diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll index 816f835c082..f5c51b43e37 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll index fca32ad8617..868c3ef6a2b 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll index 317d0b6db29..7fa662bd691 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides C++-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowUtil } -module CppOldDataFlow implements DataFlowParameter { +module CppOldDataFlow implements InputSig { import Private import Public diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll index 7f60217416c..f3e52187647 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll index 65543101184..266693f45f6 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll index daf36f07415..ed4db065532 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides IR-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowUtil } -module CppDataFlow implements DataFlowParameter { +module CppDataFlow implements InputSig { import Private import Public diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll index def6651b44b..4cf39afc812 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll index 8c557b08220..55829d7d059 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll index fefdff3412a..4c003584d10 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides C#-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowPublic } -module CsharpDataFlow implements DataFlowParameter { +module CsharpDataFlow implements InputSig { import Private import Public diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll index 52dde36a7e8..b95eab3eb01 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll index 46d139e8e95..8f8f7b0a36c 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll index 5c5ad594521..bc24ff09bfd 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides Go-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowUtil } -module GoDataFlow implements DataFlowParameter { +module GoDataFlow implements InputSig { import Private import Public diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 807e895b261..30746706e31 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll index 44a3d3e4ddf..2118572f779 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll index 1665139f999..5ddea224875 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides Java-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowUtil } -module JavaDataFlow implements DataFlowParameter { +module JavaDataFlow implements InputSig { import Private import Public diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll index 3f8fbd12817..92f0f17ce82 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll index d0aa8ee7cfc..41c9c4ec1be 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll index 5663f5f64d1..cffdefe41ba 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides Python-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow // we need to export `Unit` for the DataFlowImpl* files private import python as Python @@ -15,7 +15,7 @@ module Public { import DataFlowUtil } -module PythonDataFlow implements DataFlowParameter { +module PythonDataFlow implements InputSig { import Private import Public diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll index 598f985ba87..277b639d0ab 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll index e25906abd0b..05e0bc67b30 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll index 02f0003505f..7ee656da807 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides Ruby-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow module Private { import DataFlowPrivate @@ -13,7 +13,7 @@ module Public { import DataFlowPublic } -module RubyDataFlow implements DataFlowParameter { +module RubyDataFlow implements InputSig { import Private import Public diff --git a/shared/dataflow/codeql/dataflow/DataFlow.qll b/shared/dataflow/codeql/dataflow/DataFlow.qll index 1689f812321..ce2c518f478 100644 --- a/shared/dataflow/codeql/dataflow/DataFlow.qll +++ b/shared/dataflow/codeql/dataflow/DataFlow.qll @@ -1,15 +1,234 @@ /** * Provides an implementation of global (interprocedural) data flow. This file - * re-exports the local (intraprocedural) data flow analysis from - * `DataFlowImplSpecific::Public` and adds a global analysis, mainly exposed - * through the `Global` and `GlobalWithState` modules. + * adds a global analysis, mainly exposed through the `Global` and `GlobalWithState` + * modules. */ -import DataFlowParameter +/** Provides language-specific data flow parameters. */ +signature module InputSig { + class Node { + /** Gets a textual representation of this element. */ + string toString(); -module Configs { + /** + * Holds if this element is at the specified location. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `filepath`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ + predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ); + } + + class ParameterNode extends Node; + + class ArgumentNode extends Node; + + class ReturnNode extends Node { + ReturnKind getKind(); + } + + class OutNode extends Node; + + class PostUpdateNode extends Node { + Node getPreUpdateNode(); + } + + class CastNode extends Node; + + predicate isParameterNode(ParameterNode p, DataFlowCallable c, ParameterPosition pos); + + predicate isArgumentNode(ArgumentNode n, DataFlowCall call, ArgumentPosition pos); + + DataFlowCallable nodeGetEnclosingCallable(Node node); + + DataFlowType getNodeType(Node node); + + predicate nodeIsHidden(Node node); + + class DataFlowExpr; + + /** Gets the node corresponding to `e`. */ + Node exprNode(DataFlowExpr e); + + class DataFlowCall { + /** Gets a textual representation of this element. */ + string toString(); + + DataFlowCallable getEnclosingCallable(); + } + + class DataFlowCallable { + /** Gets a textual representation of this element. */ + string toString(); + } + + class ReturnKind { + /** Gets a textual representation of this element. */ + string toString(); + } + + /** Gets a viable implementation of the target of the given `Call`. */ + DataFlowCallable viableCallable(DataFlowCall c); + + /** + * Holds if the set of viable implementations that can be called by `call` + * might be improved by knowing the call context. + */ + predicate mayBenefitFromCallContext(DataFlowCall call, DataFlowCallable c); + + /** + * Gets a viable dispatch target of `call` in the context `ctx`. This is + * restricted to those `call`s for which a context might make a difference. + */ + DataFlowCallable viableImplInCallContext(DataFlowCall call, DataFlowCall ctx); + + /** + * Gets a node that can read the value returned from `call` with return kind + * `kind`. + */ + OutNode getAnOutNode(DataFlowCall call, ReturnKind kind); + + class DataFlowType { + /** Gets a textual representation of this element. */ + string toString(); + } + + string ppReprType(DataFlowType t); + + bindingset[t1, t2] + predicate compatibleTypes(DataFlowType t1, DataFlowType t2); + + predicate typeStrongerThan(DataFlowType t1, DataFlowType t2); + + class Content { + /** Gets a textual representation of this element. */ + string toString(); + } + + predicate forceHighPrecision(Content c); + + /** + * An entity that represents a set of `Content`s. + * + * The set may be interpreted differently depending on whether it is + * stored into (`getAStoreContent`) or read from (`getAReadContent`). + */ + class ContentSet { + /** Gets a content that may be stored into when storing into this set. */ + Content getAStoreContent(); + + /** Gets a content that may be read from when reading from this set. */ + Content getAReadContent(); + } + + class ContentApprox { + /** Gets a textual representation of this element. */ + string toString(); + } + + ContentApprox getContentApprox(Content c); + + class ParameterPosition { + /** Gets a textual representation of this element. */ + bindingset[this] + string toString(); + } + + class ArgumentPosition { + /** Gets a textual representation of this element. */ + bindingset[this] + string toString(); + } + + predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos); + + predicate simpleLocalFlowStep(Node node1, Node node2); + + /** + * Holds if data can flow from `node1` to `node2` through a non-local step + * that does not follow a call edge. For example, a step through a global + * variable. + */ + predicate jumpStep(Node node1, Node node2); + + /** + * Holds if data can flow from `node1` to `node2` via a read of `c`. Thus, + * `node1` references an object with a content `c.getAReadContent()` whose + * value ends up in `node2`. + */ + predicate readStep(Node node1, ContentSet c, Node node2); + + /** + * Holds if data can flow from `node1` to `node2` via a store into `c`. Thus, + * `node2` references an object with a content `c.getAStoreContent()` that + * contains the value of `node1`. + */ + predicate storeStep(Node node1, ContentSet c, Node node2); + + /** + * Holds if values stored inside content `c` are cleared at node `n`. For example, + * any value stored inside `f` is cleared at the pre-update node associated with `x` + * in `x.f = newValue`. + */ + predicate clearsContent(Node n, ContentSet c); + + /** + * Holds if the value that is being tracked is expected to be stored inside content `c` + * at node `n`. + */ + predicate expectsContent(Node n, ContentSet c); + + /** + * Holds if the node `n` is unreachable when the call context is `call`. + */ + predicate isUnreachableInCall(Node n, DataFlowCall call); + + default int accessPathLimit() { result = 5 } + + /** + * Holds if flow is allowed to pass from parameter `p` and back to itself as a + * side-effect, resulting in a summary from `p` to itself. + * + * One example would be to allow flow like `p.foo = p.bar;`, which is disallowed + * by default as a heuristic. + */ + predicate allowParameterReturnInSelf(ParameterNode p); + + class LambdaCallKind; + + /** Holds if `creation` is an expression that creates a lambda of kind `kind` for `c`. */ + predicate lambdaCreation(Node creation, LambdaCallKind kind, DataFlowCallable c); + + /** Holds if `call` is a lambda call of kind `kind` where `receiver` is the lambda expression. */ + predicate lambdaCall(DataFlowCall call, LambdaCallKind kind, Node receiver); + + /** Extra data-flow steps needed for lambda flow analysis. */ + predicate additionalLambdaFlowStep(Node