||
already conforms to the output schema.
|
||||
|
||||
For rules that need the raw (input-schema) capture — typically to read
|
||||
its source text or to translate it explicitly with mutable context
|
||||
state between calls — use `@@name` instead. The body sees the original
|
||||
input-schema `Id`:
|
||||
|
||||
```rust
|
||||
yeast::rule!(
|
||||
(assignment left: (_) @@raw_lhs right: (_) @rhs)
|
||||
=>
|
||||
{
|
||||
// raw_lhs is untranslated: read its original source text.
|
||||
let text = ctx.ast.source_text(raw_lhs);
|
||||
// rhs is already translated by the auto-translate prefix.
|
||||
tree!((call
|
||||
method: (identifier #{text.as_str()})
|
||||
receiver: {rhs}))
|
||||
}
|
||||
);
|
||||
```
|
||||
|
||||
Mix `@` and `@@` freely in the same rule. In a Repeating phase both
|
||||
markers are equivalent (auto-translation is a no-op for repeating
|
||||
rules).
|
||||
Inside `rule!`, captures are Rust variables, so `{name}` inserts a
|
||||
single capture (`Id`) and `{..name}` splices a repeated capture
|
||||
(`Vec<Id>`).
|
||||
|
||||
## Complete example: for-loop desugaring
|
||||
|
||||
|
||||
@@ -158,6 +158,15 @@ impl<'a, C> BuildCtx<'a, C> {
|
||||
self.ast
|
||||
.create_named_token_with_range(kind, generated, self.source_range)
|
||||
}
|
||||
|
||||
/// Prepend a value to a field of an existing node.
|
||||
pub fn prepend_field(&mut self, node_id: Id, field_name: &str, value_id: Id) {
|
||||
let field_id = self
|
||||
.ast
|
||||
.field_id_for_name(field_name)
|
||||
.unwrap_or_else(|| panic!("build: field '{field_name}' not found"));
|
||||
self.ast.prepend_field_child(node_id, field_id, value_id);
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: Clone> BuildCtx<'_, C> {
|
||||
@@ -167,6 +176,9 @@ impl<C: Clone> BuildCtx<'_, C> {
|
||||
/// (translation is not meaningful when input and output share a
|
||||
/// schema).
|
||||
///
|
||||
/// Accepts any value convertible to [`Id`] (including [`crate::NodeRef`]),
|
||||
/// so manual rules can pass capture bindings directly without unwrapping.
|
||||
///
|
||||
/// Errors if this `BuildCtx` was constructed by hand (without a
|
||||
/// translator handle) — for example, in unit tests that don't go
|
||||
/// through the rule driver.
|
||||
@@ -177,6 +189,20 @@ impl<C: Clone> BuildCtx<'_, C> {
|
||||
None => Err("translate() called on a BuildCtx without a translator handle".into()),
|
||||
}
|
||||
}
|
||||
|
||||
/// Translate an optional capture, returning the first translated id or
|
||||
/// `None`. Convenience for `?`-quantifier captures (`Option<NodeRef>`).
|
||||
///
|
||||
/// If the underlying translation produces multiple ids for a single
|
||||
/// input, only the first is returned. For most use cases (e.g.
|
||||
/// translating a single type annotation) this is what you want; if
|
||||
/// you need all ids, use [`translate`] directly.
|
||||
pub fn translate_opt<I: Into<Id>>(&mut self, id: Option<I>) -> Result<Option<Id>, String> {
|
||||
match id {
|
||||
Some(id) => Ok(self.translate(id)?.into_iter().next()),
|
||||
None => Ok(None),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<C> std::ops::Deref for BuildCtx<'_, C> {
|
||||
|
||||
@@ -54,24 +54,24 @@ impl Captures {
|
||||
self.captures.entry(key).or_default().push(id);
|
||||
}
|
||||
|
||||
/// Apply a fallible function to every captured id, replacing each id
|
||||
/// with the results. A function returning an empty vector removes
|
||||
/// the capture; returning multiple ids splices them into the
|
||||
/// capture's value list (suitable for `*`/`+` captures). Captures
|
||||
/// whose name appears in `skip` are left untouched. Stops and
|
||||
/// returns the error on the first failure.
|
||||
///
|
||||
/// Used by the `rule!` macro's auto-translate prefix to translate
|
||||
/// every capture except those marked `@@name` (raw).
|
||||
pub fn try_map_captures_except<E>(
|
||||
pub fn map_captures(&mut self, kind: &str, f: &mut impl FnMut(Id) -> Id) {
|
||||
if let Some(ids) = self.captures.get_mut(kind) {
|
||||
for id in ids {
|
||||
*id = f(*id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Apply a fallible function to every captured id (across all keys),
|
||||
/// replacing each id with the results. A function returning an empty
|
||||
/// vector removes the capture; returning multiple ids splices them
|
||||
/// into the capture's value list (suitable for `*`/`+` captures).
|
||||
/// Stops and returns the error on the first failure.
|
||||
pub fn try_map_all_captures<E>(
|
||||
&mut self,
|
||||
skip: &[&str],
|
||||
mut f: impl FnMut(Id) -> Result<Vec<Id>, E>,
|
||||
) -> Result<(), E> {
|
||||
for (name, ids) in self.captures.iter_mut() {
|
||||
if skip.contains(name) {
|
||||
continue;
|
||||
}
|
||||
for ids in self.captures.values_mut() {
|
||||
let mut new_ids = Vec::with_capacity(ids.len());
|
||||
for &id in ids.iter() {
|
||||
new_ids.extend(f(id)?);
|
||||
@@ -80,6 +80,12 @@ impl Captures {
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
pub fn map_captures_to(&mut self, from: &str, to: &'static str, f: &mut impl FnMut(Id) -> Id) {
|
||||
if let Some(from_ids) = self.captures.get(from) {
|
||||
let new_values = from_ids.iter().copied().map(f).collect();
|
||||
self.captures.insert(to, new_values);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn merge(&mut self, other: &Captures) {
|
||||
for (key, ids) in &other.captures {
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user