diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll index 43bf134ea794..505b2e190e54 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll @@ -28,6 +28,6 @@ import cpp deprecated module DataFlow { private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.code.cpp.dataflow.internal.DataFlowImpl1 } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll index 8a8db1bdcce4..1f93e2a74dff 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll @@ -29,6 +29,6 @@ deprecated module TaintTracking { private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll index 115e145bec0d..2038b14880aa 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll @@ -2,6 +2,7 @@ * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead. */ +private import semmle.code.cpp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +import MakeImpl diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll index 5d61aac1561b..b6e72884fa8d 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll @@ -2,6 +2,7 @@ * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead. */ +private import semmle.code.cpp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import MakeImplCommon diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll index 8abc7a8760a5..558bb80f3681 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll @@ -10,7 +10,7 @@ private import DataFlowImplSpecific private import TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { predicate argHasPostUpdateExclude(Private::ArgumentNode n) { // Is the null pointer (or something that's not really a pointer) exists(n.asExpr().getValue()) @@ -26,4 +26,4 @@ private module Input implements InputSig { } } -module Consistency = MakeConsistency; +module Consistency = MakeConsistency; diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll index e8686419aac1..f2e9ffc69883 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll @@ -4,6 +4,7 @@ * Provides C++-specific definitions for use in the data flow library. */ +private import semmle.code.cpp.Location private import codeql.dataflow.DataFlow module Private { @@ -15,7 +16,7 @@ module Public { import DataFlowUtil } -module CppOldDataFlow implements InputSig { +module CppOldDataFlow implements InputSig { import Private import Public diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll index 83efaf1511f6..0b932e7f05f6 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll @@ -105,7 +105,7 @@ class Node extends TNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll index e1549ea57a36..694d344c2f90 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll @@ -4,9 +4,10 @@ * Provides C++-specific definitions for use in the taint tracking library. */ +private import semmle.code.cpp.Location private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific -module CppOldTaintTracking implements InputSig { +module CppOldTaintTracking implements InputSig { import TaintTrackingUtil } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/new/DataFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/new/DataFlow.qll index ea4218da7344..bcbebd0de1ed 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/new/DataFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/new/DataFlow.qll @@ -28,6 +28,6 @@ import cpp module DataFlow { private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.code.cpp.ir.dataflow.internal.DataFlowImpl1 } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll index 87e037aad9b6..d28a389203fa 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll @@ -27,6 +27,7 @@ module TaintTracking { private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific private import semmle.code.cpp.ir.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + private import semmle.code.cpp.Location + import TaintFlowMake import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/DataFlow.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/DataFlow.qll index a2dd75d635cd..671d82c74efd 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/DataFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/DataFlow.qll @@ -24,6 +24,6 @@ import cpp module DataFlow { private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.code.cpp.ir.dataflow.internal.DataFlowImpl1 } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/TaintTracking.qll index 6f2bfcdd6aa0..9ca1315ec3e5 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/TaintTracking.qll @@ -23,6 +23,6 @@ module TaintTracking { private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific private import semmle.code.cpp.ir.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll index f3e52187647b..edac7f5f62a1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ +private import semmle.code.cpp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +import MakeImpl diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll index 266693f45f6c..e620cc5de787 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ +private import semmle.code.cpp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import MakeImplCommon diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll index c32f63a619d5..6b0de326d114 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll @@ -8,7 +8,7 @@ private import DataFlowImplSpecific private import TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { predicate argHasPostUpdateExclude(Private::ArgumentNode n) { // The rules for whether an IR argument gets a post-update node are too // complex to model here. @@ -16,4 +16,4 @@ private module Input implements InputSig { } } -module Consistency = MakeConsistency; +module Consistency = MakeConsistency; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll index a8b9f99f3547..aeb136c761e2 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll @@ -3,6 +3,7 @@ */ private import codeql.dataflow.DataFlow +private import semmle.code.cpp.Location module Private { import DataFlowPrivate @@ -13,7 +14,7 @@ module Public { import DataFlowUtil } -module CppDataFlow implements InputSig { +module CppDataFlow implements InputSig { import Private import Public diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index b411790596ec..ab52e91429f5 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -448,7 +448,7 @@ class Node extends TIRDataFlowNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/TaintTrackingImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/TaintTrackingImplSpecific.qll index f62468087b9e..3364eff6e355 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/TaintTrackingImplSpecific.qll @@ -4,7 +4,8 @@ private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific +private import semmle.code.cpp.Location -module CppTaintTracking implements InputSig { +module CppTaintTracking implements InputSig { import TaintTrackingUtil } diff --git a/csharp/ql/consistency-queries/DataFlowConsistency.ql b/csharp/ql/consistency-queries/DataFlowConsistency.ql index 1ee888329c77..2f34368b669b 100644 --- a/csharp/ql/consistency-queries/DataFlowConsistency.ql +++ b/csharp/ql/consistency-queries/DataFlowConsistency.ql @@ -4,7 +4,7 @@ private import semmle.code.csharp.dataflow.internal.DataFlowImplSpecific private import semmle.code.csharp.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { private import CsharpDataFlow private predicate isStaticAssignable(Assignable a) { a.(Modifiable).isStatic() } @@ -99,4 +99,4 @@ private module Input implements InputSig { } } -import MakeConsistency +import MakeConsistency diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/DataFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/DataFlow.qll index 17e698dce2d3..0fc12debaa8d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/DataFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/DataFlow.qll @@ -8,6 +8,6 @@ import csharp module DataFlow { private import semmle.code.csharp.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.code.csharp.dataflow.internal.DataFlowImpl1 } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/TaintTracking.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/TaintTracking.qll index 7243d36b05d3..fb39294ed23e 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/TaintTracking.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/TaintTracking.qll @@ -10,6 +10,6 @@ module TaintTracking { private import semmle.code.csharp.dataflow.internal.DataFlowImplSpecific private import semmle.code.csharp.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import semmle.code.csharp.