Add custom path state search queries for languages beyond cpp

csharp/src/qtil/csharp/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.csharp.locations.Locatable
+private import csharp
+// Import the C# specific configuration for making custom path state problems.
+import PathStateProblem<Location, CsharpLocatableConfig>

csharp/test/qtil/csharp/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.cs:3:13:3:15 | mid | test.cs:5:13:5:15 | end |  |  |
+| test.cs:4:13:4:17 | start | test.cs:3:13:3:15 | mid |  |  |
+nodes
+| test.cs:3:13:3:15 | mid | semmle.label | mid |
+| test.cs:4:13:4:17 | start | semmle.label | start |
+| test.cs:5:13:5:15 | end | semmle.label | end |
+#select
+| test.cs:4:13:4:17 | start | test.cs:5:13:5:15 | end | Path from $@ (depth 0) to $@ (depth 2). | start | test.cs:4:13:4:17 | start | end | test.cs:5:13:5:15 | end |

csharp/test/qtil/csharp/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,29 @@
+// Minimal test to make sure CustomPathStateProblem works with C# code.
+import csharp
+import qtil.csharp.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = Variable;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getName() = "start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getName() = "end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(Variable a, int depth1, Variable b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    a.getAnAssignedValue().(VariableAccess).getTarget() = b
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from Variable start, Variable end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getName(), start, end.getName(), end

go/src/qtil/go/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.go.locations.Locatable
+private import go
+// Import the Go specific configuration for making custom path state problems.
+import PathStateProblem<DbLocation, GoLocatableConfig>

go/test/qtil/go/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.go:4:5:4:7 | mid | test.go:6:5:6:7 | end |  |  |
+| test.go:5:5:5:9 | start | test.go:4:5:4:7 | mid |  |  |
+nodes
+| test.go:4:5:4:7 | mid | semmle.label | mid |
+| test.go:5:5:5:9 | start | semmle.label | start |
+| test.go:6:5:6:7 | end | semmle.label | end |
+#select
+| test.go:5:5:5:9 | start | test.go:6:5:6:7 | end | Path from $@ (depth 0) to $@ (depth 2). | start | test.go:5:5:5:9 | start | end | test.go:6:5:6:7 | end |

go/test/qtil/go/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,32 @@
+// Minimal test to make sure CustomPathStateProblem works with Go code.
+import go
+import qtil.go.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = Ident;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getName() = "start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getName() = "end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(Node a, int depth1, Node b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    exists(Assignment assign |
+      assign.getLhs().(Name).getTarget().getDeclaration() = a and
+      assign.getRhs().(Name).getTarget().getDeclaration() = b
+    )
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from Ident start, Ident end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getName(), start, end.getName(), end

java/src/qtil/java/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.java.locations.Locatable
+private import java
+// Import the Java specific configuration for making custom path state problems.
+import PathStateProblem<Location, JavaLocatableConfig>

java/test/qtil/java/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.java:3:9:3:20 | int mid | test.java:5:9:5:20 | int end |  |  |
+| test.java:4:9:4:22 | int start | test.java:3:9:3:20 | int mid |  |  |
+nodes
+| test.java:3:9:3:20 | int mid | semmle.label | int mid |
+| test.java:4:9:4:22 | int start | semmle.label | int start |
+| test.java:5:9:5:20 | int end | semmle.label | int end |
+#select
+| test.java:4:9:4:22 | int start | test.java:5:9:5:20 | int end | Path from $@ (depth 0) to $@ (depth 2). | start | test.java:4:9:4:22 | int start | end | test.java:5:9:5:20 | int end |

java/test/qtil/java/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,29 @@
+// Minimal test to make sure CustomPathStateProblem works with Java code.
+import java
+import qtil.java.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = Variable;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getName() = "start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getName() = "end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(Variable a, int depth1, Variable b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    a.getAnAssignedValue().(VarAccess).getVariable() = b
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from Variable start, Variable end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getName(), start, end.getName(), end

javascript/src/qtil/javascript/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.javascript.locations.Locatable
+private import javascript
+// Import the javascript specific configuration for making custom path state problems.
+import PathStateProblem<DbLocation, JavascriptLocatableConfig>