nodeFrom, Node nodeTo, boolean preservesValue); + + /** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ + default predicate neverSkipInPathGraph(Node n) { none() } + + /** + * Gets an additional term that is added to the `join` and `branch` computations to reflect + * an additional forward or backwards branching factor that is not taken into account + * when calculating the (virtual) dispatch cost. + * + * Argument `arg` is part of a path from a source to a sink, and `p` is the target parameter. + */ + int getAdditionalFlowIntoCallNodeTerm(ArgumentNode arg, ParameterNode p); + + predicate golangSpecificParamArgFilter(DataFlowCall call, ParameterNode p, ArgumentNode arg); +} + +module Configs { private import Lang - private import DataFlowImplCommon::MakeImplCommon + private import internal.DataFlowImplCommon::MakeImplCommon import DataFlowImplCommonPublic /** An input configuration for data flow. */ @@ -211,9 +430,9 @@ module Configs { } } -module DataFlowMake { +module DataFlowMake { private import Lang - private import DataFlowImpl::MakeImpl + private import internal.DataFlowImpl::MakeImpl import Configs /** diff --git a/shared/dataflow/codeql/dataflow/DataFlowParameter.qll b/shared/dataflow/codeql/dataflow/DataFlowParameter.qll deleted file mode 100644 index ecd29b45a28..00000000000 --- a/shared/dataflow/codeql/dataflow/DataFlowParameter.qll +++ /dev/null @@ -1,220 +0,0 @@ -signature module DataFlowParameter { - class Node { - /** Gets a textual representation of this element. */ - string toString(); - - /** - * Holds if this element is at the specified location. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `filepath`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ); - } - - class ParameterNode extends Node; - - class ArgumentNode extends Node; - - class ReturnNode extends Node { - ReturnKind getKind(); - } - - class OutNode extends Node; - - class PostUpdateNode extends Node { - Node getPreUpdateNode(); - } - - class CastNode extends Node; - - predicate isParameterNode(ParameterNode p, DataFlowCallable c, ParameterPosition pos); - - predicate isArgumentNode(ArgumentNode n, DataFlowCall call, ArgumentPosition pos); - - DataFlowCallable nodeGetEnclosingCallable(Node node); - - DataFlowType getNodeType(Node node); - - predicate nodeIsHidden(Node node); - - class DataFlowExpr; - - /** Gets the node corresponding to `e`. */ - Node exprNode(DataFlowExpr e); - - class DataFlowCall { - /** Gets a textual representation of this element. */ - string toString(); - - DataFlowCallable getEnclosingCallable(); - } - - class DataFlowCallable { - /** Gets a textual representation of this element. */ - string toString(); - } - - class ReturnKind { - /** Gets a textual representation of this element. */ - string toString(); - } - - /** Gets a viable implementation of the target of the given `Call`. */ - DataFlowCallable viableCallable(DataFlowCall c); - - /** - * Holds if the set of viable implementations that can be called by `call` - * might be improved by knowing the call context. - */ - predicate mayBenefitFromCallContext(DataFlowCall call, DataFlowCallable c); - - /** - * Gets a viable dispatch target of `call` in the context `ctx`. This is - * restricted to those `call`s for which a context might make a difference. - */ - DataFlowCallable viableImplInCallContext(DataFlowCall call, DataFlowCall ctx); - - /** - * Gets a node that can read the value returned from `call` with return kind - * `kind`. - */ - OutNode getAnOutNode(DataFlowCall call, ReturnKind kind); - - class DataFlowType { - /** Gets a textual representation of this element. */ - string toString(); - } - - string ppReprType(DataFlowType t); - - bindingset[t1, t2] - predicate compatibleTypes(DataFlowType t1, DataFlowType t2); - - predicate typeStrongerThan(DataFlowType t1, DataFlowType t2); - - class Content { - /** Gets a textual representation of this element. */ - string toString(); - } - - predicate forceHighPrecision(Content c); - - /** - * An entity that represents a set of `Content`s. - * - * The set may be interpreted differently depending on whether it is - * stored into (`getAStoreContent`) or read from (`getAReadContent`). - */ - class ContentSet { - /** Gets a content that may be stored into when storing into this set. */ - Content getAStoreContent(); - - /** Gets a content that may be read from when reading from this set. */ - Content getAReadContent(); - } - - class ContentApprox { - /** Gets a textual representation of this element. */ - string toString(); - } - - ContentApprox getContentApprox(Content c); - - class ParameterPosition { - /** Gets a textual representation of this element. */ - bindingset[this] - string toString(); - } - - class ArgumentPosition { - /** Gets a textual representation of this element. */ - bindingset[this] - string toString(); - } - - predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos); - - predicate simpleLocalFlowStep(Node node1, Node node2); - - /** - * Holds if data can flow from `node1` to `node2` through a non-local step - * that does not follow a call edge. For example, a step through a global - * variable. - */ - predicate jumpStep(Node