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll index 4cf39afc8123..09e47bdd831e 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ +private import semmle.code.csharp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +import MakeImpl diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll index 55829d7d059d..72ccd3152da0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ +private import semmle.code.csharp.Location private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import MakeImplCommon diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll index 774dc6bd86aa..af104d777b87 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll @@ -2,6 +2,7 @@ * Provides C#-specific definitions for use in the data flow library. */ +private import semmle.code.csharp.Location private import codeql.dataflow.DataFlow module Private { @@ -13,7 +14,7 @@ module Public { import DataFlowPublic } -module CsharpDataFlow implements InputSig { +module CsharpDataFlow implements InputSig { import Private import Public diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll index bf30fe5112de..20e3dd8eb7d0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll @@ -58,7 +58,7 @@ class Node extends TNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 19972a86ab6e..8c76fc3d1a7a 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -12,7 +12,7 @@ private import DataFlowImplSpecific::Public private import semmle.code.csharp.Unification private import semmle.code.csharp.dataflow.internal.ExternalFlow -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = UnboundCallable; ArgumentPosition callbackSelfParameterPosition() { result.isDelegateSelf() } @@ -80,7 +80,7 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module TypesInput implements Impl::Private::TypesInputSig { DataFlowType getSyntheticGlobalType(Impl::Private::SyntheticGlobal sg) { @@ -154,7 +154,7 @@ private module StepsInput implements Impl::Private::StepsInputSig { } module SourceSinkInterpretationInput implements - Impl::Private::External::SourceSinkInterpretationInputSig + Impl::Private::External::SourceSinkInterpretationInputSig { private import csharp as Cs @@ -252,7 +252,7 @@ module Private { module External { import Impl::Private::External - import Impl::Private::External::SourceSinkInterpretation + import Impl::Private::External::SourceSinkInterpretation } private module SummaryComponentInternal = Impl::Private::SummaryComponent; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingImplSpecific.qll index 17a0d2c3c1a4..b33d582021f0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingImplSpecific.qll @@ -2,9 +2,10 @@ * Provides C#-specific definitions for use in the taint tracking library. */ +private import semmle.code.csharp.Location private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific -module CsharpTaintTracking implements InputSig { +module CsharpTaintTracking implements InputSig { import TaintTrackingPrivate } diff --git a/csharp/ql/test/TestUtilities/InlineFlowTest.qll b/csharp/ql/test/TestUtilities/InlineFlowTest.qll index b7d7226e8126..bf7463535e19 100644 --- a/csharp/ql/test/TestUtilities/InlineFlowTest.qll +++ b/csharp/ql/test/TestUtilities/InlineFlowTest.qll @@ -9,7 +9,7 @@ private import semmle.code.csharp.dataflow.internal.DataFlowImplSpecific private import semmle.code.csharp.dataflow.internal.TaintTrackingImplSpecific private import internal.InlineExpectationsTestImpl -private module FlowTestImpl implements InputSig { +private module FlowTestImpl implements InputSig { predicate defaultSource(DataFlow::Node source) { source.asExpr().(MethodCall).getTarget().getUndecoratedName() = ["Source", "Taint"] } @@ -35,4 +35,4 @@ private module FlowTestImpl implements InputSig { } } -import InlineFlowTestMake +import InlineFlowTestMake diff --git a/go/ql/lib/semmle/go/DiagnosticsReporting.qll b/go/ql/lib/semmle/go/DiagnosticsReporting.qll index 653e3ad7c5e2..e05fe0e7a58a 100644 --- a/go/ql/lib/semmle/go/DiagnosticsReporting.qll +++ b/go/ql/lib/semmle/go/DiagnosticsReporting.qll @@ -1,6 +1,7 @@ /** Provides classes for working with errors and warnings recorded during extraction. */ import go +private import semmle.go.internal.Locations /** Gets the SARIF severity level that indicates an error. */ private int getErrorSeverity() { result = 2 } @@ -29,7 +30,7 @@ private class Diagnostic extends @diagnostic { * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) { - exists(Location l | diagnostics(this, _, _, _, _, l) | l.hasLocationInfo(path, sl, sc, el, ec)) + getDiagnosticLocation(this).hasLocationInfo(path, sl, sc, el, ec) } string toString() { result = this.getMessage() } diff --git a/go/ql/lib/semmle/go/Files.qll b/go/ql/lib/semmle/go/Files.qll index 87e3fd3169d1..cda168482ca9 100644 --- a/go/ql/lib/semmle/go/Files.qll +++ b/go/ql/lib/semmle/go/Files.qll @@ -50,8 +50,6 @@ class Folder extends Container, Impl::Folder { class ExtractedOrExternalFile extends Container, Impl::File, Documentable, ExprParent, GoModExprParent, DeclParent, ScopeNode { - override Location getLocation() { has_location(this, result) } - /** Gets the number of lines in this file. */ int getNumberOfLines() { numlines(this, result, _, _) } diff --git a/go/ql/lib/semmle/go/HTML.qll b/go/ql/lib/semmle/go/HTML.qll index c68155fd01c9..2f0e411a88d8 100644 --- a/go/ql/lib/semmle/go/HTML.qll +++ b/go/ql/lib/semmle/go/HTML.qll @@ -15,8 +15,6 @@ module HTML { class Element extends Locatable, @xmlelement { Element() { exists(HtmlFile f | xmlElements(this, _, _, _, f)) } - override Location getLocation() { xmllocations(this, result) } - /** * Gets the name of this HTML element. * @@ -97,8 +95,6 @@ module HTML { class Attribute extends Locatable, @xmlattribute { Attribute() { xmlAttrs(this, _, _, _, _, any(HtmlFile f)) } - override Location getLocation() { xmllocations(this, result) } - /** * Gets the element to which this attribute belongs. */ @@ -180,8 +176,6 @@ module HTML { * Holds if this text node is inside a `CDATA` tag. */ predicate isCData() { xmlChars(this, _, _, _, 1, _) } - - override Location getLocation() { xmllocations(this, result) } } /** @@ -203,7 +197,5 @@ module HTML { string getText() { result = this.toString().regexpCapture("(?s)", 1) } override string toString() { xmlComments(this, result, _, _) } - - override Location getLocation() { xmllocations(this, result) } } } diff --git a/go/ql/lib/semmle/go/Locations.qll b/go/ql/lib/semmle/go/Locations.qll index acd5f94430b6..d5ab0858f213 100644 --- a/go/ql/lib/semmle/go/Locations.qll +++ b/go/ql/lib/semmle/go/Locations.qll @@ -1,28 +1,31 @@ /** Provides classes for working with locations and program elements that have locations. */ import go +private import internal.Locations /** * A location as given by a file, a start line, a start column, * an end line, and an end column. * + * This class is restricted to locations created by the extractor. + * * For more information about locations see [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ -class Location extends @location { +class DbLocation extends TDbLocation { /** Gets the file for this location. */ - File getFile() { locations_default(this, result, _, _, _, _) } + File getFile() { dbLocationInfo(this, result, _, _, _, _) } /** Gets the 1-based line number (inclusive) where this location starts. */ - int getStartLine() { locations_default(this, _, result, _, _, _) } + int getStartLine() { dbLocationInfo(this, _, result, _, _, _) } /** Gets the 1-based column number (inclusive) where this location starts. */ - int getStartColumn() { locations_default(this, _, _, result, _, _) } + int getStartColumn() { dbLocationInfo(this, _, _, result, _, _) } /** Gets the 1-based line number (inclusive) where this location ends. */ - int getEndLine() { locations_default(this, _, _, _, result, _) } + int getEndLine() { dbLocationInfo(this, _, _, _, result, _) } /** Gets the 1-based column number (inclusive) where this location ends. */ - int getEndColumn() { locations_default(this, _, _, _, _, result) } + int getEndColumn() { dbLocationInfo(this, _, _, _, _, result) } /** Gets the number of lines covered by this location. */ int getNumLines() { result = this.getEndLine() - this.getStartLine() + 1 } @@ -46,19 +49,21 @@ class Location extends @location { string filepath, int startline, int startcolumn, int endline, int endcolumn ) { exists(File f | - locations_default(this, f, startline, startcolumn, endline, endcolumn) and + dbLocationInfo(this, f, startline, startcolumn, endline, endcolumn) and filepath = f.getAbsolutePath() ) } } +final class Location = LocationImpl; + /** A program element with a location. */ class Locatable extends @locatable { /** Gets the file this program element comes from. */ File getFile() { result = this.getLocation().getFile() } /** Gets this element's location. */ - Location getLocation() { has_location(this, result) } + final DbLocation getLocation() { result = getLocatableLocation(this) } /** Gets the number of lines covered by this element. */ int getNumLines() { result = this.getLocation().getNumLines() } diff --git a/go/ql/lib/semmle/go/dataflow/DataFlow.qll b/go/ql/lib/semmle/go/dataflow/DataFlow.qll index 4a5290255a4d..9363bc93abda 100644 --- a/go/ql/lib/semmle/go/dataflow/DataFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/DataFlow.qll @@ -24,7 +24,7 @@ import go module DataFlow { private import semmle.go.