From 38ecde0cc1c3a4eda99cc904c4b8ee57a11853bd Mon Sep 17 00:00:00 2001 From: Harry Maclean Date: Mon, 30 Oct 2023 11:23:03 +0000 Subject: [PATCH 1/2] Shared: Include data extensions in workspace This change allows codeql to see data extensions stored in the .github directory inside the codeql repo. This is useful when using the CodeQL Model Editor whilst working inside the codeql repo. --- codeql-workspace.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/codeql-workspace.yml b/codeql-workspace.yml index 03f5866a0c28..31c946769621 100644 --- a/codeql-workspace.yml +++ b/codeql-workspace.yml @@ -29,6 +29,7 @@ provide: - "swift/extractor-pack/codeql-extractor.yml" - "swift/integration-tests/qlpack.yml" - "ql/extractor-pack/codeql-extractor.yml" + - ".github/codeql/extensions/**/codeql-pack.yml" versionPolicies: default: From 083be305e13e65ac6ef8a61eb27dd2a828dce243 Mon Sep 17 00:00:00 2001 From: Harry Maclean Date: Mon, 30 Oct 2023 11:24:41 +0000 Subject: [PATCH 2/2] Shared: Add neutralModel extensible predicate The neutralModel extensible predicate already exists in Java and C#, so this change brings the dynamic languages more in line with static languages. The Model Editor uses this predicate to mark endpoints as "not interesting" from a data flow perspective. --- .../data/internal/ApiGraphModelsExtensions.qll | 9 ++++++++- .../semmle/javascript/frameworks/data/internal/model.yml | 5 +++++ .../data/internal/ApiGraphModelsExtensions.qll | 9 ++++++++- .../python/frameworks/data/internal/empty.model.yml | 5 +++++ .../data/internal/ApiGraphModelsExtensions.qll | 9 ++++++++- .../lib/codeql/ruby/frameworks/data/internal/model.yml | 5 +++++ 6 files changed, 39 insertions(+), 3 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll index 11c3bb9657ea..f0edf1702d3c 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll @@ -17,7 +17,7 @@ extensible predicate sourceModel(string type, string path, string kind); extensible predicate sinkModel(string type, string path, string kind); /** - * Holds if calls to `(type, path)`, the value referred to by `input` + * Holds if in calls to `(type, path)`, the value referred to by `input` * can flow to the value referred to by `output`. * * `kind` should be either `value` or `taint`, for value-preserving or taint-preserving steps, @@ -25,6 +25,13 @@ extensible predicate sinkModel(string type, string path, string kind); */ extensible predicate summaryModel(string type, string path, string input, string output, string kind); +/** + * Holds if calls to `(type, path)` should be considered neutral. The meaning of this depends on the `kind`. + * If `kind` is `summary`, the call does not propagate data flow. If `kind` is `source`, the call is not a source. + * If `kind` is `sink`, the call is not a sink. + */ +extensible predicate neutralModel(string type, string path, string kind); + /** * Holds if `(type2, path)` should be seen as an instance of `type1`. */ diff --git a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/model.yml b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/model.yml index 634a1bb3f8b5..016192a224ae 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/model.yml +++ b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/model.yml @@ -15,6 +15,11 @@ extensions: extensible: summaryModel data: [] + - addsTo: + pack: codeql/javascript-all + extensible: neutralModel + data: [] + - addsTo: pack: codeql/javascript-all extensible: typeModel diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll b/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll index 11c3bb9657ea..f0edf1702d3c 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll +++ b/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll @@ -17,7 +17,7 @@ extensible predicate sourceModel(string type, string path, string kind); extensible predicate sinkModel(string type, string path, string kind); /** - * Holds if calls to `(type, path)`, the value referred to by `input` + * Holds if in calls to `(type, path)`, the value referred to by `input` * can flow to the value referred to by `output`. * * `kind` should be either `value` or `taint`, for value-preserving or taint-preserving steps, @@ -25,6 +25,13 @@ extensible predicate sinkModel(string type, string path, string kind); */ extensible predicate summaryModel(string type, string path, string input, string output, string kind); +/** + * Holds if calls to `(type, path)` should be considered neutral. The meaning of this depends on the `kind`. + * If `kind` is `summary`, the call does not propagate data flow. If `kind` is `source`, the call is not a source. + * If `kind` is `sink`, the call is not a sink. + */ +extensible predicate neutralModel(string type, string path, string kind); + /** * Holds if `(type2, path)` should be seen as an instance of `type1`. */ diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/empty.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/empty.model.yml index 46fdcfe96bfe..49a1f01983f2 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/empty.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/empty.model.yml @@ -15,6 +15,11 @@ extensions: extensible: summaryModel data: [] + - addsTo: + pack: codeql/python-all + extensible: neutralModel + data: [] + - addsTo: pack: codeql/python-all extensible: typeModel diff --git a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll index 11c3bb9657ea..f0edf1702d3c 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll @@ -17,7 +17,7 @@ extensible predicate sourceModel(string type, string path, string kind); extensible predicate sinkModel(string type, string path, string kind); /** - * Holds if calls to `(type, path)`, the value referred to by `input` + * Holds if in calls to `(type, path)`, the value referred to by `input` * can flow to the value referred to by `output`. * * `kind` should be either `value` or `taint`, for value-preserving or taint-preserving steps, @@ -25,6 +25,13 @@ extensible predicate sinkModel(string type, string path, string kind); */ extensible predicate summaryModel(string type, string path, string input, string output, string kind); +/** + * Holds if calls to `(type, path)` should be considered neutral. The meaning of this depends on the `kind`. + * If `kind` is `summary`, the call does not propagate data flow. If `kind` is `source`, the call is not a source. + * If `kind` is `sink`, the call is not a sink. + */ +extensible predicate neutralModel(string type, string path, string kind); + /** * Holds if `(type2, path)` should be seen as an instance of `type1`. */ diff --git a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/model.yml b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/model.yml index f69da6cc3634..7dd7c7a9c0cb 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/model.yml +++ b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/model.yml @@ -15,6 +15,11 @@ extensions: extensible: summaryModel data: [] + - addsTo: + pack: codeql/ruby-all + extensible: neutralModel + data: [] + - addsTo: pack: codeql/ruby-all extensible: typeModel