Skip to content

Commit

Permalink
Dataflow: Simplify diff-informed implementation and tweak flag name.
Browse files Browse the repository at this point in the history
  • Loading branch information
aschackmull committed Sep 19, 2024
1 parent 2e6f34d commit 2970da0
Show file tree
Hide file tree
Showing 68 changed files with 178 additions and 401 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl1.qll
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl2.qll
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate observeDiffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module IntentRedirectionConfig implements DataFlow::ConfigSig {
any(IntentRedirectionAdditionalTaintStep c).step(node1, node2)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

/** Tracks the flow of tainted Intents being used to start Android components. */
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ module ExternallyControlledFormatStringConfig implements DataFlow::ConfigSig {
node.getType() instanceof NumericType or node.getType() instanceof BooleanType
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ module FragmentInjectionTaintConfig implements DataFlow::ConfigSig {
any(FragmentInjectionAdditionalTaintStep c).step(n1, n2)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ module GroovyInjectionConfig implements DataFlow::ConfigSig {
any(GroovyInjectionAdditionalTaintStep c).step(fromNode, toNode)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module ImplicitPendingIntentStartConfig implements DataFlow::StateConfigSig {
c instanceof DataFlow::ArrayContent
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

module ImplicitPendingIntentStartFlow =
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ module BeanValidationConfig implements DataFlow::ConfigSig {

predicate isSink(DataFlow::Node sink) { sink instanceof BeanValidationSink }

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

/** Tracks flow from user input to the argument of a method that builds constraint error messages. */
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ module InsecureLdapUrlConfig implements DataFlow::ConfigSig {
)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate observeDiffInformedIncrementalMode() { any() }
}

module InsecureLdapUrlFlow = TaintTracking::Global<InsecureLdapUrlConfig>;
Expand Down
Loading

0 comments on commit 2970da0

Please sign in to comment.