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.go.dataflow.internal.DataFlowImpl1 import Properties } diff --git a/go/ql/lib/semmle/go/dataflow/TaintTracking.qll b/go/ql/lib/semmle/go/dataflow/TaintTracking.qll index 2c028a0e34a8..d762e925ab57 100644 --- a/go/ql/lib/semmle/go/dataflow/TaintTracking.qll +++ b/go/ql/lib/semmle/go/dataflow/TaintTracking.qll @@ -13,7 +13,8 @@ module TaintTracking { import semmle.go.dataflow.internal.tainttracking1.TaintTrackingParameter::Public private import semmle.go.dataflow.internal.DataFlowImplSpecific private import semmle.go.dataflow.internal.TaintTrackingImplSpecific + private import semmle.go.Locations private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import semmle.go.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll index b95eab3eb018..c9761d217024 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +private import semmle.go.Locations +import MakeImpl diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll index 8f8f7b0a36c5..6df86bde023d 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +private import semmle.go.Locations +import MakeImplCommon diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplConsistency.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplConsistency.qll index 6397b79716b0..58b849858416 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplConsistency.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplConsistency.qll @@ -7,7 +7,8 @@ private import go private import DataFlowImplSpecific private import TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency +private import semmle.go.dataflow.internal.DataFlowNodes -private module Input implements InputSig { } +private module Input implements InputSig { } -module Consistency = MakeConsistency; +module Consistency = MakeConsistency; diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll index 555b09660e8b..c680778ce4d2 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll @@ -3,6 +3,7 @@ */ private import codeql.dataflow.DataFlow +private import semmle.go.Locations module Private { import DataFlowPrivate @@ -13,7 +14,7 @@ module Public { import DataFlowUtil } -module GoDataFlow implements InputSig { +module GoDataFlow implements InputSig { import Private import Public diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll index 9034e454278a..6b230bc728f8 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll @@ -157,6 +157,14 @@ module Public { endcolumn = 0 } + /** Gets the location of this node. */ + Location getLocation() { + exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | + this.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + result.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + ) + } + /** Gets the file in which this node appears. */ File getFile() { this.hasLocationInfo(result.getAbsolutePath(), _, _, _, _) } diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll index e17f4cd9cd23..f750214010f3 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll @@ -251,8 +251,6 @@ class DataFlowType extends TDataFlowType { string toString() { result = "" } } -class DataFlowLocation = Location; - private newtype TDataFlowCallable = TCallable(Callable c) or TFileScope(File f) or diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index cbf33afff251..fb09daa48ff5 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -15,7 +15,7 @@ private module FlowSummaries { private import semmle.go.dataflow.FlowSummary as F } -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = Callable; ArgumentPosition callbackSelfParameterPosition() { result = -1 } @@ -83,7 +83,7 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module StepsInput implements Impl::Private::StepsInputSig { DataFlowCall getACall(Public::SummarizedCallable sc) { @@ -95,7 +95,7 @@ private module StepsInput implements Impl::Private::StepsInputSig { } module SourceSinkInterpretationInput implements - Impl::Private::External::SourceSinkInterpretationInputSig + Impl::Private::External::SourceSinkInterpretationInputSig { class Element = SourceOrSinkElement; @@ -264,7 +264,7 @@ module Private { module External { import Impl::Private::External - import Impl::Private::External::SourceSinkInterpretation + import Impl::Private::External::SourceSinkInterpretation } /** diff --git a/go/ql/lib/semmle/go/dataflow/internal/TaintTrackingImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/TaintTrackingImplSpecific.qll index f52499df2321..b9795bb14d31 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/TaintTrackingImplSpecific.qll @@ -4,7 +4,8 @@ private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific +private import semmle.go.Locations -module GoTaintTracking implements InputSig { +module GoTaintTracking implements InputSig { import TaintTrackingUtil } diff --git a/go/ql/lib/semmle/go/internal/Locations.qll b/go/ql/lib/semmle/go/internal/Locations.qll new file mode 100644 index 000000000000..498ac9d11702 --- /dev/null +++ b/go/ql/lib/semmle/go/internal/Locations.qll @@ -0,0 +1,143 @@ +/** Provides classes for working with locations and program elements that have locations. */ + +import go + +// Should _not_ be cached, as that would require the data flow stage to be evaluated +// in order to evaluate the AST stage. Ideally, we would cache each injector separately, +// but that's not possible. Instead, we cache all predicates that need the injectors +// to be tuple numbered. +newtype TLocation = + TDbLocation(@location loc) or + TSynthLocation(string filepath, int startline, int startcolumn, int endline, int endcolumn) { + any(DataFlow::Node n).hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + // avoid overlap with existing DB locations + not exists(File f | + locations_default(_, f, startline, startcolumn, endline, endcolumn) and + f.getAbsolutePath() = filepath + ) + } + +/** + * A location as given by a file, a start line, a start column, + * an end line, and an end column. + * + * For more information about locations see [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +abstract class LocationImpl extends TLocation { + /** Gets the file for this location. */ + abstract File getFile(); + + /** Gets the 1-based line number (inclusive) where this location starts. */ + abstract int getStartLine(); + + /** Gets the 1-based column number (inclusive) where this location starts. */ + abstract int getStartColumn(); + + /** Gets the 1-based line number (inclusive) where this location ends. */ + abstract int getEndLine(); + + /** Gets the 1-based column number (inclusive) where this location ends. */ + abstract int getEndColumn(); + + /** Gets the number of lines covered by this location. */ + int getNumLines() { result = this.getEndLine() - this.getStartLine() + 1 } + + /** Gets a textual representation of this element. */ + string toString() { + exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | + this.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + result = filepath + "@" + startline + ":" + startcolumn + ":" + endline + ":" + endcolumn + ) + } + + /** + * Holds if this element is at the specified location. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `filepath`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ + abstract predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ); +} + +class DbLocationImpl extends LocationImpl instanceof DbLocation { + private @location loc; + + DbLocationImpl() { this = TDbLocation(loc) } + + override File getFile() { result = DbLocation.super.getFile() } + + override int getStartLine() { result = DbLocation.super.getStartLine() } + + override int getStartColumn() { result = DbLocation.super.getStartColumn() } + + override int getEndLine() { result = DbLocation.super.getEndLine() } + + override int getEndColumn() { result = DbLocation.super.getEndColumn() } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + DbLocation.super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + } +} + +class SynthLocationImpl extends LocationImpl, TSynthLocation { + override File getFile() { synthLocationInfo(this, result.getAbsolutePath(), _, _, _, _) } + + override int getStartLine() { synthLocationInfo(this, _, result, _, _, _) } + + override int getStartColumn() { synthLocationInfo(this, _, _, result, _, _) } + + override int getEndLine() { synthLocationInfo(this, _, _, _, result, _) } + + override int getEndColumn() { synthLocationInfo(this, _, _, _, _, result) } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + synthLocationInfo(this, filepath, startline, startcolumn, endline, endcolumn) + } +} + +cached +private module Cached { + cached + DbLocation getLocatableLocation(@locatable l) { + exists(@location loc | + has_location(l, loc) or + xmllocations(l, loc) + | + result = TDbLocation(loc) + ) + } + + cached + DbLocation getDiagnosticLocation(@diagnostic d) { + exists(@location loc | + diagnostics(d, _, _, _, _, loc) and + result = TDbLocation(loc) + ) + } + + cached + predicate dbLocationInfo( + DbLocation l, File f, int startline, int startcolumn, int endline, int endcolumn + ) { + exists(@location loc | + l = TDbLocation(loc) and + locations_default(loc, f, startline, startcolumn, endline, endcolumn) + ) + } +} + +import Cached + +cached +private predicate synthLocationInfo( + SynthLocationImpl l, string filepath, int startline, int startcolumn, int endline, int endcolumn +) { + l = TSynthLocation(filepath, startline, startcolumn, endline, endcolumn) +} diff --git a/go/ql/src/Security/CWE-338/InsecureRandomness.ql b/go/ql/src/Security/CWE-338/InsecureRandomness.ql index cc6bc42be710..a66641cf1cef 100644 --- a/go/ql/src/Security/CWE-338/InsecureRandomness.ql +++ b/go/ql/src/Security/CWE-338/InsecureRandomness.ql @@ -25,7 +25,7 @@ where min(InsecureRandomness::Flow::PathNode sink2, int line | InsecureRandomness::Flow::flowPath(_, sink2) and sink2.getNode().getRoot() = sink.getNode().getRoot() and - sink2.hasLocationInfo(_, line, _, _, _) + line = sink2.getLocation().getStartLine() | sink2 order by line ) diff --git a/go/ql/test/TestUtilities/InlineFlowTest.qll b/go/ql/test/TestUtilities/InlineFlowTest.qll index 3ec43911b76e..b761fed993ee 100644 --- a/go/ql/test/TestUtilities/InlineFlowTest.qll +++ b/go/ql/test/TestUtilities/InlineFlowTest.qll @@ -9,7 +9,7 @@ private import semmle.go.dataflow.internal.DataFlowImplSpecific private import semmle.go.dataflow.internal.TaintTrackingImplSpecific private import internal.InlineExpectationsTestImpl -private module FlowTestImpl implements InputSig { +private module FlowTestImpl implements InputSig { predicate defaultSource(DataFlow::Node source) { exists(Function fn | fn.hasQualifiedName(_, ["source", "taint"]) | source = fn.getACall().getResult() @@ -26,4 +26,4 @@ private module FlowTestImpl implements InputSig { } } -import InlineFlowTestMake +import InlineFlowTestMake diff --git a/go/ql/test/TestUtilities/internal/InlineExpectationsTestImpl.qll b/go/ql/test/TestUtilities/internal/InlineExpectationsTestImpl.qll index a544aed8fee7..1d1854407722 100644 --- a/go/ql/test/TestUtilities/internal/InlineExpectationsTestImpl.qll +++ b/go/ql/test/TestUtilities/internal/InlineExpectationsTestImpl.qll @@ -2,13 +2,18 @@ private import go as G private import codeql.util.test.InlineExpectationsTest module Impl implements InlineExpectationsTestSig { + final private class CommentFinal = G::Comment; + /** * A class representing line comments in the Go style, including the * preceding comment marker (`//`). */ - class ExpectationComment extends G::Comment { + class ExpectationComment extends CommentFinal { /** Returns the contents of the given comment, _without_ the preceding comment marker (`//`). */ string getContents() { result = this.getText() } + + /** Gets this element's location. */ + G::Location getLocation() { result = super.getLocation() } } class Location = G::Location; diff --git a/go/ql/test/extractor-tests/diagnostics/Diagnostics.ql b/go/ql/test/extractor-tests/diagnostics/Diagnostics.ql index ed6d8ac043de..324709175e5c 100644 --- a/go/ql/test/extractor-tests/diagnostics/Diagnostics.ql +++ b/go/ql/test/extractor-tests/diagnostics/Diagnostics.ql @@ -1,4 +1,5 @@ import go +private import semmle.go.internal.Locations bindingset[path] string baseName(string path) { result = path.regexpCapture(".*(/|\\\\)([^/\\\\]+)(/|\\\\)?$", 2) } @@ -30,7 +31,12 @@ class Diagnostic extends @diagnostic { diagnostic_for(this, c, fileNum, idx) } - Location getLocation() { diagnostics(this, _, _, _, _, result) } + DbLocation getLocation() { + exists(@location loc | + diagnostics(this, _, _, _, _, loc) and + result = TDbLocation(loc) + ) + } // string getTag() { // diagnostics(this, _, result, _, _, _) diff --git a/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll b/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll index 0f87cb7010c9..66a7a847c336 100644 --- a/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll @@ -8,6 +8,6 @@ import java module DataFlow { private import semmle.code.java.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import semmle.code.java.dataflow.internal.DataFlowImpl1 } diff --git a/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll b/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll index ad7b88381a8a..ed13837a312b 100644 --- a/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll +++ b/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll @@ -12,6 +12,6 @@ module TaintTracking { private import semmle.code.java.dataflow.internal.DataFlowImplSpecific private import semmle.code.java.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import semmle.code.java.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 30746706e311..689e58daab89 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +private import semmle.code.Location +import MakeImpl diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll index 2118572f7797..00f388dfdf3a 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific +private import semmle.code.Location private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import MakeImplCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll index 1dfa24fffac4..0272af417ace 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll @@ -8,10 +8,10 @@ private import DataFlowImplSpecific private import TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { predicate argHasPostUpdateExclude(JavaDataFlow::ArgumentNode n) { n.getType() instanceof ImmutableType or n instanceof Public::ImplicitVarargsArray } } -module Consistency = MakeConsistency; +module Consistency = MakeConsistency; diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll index e269b56e3aa4..84cdf19ed518 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll @@ -2,6 +2,7 @@ * Provides Java-specific definitions for use in the data flow library. */ +private import semmle.code.Location private import codeql.dataflow.DataFlow module Private { @@ -13,7 +14,7 @@ module Public { import DataFlowUtil } -module JavaDataFlow implements InputSig { +module JavaDataFlow implements InputSig { import Private import Public diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll index 8bcbf0635a35..bf867d21d3cc 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll @@ -163,7 +163,7 @@ module Public { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index d5364567d88d..0960497dd8c7 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -26,7 +26,7 @@ private string positionToString(int pos) { if pos = -1 then result = "this" else result = pos.toString() } -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = FlowSummary::SummarizedCallableBase; ArgumentPosition callbackSelfParameterPosition() { result = -1 } @@ -85,7 +85,7 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module TypesInput implements Impl::Private::TypesInputSig { DataFlowType getSyntheticGlobalType(Impl::Private::SyntheticGlobal sg) { @@ -186,7 +186,7 @@ private predicate correspondingKotlinParameterDefaultsArgSpec( } module SourceSinkInterpretationInput implements - Impl::Private::External::SourceSinkInterpretationInputSig + Impl::Private::External::SourceSinkInterpretationInputSig { private import java as J @@ -294,7 +294,7 @@ module Private { module External { import Impl::Private::External - import Impl::Private::External::SourceSinkInterpretation + import Impl::Private::External::SourceSinkInterpretation /** * Holds if an external flow summary exists for `c` with input specification diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll index ba30b102a208..0f756200abeb 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll @@ -4,7 +4,8 @@ private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific +private import semmle.code.Location -module JavaTaintTracking implements InputSig { +module JavaTaintTracking implements InputSig { import TaintTrackingUtil } diff --git a/java/ql/test-kotlin1/TestUtilities/InlineFlowTest.qll b/java/ql/test-kotlin1/TestUtilities/InlineFlowTest.qll index d815f3026380..500e47836145 100644 --- a/java/ql/test-kotlin1/TestUtilities/InlineFlowTest.qll +++ b/java/ql/test-kotlin1/TestUtilities/InlineFlowTest.qll @@ -10,7 +10,7 @@ private import semmle.code.java.dataflow.internal.DataFlowImplSpecific private import semmle.code.java.dataflow.internal.TaintTrackingImplSpecific private import internal.InlineExpectationsTestImpl -private module FlowTestImpl implements InputSig { +private module FlowTestImpl implements InputSig { predicate defaultSource(DataFlow::Node source) { source.asExpr().(MethodCall).getMethod().getName() = ["source", "taint"] } @@ -30,4 +30,4 @@ private module FlowTestImpl implements InputSig { } } -import InlineFlowTestMake +import InlineFlowTestMake diff --git a/java/ql/test/TestUtilities/InlineFlowTest.qll b/java/ql/test/TestUtilities/InlineFlowTest.qll index d815f3026380..500e47836145 100644 --- a/java/ql/test/TestUtilities/InlineFlowTest.qll +++ b/java/ql/test/TestUtilities/InlineFlowTest.qll @@ -10,7 +10,7 @@ private import semmle.code.java.dataflow.internal.DataFlowImplSpecific private import semmle.code.java.dataflow.internal.TaintTrackingImplSpecific private import internal.InlineExpectationsTestImpl -private module FlowTestImpl implements InputSig { +private module FlowTestImpl implements InputSig { predicate defaultSource(DataFlow::Node source) { source.asExpr().(MethodCall).getMethod().getName() = ["source", "taint"] } @@ -30,4 +30,4 @@ private module FlowTestImpl implements InputSig { } } -import InlineFlowTestMake +import InlineFlowTestMake diff --git a/python/ql/consistency-queries/DataFlowConsistency.ql b/python/ql/consistency-queries/DataFlowConsistency.ql index f0a0d0356ca2..759db3d19a9c 100644 --- a/python/ql/consistency-queries/DataFlowConsistency.ql +++ b/python/ql/consistency-queries/DataFlowConsistency.ql @@ -10,12 +10,16 @@ private import semmle.python.dataflow.new.internal.DataFlowDispatch private import semmle.python.dataflow.new.internal.TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { private import Private private import Public predicate postWithInFlowExclude(Node n) { n instanceof FlowSummaryNode } + predicate uniqueNodeLocationExclude(Node n) { n instanceof FlowSummaryNode } + + predicate missingLocationExclude(Node n) { n instanceof FlowSummaryNode } + predicate argHasPostUpdateExclude(ArgumentNode n) { // TODO: Implement post-updates for *args, see tests added in https://github.com/github/codeql/pull/14936 exists(ArgumentPosition apos | n.argumentOf(_, apos) and apos.isStarArgs(_)) @@ -132,4 +136,4 @@ private module Input implements InputSig { } } -import MakeConsistency +import MakeConsistency diff --git a/python/ql/lib/semmle/python/ApiGraphs.qll b/python/ql/lib/semmle/python/ApiGraphs.qll index 18202ebb5241..6f27c829e32c 100644 --- a/python/ql/lib/semmle/python/ApiGraphs.qll +++ b/python/ql/lib/semmle/python/ApiGraphs.qll @@ -328,6 +328,9 @@ module API { */ DataFlow::Node getInducingNode() { this = Impl::MkUse(result) or this = Impl::MkDef(result) } + /** Gets the location of this node */ + PY::Location getLocation() { result = this.getInducingNode().getLocation() } + /** * Holds if this element is at the specified location. * The location spans column `startcolumn` of line `startline` to @@ -335,7 +338,7 @@ module API { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getInducingNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/python/ql/lib/semmle/python/dataflow/new/DataFlow.qll b/python/ql/lib/semmle/python/dataflow/new/DataFlow.qll index 75725a42a9ea..17cc0a0ee858 100644 --- a/python/ql/lib/semmle/python/dataflow/new/DataFlow.qll +++ b/python/ql/lib/semmle/python/dataflow/new/DataFlow.qll @@ -24,6 +24,6 @@ private import python module DataFlow { private import internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import internal.DataFlowImpl1 } diff --git a/python/ql/lib/semmle/python/dataflow/new/TaintTracking.qll b/python/ql/lib/semmle/python/dataflow/new/TaintTracking.qll index aa80e7c7148d..e085ba45dd00 100644 --- a/python/ql/lib/semmle/python/dataflow/new/TaintTracking.qll +++ b/python/ql/lib/semmle/python/dataflow/new/TaintTracking.qll @@ -19,6 +19,6 @@ module TaintTracking { private import semmle.python.dataflow.new.internal.DataFlowImplSpecific private import semmle.python.dataflow.new.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + import TaintFlowMake import internal.tainttracking1.TaintTrackingImpl } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll index 87a278e0f6bc..5abb5e31edbe 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll @@ -1595,7 +1595,7 @@ class FlowSummaryNode extends Node, TFlowSummaryNode { override string toString() { result = this.getSummaryNode().toString() } // Hack to return "empty location" - override predicate hasLocationInfo( + deprecated override predicate hasLocationInfo( string file, int startline, int startcolumn, int endline, int endcolumn ) { file = "" and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll index 92f0f17ce825..9789857adcb8 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +private import semmle.python.Files +import MakeImpl diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll index 41c9c4ec1be7..cd7c39923307 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +private import semmle.python.Files +import MakeImplCommon diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll index cffdefe41ba2..2d18c789732b 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll @@ -15,7 +15,7 @@ module Public { import DataFlowUtil } -module PythonDataFlow implements InputSig { +module PythonDataFlow implements InputSig { import Private import Public diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll index 73c87992c483..16a9572db6a7 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll @@ -148,6 +148,7 @@ class Node extends TNode { DataFlowCallable getEnclosingCallable() { result = getCallableScope(this.getScope()) } /** Gets the location of this node */ + cached Location getLocation() { none() } /** @@ -157,8 +158,7 @@ class Node extends TNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - cached - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { Stages::DataFlow::ref() and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index 4a55d38edb6c..5e45a961b5b7 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -9,7 +9,7 @@ private import DataFlowImplSpecific as DataFlowImplSpecific private import DataFlowImplSpecific::Private private import DataFlowImplSpecific::Public -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = string; ArgumentPosition callbackSelfParameterPosition() { result.isLambdaSelf() } @@ -83,7 +83,7 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module StepsInput implements Impl::Private::StepsInputSig { DataFlowCall getACall(Public::SummarizedCallable sc) { diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingImplSpecific.qll index 6f65d2343443..798c1d5116f0 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingImplSpecific.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingImplSpecific.qll @@ -4,7 +4,8 @@ private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific +private import semmle.python.Files -module PythonTaintTracking implements InputSig { +module PythonTaintTracking implements InputSig { import TaintTrackingPrivate } diff --git a/python/ql/lib/semmle/python/internal/CachedStages.qll b/python/ql/lib/semmle/python/internal/CachedStages.qll index da32b4c071e1..687cabeceaed 100644 --- a/python/ql/lib/semmle/python/internal/CachedStages.qll +++ b/python/ql/lib/semmle/python/internal/CachedStages.qll @@ -194,7 +194,7 @@ module Stages { or exists(any(DataFlowPublic::Node node).toString()) or - any(DataFlowPublic::Node node).hasLocationInfo(_, _, _, _, _) + exists(any(DataFlowPublic::Node node).getLocation()) or DataFlowDispatch::resolveCall(_, _, _) or diff --git a/ruby/ql/consistency-queries/DataFlowConsistency.ql b/ruby/ql/consistency-queries/DataFlowConsistency.ql index d064eeb3701d..76155d5d1c11 100644 --- a/ruby/ql/consistency-queries/DataFlowConsistency.ql +++ b/ruby/ql/consistency-queries/DataFlowConsistency.ql @@ -5,7 +5,7 @@ private import codeql.ruby.dataflow.internal.DataFlowImplSpecific private import codeql.ruby.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { +private module Input implements InputSig { private import RubyDataFlow predicate postWithInFlowExclude(Node n) { n instanceof FlowSummaryNode } @@ -46,4 +46,4 @@ private module Input implements InputSig { } } -import MakeConsistency +import MakeConsistency diff --git a/ruby/ql/lib/codeql/ruby/DataFlow.qll b/ruby/ql/lib/codeql/ruby/DataFlow.qll index aa6e7e0cd59a..f17c85143f5d 100644 --- a/ruby/ql/lib/codeql/ruby/DataFlow.qll +++ b/ruby/ql/lib/codeql/ruby/DataFlow.qll @@ -12,6 +12,6 @@ import codeql.Locations module DataFlow { private import codeql.ruby.dataflow.internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + import DataFlowMake import codeql.ruby.dataflow.internal.DataFlowImpl1 } diff --git a/ruby/ql/lib/codeql/ruby/TaintTracking.qll b/ruby/ql/lib/codeql/ruby/TaintTracking.qll index 461a423e1f1d..7534b28079ae 100644 --- a/ruby/ql/lib/codeql/ruby/TaintTracking.qll +++ b/ruby/ql/lib/codeql/ruby/TaintTracking.qll @@ -7,6 +7,7 @@ module TaintTracking { private import codeql.ruby.dataflow.internal.DataFlowImplSpecific private import codeql.ruby.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + private import codeql.Locations + import TaintFlowMake import codeql.ruby.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll index 277b639d0ab3..21ceca9e3b51 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ +private import codeql.Locations private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +import MakeImpl diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll index 05e0bc67b306..0b0e883803e1 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ +private import codeql.Locations private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import MakeImplCommon diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll index 7a8e6dad9f83..b342537b053d 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll @@ -2,6 +2,7 @@ * Provides Ruby-specific definitions for use in the data flow library. */ +private import codeql.Locations private import codeql.dataflow.DataFlow module Private { @@ -13,7 +14,7 @@ module Public { import DataFlowPublic } -module RubyDataFlow implements InputSig { +module RubyDataFlow implements InputSig { import Private import Public diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll index 8d0c565a7376..c1c625a23167 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll @@ -35,7 +35,7 @@ class Node extends TNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index 59f8e541b3d9..d0beb44ac7b4 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -9,7 +9,7 @@ private import codeql.ruby.dataflow.internal.DataFlowImplSpecific as DataFlowImp private import DataFlowImplSpecific::Private private import DataFlowImplSpecific::Public -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = string; ArgumentPosition callbackSelfParameterPosition() { result.isLambdaSelf() } @@ -146,7 +146,7 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module StepsInput implements Impl::Private::StepsInputSig { DataFlowCall getACall(Public::SummarizedCallable sc) { diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingImplSpecific.qll index fe733ee5d95a..987aefdda72d 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingImplSpecific.qll @@ -2,9 +2,10 @@ * Provides Ruby-specific definitions for use in the taint tracking library. */ +private import codeql.Locations private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific -module RubyTaintTracking implements InputSig { +module RubyTaintTracking implements InputSig { import TaintTrackingPrivate } diff --git a/ruby/ql/test/TestUtilities/InlineFlowTest.qll b/ruby/ql/test/TestUtilities/InlineFlowTest.qll index c9ceda9dff5f..7d8a4cb03b88 100644 --- a/ruby/ql/test/TestUtilities/InlineFlowTest.qll +++ b/ruby/ql/test/TestUtilities/InlineFlowTest.qll @@ -4,12 +4,13 @@ */ import ruby +private import codeql.Locations private import codeql.dataflow.test.InlineFlowTest private import codeql.ruby.dataflow.internal.DataFlowImplSpecific private import codeql.ruby.dataflow.internal.TaintTrackingImplSpecific private import internal.InlineExpectationsTestImpl -private module FlowTestImpl implements InputSig { +private module FlowTestImpl implements InputSig { import TestUtilities.InlineFlowTestUtil bindingset[src, sink] @@ -19,4 +20,4 @@ private module FlowTestImpl implements InputSig { } } -import InlineFlowTestMake +import InlineFlowTestMake diff --git a/shared/dataflow/codeql/dataflow/DataFlow.qll b/shared/dataflow/codeql/dataflow/DataFlow.qll index 6a18c1666134..ebb9f7c8c252 100644 --- a/shared/dataflow/codeql/dataflow/DataFlow.qll +++ b/shared/dataflow/codeql/dataflow/DataFlow.qll @@ -4,8 +4,10 @@ * modules. */ +private import codeql.util.Location + /** Provides language-specific data flow parameters. */ -signature module InputSig { +signature module InputSig { /** * A node in the data flow graph. */ @@ -13,16 +15,8 @@ signature module InputSig { /** Gets a textual representation of this element. */ string toString(); - /** - * Holds if this element is at the specified location. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `filepath`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ); + /** Gets the location of this node. */ + Location getLocation(); } class ParameterNode extends Node; @@ -321,9 +315,9 @@ signature module InputSig { default predicate ignoreFieldFlowBranchLimit(DataFlowCallable c) { none() } } -module Configs { +module Configs Lang> { private import Lang - private import internal.DataFlowImplCommon::MakeImplCommon + private import internal.DataFlowImplCommon::MakeImplCommon import DataFlowImplCommonPublic /** An input configuration for data flow. */ @@ -531,10 +525,10 @@ module Configs { } } -module DataFlowMake { +module DataFlowMake Lang> { private import Lang - private import internal.DataFlowImpl::MakeImpl - import Configs + private import internal.DataFlowImpl::MakeImpl + import Configs /** * Gets the exploration limit for `partialFlow` and `partialFlowRev` @@ -613,19 +607,11 @@ module DataFlowMake { /** Gets a textual representation of this element. */ string toString(); - /** - * Holds if this element is at the specified location. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `filepath`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ); - /** Gets the underlying `Node`. */ Node getNode(); + + /** Gets the location of this node. */ + Location getLocation(); } signature module PathGraphSig { @@ -668,6 +654,15 @@ module DataFlowMake { result = this.asPathNode2().toString() } + /** Gets the underlying `Node`. */ + Node getNode() { + result = this.asPathNode1().getNode() or + result = this.asPathNode2().getNode() + } + + /** Gets the location of this node. */ + Location getLocation() { result = this.getNode().getLocation() } + /** * Holds if this element is at the specified location. * The location spans column `startcolumn` of line `startline` to @@ -675,17 +670,10 @@ module DataFlowMake { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - this.asPathNode1().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) or - this.asPathNode2().