From 22d621c625baaaa5c249888f59a1355c38a08b85 Mon Sep 17 00:00:00 2001
From: Rasmus Lerchedahl Petersen <yoff@github.com>
Date: Wed, 16 Oct 2024 15:16:18 +0200
Subject: [PATCH 1/2] shared: add locations to typetracking nodes

---
 java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll |  4 ++--
 .../ql/lib/semmle/python/dataflow/new/TypeTracking.qll |  3 ++-
 .../python/dataflow/new/internal/TypeTrackingImpl.qll  |  6 +++---
 ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll  |  3 ++-
 .../ruby/typetracking/internal/TypeTrackingImpl.qll    |  4 ++--
 .../codeql/dataflow/internal/DataFlowImplCommon.qll    |  4 ++--
 .../typetracking/codeql/typetracking/TypeTracking.qll  | 10 +++++++---
 .../codeql/typetracking/internal/TypeTrackingImpl.qll  |  3 ++-
 8 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll b/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll
index 82bda033bc6d..bd293eed6b3a 100644
--- a/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll
+++ b/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll
@@ -334,7 +334,7 @@ private module TrackLambda<methodDispatchSig/1 lambdaDispatch0> {
     )
   }
 
-  private module TtInput implements TypeTrackingInput {
+  private module TtInput implements TypeTrackingInput<Location> {
     import TypeTrackingSteps
 
     predicate callStep(Node n1, LocalSourceNode n2) { argParamCand(n1, n2) }
@@ -348,7 +348,7 @@ private module TrackLambda<methodDispatchSig/1 lambdaDispatch0> {
     }
   }
 
-  private import TypeTracking<TtInput>::TypeTrack<lambdaSource/1>::Graph<lambdaSink/1>
+  private import TypeTracking<Location, TtInput>::TypeTrack<lambdaSource/1>::Graph<lambdaSink/1>
 
   private predicate edgePlus(PathNode n1, PathNode n2) = fastTC(edges/2)(n1, n2)
 
diff --git a/python/ql/lib/semmle/python/dataflow/new/TypeTracking.qll b/python/ql/lib/semmle/python/dataflow/new/TypeTracking.qll
index 8d1c691915b3..9d21be852fdc 100644
--- a/python/ql/lib/semmle/python/dataflow/new/TypeTracking.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/TypeTracking.qll
@@ -4,7 +4,8 @@
  */
 
 private import internal.TypeTrackingImpl as Impl
-import Impl::Shared::TypeTracking<Impl::TypeTrackingInput>
+private import semmle.python.Files
+import Impl::Shared::TypeTracking<Location, Impl::TypeTrackingInput>
 private import semmle.python.dataflow.new.internal.DataFlowPublic as DataFlowPublic
 
 /**
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
index 415028ad8277..b20279745fab 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
@@ -106,7 +106,7 @@ private module SummaryTypeTrackerInput implements SummaryTypeTracker::Input {
 
 private module TypeTrackerSummaryFlow = SummaryTypeTracker::SummaryFlow<SummaryTypeTrackerInput>;
 
-module TypeTrackingInput implements Shared::TypeTrackingInput {
+module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
   class Node = DataFlowPublic::Node;
 
   class LocalSourceNode = DataFlowPublic::LocalSourceNode;
@@ -318,9 +318,9 @@ module TypeTrackingInput implements Shared::TypeTrackingInput {
     capturedJumpStep(nodeFrom, nodeTo)
   }
 
-  predicate hasFeatureBacktrackStoreTarget() { any() }
+  predicate hasFeatureBacktrackStoreTarget() { none() }
 
   predicate nonStandardFlowsTo(LocalSourceNode localSource, Node dst) { localSource.flowsTo(dst) }
 }
 
-import SharedImpl::TypeTracking<TypeTrackingInput>
+import SharedImpl::TypeTracking<Location, TypeTrackingInput>
diff --git a/ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll b/ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll
index 67f09a45a370..5f2e6564f2c8 100644
--- a/ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll
+++ b/ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll
@@ -3,5 +3,6 @@
  * for tracking types.
  */
 
+private import codeql.ruby.AST
 private import codeql.ruby.typetracking.internal.TypeTrackingImpl as Impl
-import Impl::Shared::TypeTracking<Impl::TypeTrackingInput>
+import Impl::Shared::TypeTracking<Location, Impl::TypeTrackingInput>
diff --git a/ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll b/ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
index 4ad1723249b6..cd556a67f4f0 100644
--- a/ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
+++ b/ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
@@ -265,7 +265,7 @@ private module TypeTrackerSummaryFlow = SummaryTypeTracker::SummaryFlow<SummaryT
 
 private newtype TContentFilter = MkElementFilter()
 