node1, Node node2); - - /** - * Holds if data can flow from `node1` to `node2` via a read of `c`. Thus, - * `node1` references an object with a content `c.getAReadContent()` whose - * value ends up in `node2`. - */ - predicate readStep(Node node1, ContentSet c, Node node2); - - /** - * Holds if data can flow from `node1` to `node2` via a store into `c`. Thus, - * `node2` references an object with a content `c.getAStoreContent()` that - * contains the value of `node1`. - */ - predicate storeStep(Node node1, ContentSet c, Node node2); - - /** - * Holds if values stored inside content `c` are cleared at node `n`. For example, - * any value stored inside `f` is cleared at the pre-update node associated with `x` - * in `x.f = newValue`. - */ - predicate clearsContent(Node n, ContentSet c); - - /** - * Holds if the value that is being tracked is expected to be stored inside content `c` - * at node `n`. - */ - predicate expectsContent(Node n, ContentSet c); - - /** - * Holds if the node `n` is unreachable when the call context is `call`. - */ - predicate isUnreachableInCall(Node n, DataFlowCall call); - - default int accessPathLimit() { result = 5 } - - /** - * Holds if flow is allowed to pass from parameter `p` and back to itself as a - * side-effect, resulting in a summary from `p` to itself. - * - * One example would be to allow flow like `p.foo = p.bar;`, which is disallowed - * by default as a heuristic. - */ - predicate allowParameterReturnInSelf(ParameterNode p); - - class LambdaCallKind; - - /** Holds if `creation` is an expression that creates a lambda of kind `kind` for `c`. */ - predicate lambdaCreation(Node creation, LambdaCallKind kind, DataFlowCallable c); - - /** Holds if `call` is a lambda call of kind `kind` where `receiver` is the lambda expression. */ - predicate lambdaCall(DataFlowCall call, LambdaCallKind kind, Node receiver); - - /** Extra data-flow steps needed for lambda flow analysis. */ - predicate additionalLambdaFlowStep(Node nodeFrom, Node nodeTo, boolean preservesValue); - - /** - * Holds if `n` should never be skipped over in the `PathGraph` and in path - * explanations. - */ - default predicate neverSkipInPathGraph(Node n) { none() } - - /** - * Gets an additional term that is added to the `join` and `branch` computations to reflect - * an additional forward or backwards branching factor that is not taken into account - * when calculating the (virtual) dispatch cost. - * - * Argument `arg` is part of a path from a source to a sink, and `p` is the target parameter. - */ - int getAdditionalFlowIntoCallNodeTerm(ArgumentNode arg, ParameterNode p); - - predicate golangSpecificParamArgFilter(DataFlowCall call, ParameterNode p, ArgumentNode arg); -} diff --git a/shared/dataflow/codeql/dataflow/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll similarity index 99% rename from shared/dataflow/codeql/dataflow/DataFlowImpl.qll rename to shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll index e18393920fa..d6c05ca042a 100644 --- a/shared/dataflow/codeql/dataflow/DataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll @@ -6,11 +6,11 @@ private import codeql.util.Unit private import codeql.util.Option -import DataFlowParameter +private import codeql.dataflow.DataFlow -module MakeImpl { +module MakeImpl { private import Lang - private import DataFlow::DataFlowMake + private import DataFlowMake private import DataFlowImplCommon::MakeImplCommon private import DataFlowImplCommonPublic diff --git a/shared/dataflow/codeql/dataflow/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll similarity index 99% rename from shared/dataflow/codeql/dataflow/DataFlowImplCommon.qll rename to shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index 4e8def5dcd4..27528918b6a 100644 --- a/shared/dataflow/codeql/dataflow/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -1,6 +1,6 @@ -import DataFlowParameter +private import codeql.dataflow.DataFlow -module MakeImplCommon { +module MakeImplCommon { private import Lang import Cached diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll index 704933f6b5b..532f0def116 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImpl +private import codeql.dataflow.internal.DataFlowImpl import MakeImpl diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll index 95e61f3f17d..969275ffa07 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,3 @@ private import DataFlowImplSpecific -private import codeql.dataflow.DataFlowImplCommon +private import codeql.dataflow.internal.DataFlowImplCommon import MakeImplCommon diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll index 1496eaf9d79..e6941afd9d9 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplSpecific.qll @@ -2,7 +2,7 @@ * Provides Swift-specific definitions for use in the data flow library. */ -private import codeql.dataflow.DataFlowParameter +private import codeql.dataflow.DataFlow // we need to export `Unit` for the DataFlowImpl* files private import swift as Swift @@ -15,7 +15,7 @@ module Public { import DataFlowPublic } -module SwiftDataFlow implements DataFlowParameter { +module SwiftDataFlow implements InputSig { import Private import Public