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } - - /** Gets the underlying `Node`. */ - Node getNode() { - result = this.asPathNode1().getNode() or - result = this.asPathNode2().getNode() + this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } } @@ -750,7 +738,7 @@ module DataFlowMake { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) @@ -758,6 +746,9 @@ module DataFlowMake { /** Gets the underlying `Node`. */ Node getNode() { result = super.getNode() } + + /** Gets the location of this node. */ + Location getLocation() { result = super.getLocation() } } /** diff --git a/shared/dataflow/codeql/dataflow/TaintTracking.qll b/shared/dataflow/codeql/dataflow/TaintTracking.qll index 73960fbca1db..c7d4f6bf505a 100644 --- a/shared/dataflow/codeql/dataflow/TaintTracking.qll +++ b/shared/dataflow/codeql/dataflow/TaintTracking.qll @@ -5,11 +5,12 @@ private import DataFlow as DF private import internal.DataFlowImpl +private import codeql.util.Location /** * Provides language-specific taint-tracking parameters. */ -signature module InputSig { +signature module InputSig Lang> { /** * Holds if `node` should be a sanitizer in all global taint flow configurations * but not in local taint. @@ -33,10 +34,13 @@ signature module InputSig { /** * Construct the modules for taint-tracking analyses. */ -module TaintFlowMake TaintTrackingLang> { +module TaintFlowMake< + LocationSig Location, DF::InputSig DataFlowLang, + InputSig TaintTrackingLang> +{ private import TaintTrackingLang - private import DF::DataFlowMake as DataFlow - private import MakeImpl as DataFlowInternal + private import DF::DataFlowMake as DataFlow + private import MakeImpl as DataFlowInternal private module AddTaintDefaults implements DataFlowInternal::FullStateConfigSig diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll index d555b281710c..86546375798a 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll @@ -7,12 +7,13 @@ private import codeql.util.Unit private import codeql.util.Option private import codeql.util.Boolean +private import codeql.util.Location private import codeql.dataflow.DataFlow -module MakeImpl { +module MakeImpl Lang> { private import Lang - private import DataFlowMake - private import DataFlowImplCommon::MakeImplCommon + private import DataFlowMake + private import DataFlowImplCommon::MakeImplCommon private import DataFlowImplCommonPublic /** @@ -192,11 +193,7 @@ module MakeImpl { pragma[only_bind_out](this).getDataFlowType0() = pragma[only_bind_into](result) } - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - this.projectToNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } + Location getLocation() { result = this.projectToNode().getLocation() } } private class ArgNodeEx extends NodeEx { @@ -3305,11 +3302,7 @@ module MakeImpl { override string toString() { result = p + concat(" : " + ppReprType(t)) + " " + ap } - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - p.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } + Location getLocation() { result = p.getLocation() } } /** @@ -3727,18 +3720,8 @@ module MakeImpl { this.ppSummaryCtx() } - /** - * Holds if this element is at the specified location. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `filepath`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - this.getNodeEx().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } + /** Gets the location of this node. */ + Location getLocation() { result = this.getNodeEx().getLocation() } } /** Holds if `n` can reach a sink. */ @@ -3774,6 +3757,9 @@ module MakeImpl { */ final string toStringWithContext() { result = super.toStringWithContext() } + /** Gets the location of this node. */ + Location getLocation() { result = super.getLocation() } + /** * Holds if this element is at the specified location. * The location spans column `startcolumn` of line `startline` to @@ -3781,10 +3767,11 @@ module MakeImpl { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - final predicate hasLocationInfo( + pragma[inline] + deprecated final predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } /** Gets the underlying `Node`. */ @@ -3946,11 +3933,7 @@ module MakeImpl { override string toString() { result = sourceGroup } - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - filepath = "" and startline = 0 and startcolumn = 0 and endline = 0 and endcolumn = 0 - } + override Location getLocation() { result.hasLocationInfo("", 0, 0, 0, 0) } } private class PathNodeSinkGroup extends PathNodeImpl, TPathNodeSinkGroup { @@ -3968,11 +3951,7 @@ module MakeImpl { override string toString() { result = sinkGroup } - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - filepath = "" and startline = 0 and startcolumn = 0 and endline = 0 and endcolumn = 0 - } + override Location getLocation() { result.hasLocationInfo("", 0, 0, 0, 0) } } private predicate pathNode( @@ -4801,6 +4780,9 @@ module MakeImpl { result = this.getNodeEx().toString() + this.ppType() + this.ppAp() + this.ppCtx() } + /** Gets the location of this node. */ + Location getLocation() { result = this.getNodeEx().getLocation() } + /** * Holds if this element is at the specified location. * The location spans column `startcolumn` of line `startline` to @@ -4808,10 +4790,11 @@ module MakeImpl { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + pragma[inline] + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - this.getNodeEx().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } /** Gets the underlying `Node`. */ diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index 679be2cb5c6d..e83752fcced1 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -1,8 +1,9 @@ private import codeql.dataflow.DataFlow private import codeql.typetracking.TypeTracking as Tt +private import codeql.util.Location private import codeql.util.Unit -module MakeImplCommon { +module MakeImplCommon Lang> { private import Lang import Cached @@ -1642,19 +1643,13 @@ module MakeImplCommon { } } + final private class NodeFinal = Node; + /** * A `Node` at which a cast can occur such that the type should be checked. */ - class CastingNode instanceof Node { + class CastingNode extends NodeFinal { CastingNode() { castingNode(this) } - - string toString() { result = super.toString() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } } private predicate readStepWithTypes( @@ -1800,17 +1795,9 @@ module MakeImplCommon { * The value of a parameter at function entry, viewed as a node in a data * flow graph. */ - class ParamNode instanceof Node { + class ParamNode extends NodeFinal { ParamNode() { parameterNode(this, _, _) } - string toString() { result = super.toString() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } - /** * Holds if this node is the parameter of callable `c` at the specified * position. @@ -1821,17 +1808,9 @@ module MakeImplCommon { } /** A data-flow node that represents a call argument. */ - class ArgNode instanceof Node { + class ArgNode extends NodeFinal { ArgNode() { argumentNode(this, _, _) } - string toString() { result = super.toString() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } - /** Holds if this argument occurs at the given position in the given call. */ final predicate argumentOf(DataFlowCall call, ArgumentPosition pos) { argumentNode(this, call, pos) @@ -1842,17 +1821,9 @@ module MakeImplCommon { * A node from which flow can return to the caller. This is either a regular * `ReturnNode` or a `PostUpdateNode` corresponding to the value of a parameter. */ - class ReturnNodeExt instanceof Node { + class ReturnNodeExt extends NodeFinal { ReturnNodeExt() { returnNodeExt(this, _) } - string toString() { result = super.toString() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } - /** Gets the kind of this returned value. */ ReturnKindExt getKind() { returnNodeExt(this, result) } } @@ -1861,16 +1832,8 @@ module MakeImplCommon { * A node to which data can flow from a call. Either an ordinary out node * or a post-update node associated with a call argument. */ - class OutNodeExt instanceof Node { + class OutNodeExt extends NodeFinal { OutNodeExt() { outNodeExt(this) } - - string toString() { result = super.toString() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - super.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } } /** diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll index 374d42e9ad59..1d0f8d1969d5 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll @@ -5,8 +5,9 @@ private import codeql.dataflow.DataFlow as DF private import codeql.dataflow.TaintTracking as TT +private import codeql.util.Location -signature module InputSig { +signature module InputSig DataFlowLang> { /** Holds if `n` should be excluded from the consistency test `uniqueEnclosingCallable`. */ default predicate uniqueEnclosingCallableExclude(DataFlowLang::Node n) { none() } @@ -71,8 +72,8 @@ signature module InputSig { } module MakeConsistency< - DF::InputSig DataFlowLang, TT::InputSig TaintTrackingLang, - InputSig Input> + LocationSig Location, DF::InputSig DataFlowLang, + TT::InputSig TaintTrackingLang, InputSig Input> { private import DataFlowLang private import TaintTrackingLang @@ -128,10 +129,7 @@ module MakeConsistency< query predicate uniqueNodeLocation(Node n, string msg) { exists(int c | - c = - count(string filepath, int startline, int startcolumn, int endline, int endcolumn | - n.