-module TypeTrackingInput implements Shared::TypeTrackingInput {
+module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
   class Node = DataFlowPublic::Node;
 
   class LocalSourceNode = DataFlowPublic::LocalSourceNode;
@@ -467,4 +467,4 @@ module TypeTrackingInput implements Shared::TypeTrackingInput {
   predicate hasFeatureBacktrackStoreTarget() { none() }
 }
 
-import SharedImpl::TypeTracking<TypeTrackingInput>
+import SharedImpl::TypeTracking<Location, TypeTrackingInput>
diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
index 81f9946126db..61554fb327fa 100644
--- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
+++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
@@ -80,7 +80,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
     }
   }
 
-  private module TypeTrackingInput implements Tt::TypeTrackingInput {
+  private module TypeTrackingInput implements Tt::TypeTrackingInput<Location> {
     final class Node = Lang::Node;
 
     class LocalSourceNode extends Node {
@@ -145,7 +145,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
     predicate hasFeatureBacktrackStoreTarget() { none() }
   }
 
-  private module TypeTracking = Tt::TypeTracking<TypeTrackingInput>;
+  private module TypeTracking = Tt::TypeTracking<Location, TypeTrackingInput>;
 
   /**
    * The cost limits for the `AccessPathFront` to `AccessPathApprox` expansion.
diff --git a/shared/typetracking/codeql/typetracking/TypeTracking.qll b/shared/typetracking/codeql/typetracking/TypeTracking.qll
index 044b672fe85e..5cac14ceddc4 100644
--- a/shared/typetracking/codeql/typetracking/TypeTracking.qll
+++ b/shared/typetracking/codeql/typetracking/TypeTracking.qll
@@ -3,14 +3,18 @@
  * for tracking types.
  */
 
+private import codeql.util.Location
+
 /**
  * The step relations for type tracking.
  */
-signature module TypeTrackingInput {
+signature module TypeTrackingInput<LocationSig Location> {
   /** A node that is used by the type-trackers. */
   class Node {
     /** Gets a textual representation of this node. */
     string toString();
+
+    Location getLocation();
   }
 
   /**
@@ -127,8 +131,8 @@ private import internal.TypeTrackingImpl as Impl
  * Given a set of step relations, this module provides classes and predicates
  * for simple data-flow reachability suitable for tracking types.
  */
-module TypeTracking<TypeTrackingInput I> {
-  private module MkImpl = Impl::TypeTracking<I>;
+module TypeTracking<LocationSig Location, TypeTrackingInput<Location> I> {
+  private module MkImpl = Impl::TypeTracking<Location, I>;
 
   private module ConsistencyChecksInput implements MkImpl::ConsistencyChecksInputSig { }
 
diff --git a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
index f5efc6c6b563..5487561439ec 100644
--- a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
+++ b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
@@ -6,6 +6,7 @@
 private import codeql.util.Boolean
 private import codeql.util.Option
 private import codeql.typetracking.TypeTracking
+private import codeql.util.Location
 
 /**
  * Given a set of step relations, this module provides classes and predicates
@@ -14,7 +15,7 @@ private import codeql.typetracking.TypeTracking
  * The constructed module contains both public and internal logic; the public
  * interface is exposed via `codeql.typetracking.TypeTracking`.
  */
-module TypeTracking<TypeTrackingInput I> {
+module TypeTracking<LocationSig Location, TypeTrackingInput<Location> I> {
   private import I
 
   signature module ConsistencyChecksInputSig {

From e46722f3beb4348ea6747a4e1c0d9991b8caf3f3 Mon Sep 17 00:00:00 2001
From: yoff <lerchedahl@gmail.com>
Date: Thu, 17 Oct 2024 17:23:00 +0200
Subject: [PATCH 2/2] Update
 python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll

---
 .../semmle/python/dataflow/new/internal/TypeTrackingImpl.qll    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
index b20279745fab..09d50253e05a 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
@@ -318,7 +318,7 @@ module TypeTrackingInput implements Shared::TypeTrackingInput<Location> {
     capturedJumpStep(nodeFrom, nodeTo)
   }
 
-  predicate hasFeatureBacktrackStoreTarget() { none() }
+  predicate hasFeatureBacktrackStoreTarget() { any() }
 
   predicate nonStandardFlowsTo(LocalSourceNode localSource, Node dst) { localSource.flowsTo(dst) }
 }