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - ) and + c = count(n.getLocation()) and c != 1 and not Input::uniqueNodeLocationExclude(n) and msg = "Node should have one location but has " + c + "." @@ -142,7 +140,7 @@ module MakeConsistency< exists(int c | c = strictcount(Node n | - not n.hasLocationInfo(_, _, _, _, _) and + not exists(n.getLocation()) and not Input::missingLocationExclude(n) ) and msg = "Nodes without location: " + c diff --git a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll index f3e840720ab9..4d6df2945213 100644 --- a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll @@ -10,7 +10,7 @@ private import AccessPathSyntax as AccessPathSyntax /** * Provides language-specific parameters. */ -signature module InputSig { +signature module InputSig Lang> { /** * A base class of callables that are candidates for flow summary modeling. */ @@ -139,10 +139,12 @@ signature module InputSig { } } -module Make Input> { +module Make< + LocationSig Location, DF::InputSig DataFlowLang, InputSig Input> +{ private import DataFlowLang private import Input - private import codeql.dataflow.internal.DataFlowImplCommon::MakeImplCommon + private import codeql.dataflow.internal.DataFlowImplCommon::MakeImplCommon private import codeql.util.Unit final private class SummarizedCallableBaseFinal = SummarizedCallableBase; @@ -1457,7 +1459,7 @@ module Make Input> { AccessPathSyntax::parseInt(part.getArgumentList()) < 0 } - signature module SourceSinkInterpretationInputSig { + signature module SourceSinkInterpretationInputSig { class Element { string toString(); @@ -1523,8 +1525,7 @@ module Make Input> { * Should eventually be replaced with API graphs like in dynamic languages. */ module SourceSinkInterpretation< - LocationSig Location, - SourceSinkInterpretationInputSig SourceSinkInterpretationInput> + SourceSinkInterpretationInputSig SourceSinkInterpretationInput> { private import SourceSinkInterpretationInput diff --git a/shared/dataflow/codeql/dataflow/test/InlineFlowTest.qll b/shared/dataflow/codeql/dataflow/test/InlineFlowTest.qll index 22a55f5aa073..e35d1332bca9 100644 --- a/shared/dataflow/codeql/dataflow/test/InlineFlowTest.qll +++ b/shared/dataflow/codeql/dataflow/test/InlineFlowTest.qll @@ -29,8 +29,9 @@ private import codeql.dataflow.DataFlow as DF private import codeql.dataflow.TaintTracking as TT private import codeql.util.test.InlineExpectationsTest as IET +private import codeql.util.Location -signature module InputSig { +signature module InputSig DataFlowLang> { predicate defaultSource(DataFlowLang::Node source); predicate defaultSink(DataFlowLang::Node source); @@ -40,12 +41,13 @@ signature module InputSig { } module InlineFlowTestMake< - DF::InputSig DataFlowLang, TT::InputSig TaintTrackingLang, - IET::InlineExpectationsTestSig Test, InputSig Impl> + LocationSig Location, DF::InputSig DataFlowLang, + TT::InputSig TaintTrackingLang, IET::InlineExpectationsTestSig Test, + InputSig Impl> { - private module DataFlow = DF::DataFlowMake; + private module DataFlow = DF::DataFlowMake; - private module TaintTracking = TT::TaintFlowMake; + private module TaintTracking = TT::TaintFlowMake; private module InlineExpectationsTest = IET::Make; @@ -76,7 +78,7 @@ module InlineFlowTestMake< private predicate hasLocationInfo(DataFlowLang::Node node, Test::Location location) { exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | - node.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + node.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and location.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) ) } diff --git a/swift/ql/lib/codeql/swift/dataflow/DataFlow.qll b/swift/ql/lib/codeql/swift/dataflow/DataFlow.qll index b267b74d3281..670a94babd9d 100644 --- a/swift/ql/lib/codeql/swift/dataflow/DataFlow.qll +++ b/swift/ql/lib/codeql/swift/dataflow/DataFlow.qll @@ -5,6 +5,7 @@ module DataFlow { private import internal.DataFlowImplSpecific private import codeql.dataflow.DataFlow - import DataFlowMake + private import codeql.swift.elements.Location + import DataFlowMake import internal.DataFlowImpl1 } diff --git a/swift/ql/lib/codeql/swift/dataflow/TaintTracking.qll b/swift/ql/lib/codeql/swift/dataflow/TaintTracking.qll index 2dcb4e239c60..e46cd18abb4c 100644 --- a/swift/ql/lib/codeql/swift/dataflow/TaintTracking.qll +++ b/swift/ql/lib/codeql/swift/dataflow/TaintTracking.qll @@ -7,6 +7,7 @@ module TaintTracking { private import codeql.swift.dataflow.internal.DataFlowImplSpecific private import codeql.swift.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking - import TaintFlowMake + private import codeql.swift.elements.Location + import TaintFlowMake import codeql.swift.dataflow.internal.tainttracking1.TaintTrackingImpl } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll index 532f0def1168..f02fe9635aea 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl -import MakeImpl +private import codeql.swift.elements.Location +import MakeImpl diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll index 969275ffa076..eae4f58a86bf 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,4 @@ private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImplCommon -import MakeImplCommon +import codeql.swift.elements.Location +import MakeImplCommon diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll index e9de11852a62..3e17bc878035 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll @@ -8,6 +8,6 @@ private import DataFlowImplSpecific private import TaintTrackingImplSpecific private import codeql.dataflow.internal.DataFlowImplConsistency -private module Input implements InputSig { } +private module Input implements InputSig { } -module Consistency = MakeConsistency; +module Consistency = MakeConsistency; diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll index e6941afd9d92..4273414c7249 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll @@ -15,7 +15,7 @@ module Public { import DataFlowPublic } -module SwiftDataFlow implements InputSig { +module SwiftDataFlow implements InputSig { import Private import Public diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPublic.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPublic.qll index abbb400904a6..16a5a2c19ca9 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPublic.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPublic.qll @@ -26,7 +26,7 @@ class Node extends TNode { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - predicate hasLocationInfo( + deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index 1151a7aeec8c..53f51433dac1 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -11,7 +11,7 @@ private import DataFlowImplSpecific::Public private import DataFlowImplCommon private import codeql.swift.dataflow.ExternalFlow -module Input implements InputSig { +module Input implements InputSig { class SummarizedCallableBase = Function; ArgumentPosition callbackSelfParameterPosition() { result instanceof ThisArgumentPosition } @@ -102,14 +102,14 @@ module Input implements InputSig { } } -private import Make as Impl +private import Make as Impl private module StepsInput implements Impl::Private::StepsInputSig { DataFlowCall getACall(Public::SummarizedCallable sc) { result.asCall().getStaticTarget() = sc } } module SourceSinkInterpretationInput implements - Impl::Private::External::SourceSinkInterpretationInputSig + Impl::Private::External::SourceSinkInterpretationInputSig { class Element = AstNode; @@ -222,7 +222,7 @@ module Private { module External { import Impl::Private::External - import Impl::Private::External::SourceSinkInterpretation + import Impl::Private::External::SourceSinkInterpretation } /** diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/TaintTrackingImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/TaintTrackingImplSpecific.qll index fd00fa5e8f16..d2a9f6ae5f1e 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/TaintTrackingImplSpecific.qll @@ -4,8 +4,9 @@ private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific +private import codeql.swift.elements.Location -module SwiftTaintTracking implements InputSig { +module SwiftTaintTracking implements InputSig { import TaintTrackingPrivate import TaintTrackingPublic }