javascript/test/qtil/javascript/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.js:2:9:2:11 | mid | test.js:4:9:4:11 | end |  |  |
+| test.js:3:9:3:13 | start | test.js:2:9:2:11 | mid |  |  |
+nodes
+| test.js:2:9:2:11 | mid | semmle.label | mid |
+| test.js:3:9:3:13 | start | semmle.label | start |
+| test.js:4:9:4:11 | end | semmle.label | end |
+#select
+| test.js:3:9:3:13 | start | test.js:4:9:4:11 | end | Path from $@ (depth 0) to $@ (depth 2). | start | test.js:3:9:3:13 | start | end | test.js:4:9:4:11 | end |

javascript/test/qtil/javascript/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,29 @@
+// Minimal test to make sure CustomPathStateProblem works with Javascript code.
+import javascript
+import qtil.javascript.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = VarDecl;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getAVariable().getName() = "start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getAVariable().getName() = "end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(VarDecl a, int depth1, VarDecl b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    a.getAVariable().getAnAssignedExpr() = b.getAVariable().getAnAccess()
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from VarDecl start, VarDecl end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getAVariable().getName(), start, end.getAVariable().getName(), end

javascript/test/qtil/javascript/graph/test.js

@@ -0,0 +1,9 @@
+function f1() {
+    var mid;
+    var start;
+    var end;
+    var unrelated;
+    start = mid;
+    start = unrelated;
+    mid = end;
+}

python/src/qtil/python/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.python.locations.Locatable
+private import python
+// Import the python specific configuration for making custom path state problems.
+import PathStateProblem<Location, PythonLocatableConfig>

python/test/qtil/python/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.py:4:5:4:7 | mid | test.py:3:5:3:7 | end |  |  |
+| test.py:5:5:5:9 | start | test.py:4:5:4:7 | mid |  |  |
+nodes
+| test.py:3:5:3:7 | end | semmle.label | end |
+| test.py:4:5:4:7 | mid | semmle.label | mid |
+| test.py:5:5:5:9 | start | semmle.label | start |
+#select
+| test.py:5:5:5:9 | start | test.py:3:5:3:7 | end | Path from $@ (depth 0) to $@ (depth 2). | start | test.py:5:5:5:9 | start | end | test.py:3:5:3:7 | end |

python/test/qtil/python/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,34 @@
+// Minimal test to make sure CustomPathStateProblem works with python code.
+import python
+import qtil.python.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = Name;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getId() = "start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getId() = "end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(Name a, int depth1, Name b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    exists(Assign assign, Variable varA, Variable varB |
+      assign.defines(varA) and
+      assign.getValue().(Name).uses(varB) and
+      a.defines(varA) and
+      b.defines(varB)
+    )
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from Name start, Name end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getId(), start, end.getId(), end

ruby/src/qtil/ruby/graph/CustomPathStateProblem.qll

@@ -0,0 +1,5 @@
+private import qtil.locations.CustomPathStateProblem
+private import qtil.ruby.locations.Locatable
+private import ruby
+// Import the Ruby specific configuration for making custom path state problems.
+import PathStateProblem<Location, RubyLocatableConfig>

ruby/test/qtil/ruby/graph/CustomPathStateProblemTest.expected

@@ -0,0 +1,10 @@
+WARNING: unused variable 'depth' (CustomPathStateProblemTest.ql:13,29-34)
+edges
+| test.rb:6:5:6:11 | v_start | test.rb:8:5:8:9 | v_mid |  |  |
+| test.rb:8:5:8:9 | v_mid | test.rb:4:5:4:9 | v_end |  |  |
+nodes
+| test.rb:4:5:4:9 | v_end | semmle.label | v_end |
+| test.rb:6:5:6:11 | v_start | semmle.label | v_start |
+| test.rb:8:5:8:9 | v_mid | semmle.label | v_mid |
+#select
+| test.rb:6:5:6:11 | v_start | test.rb:4:5:4:9 | v_end | Path from $@ (depth 0) to $@ (depth 2). | v_start | test.rb:6:5:6:11 | v_start | v_end | test.rb:4:5:4:9 | v_end |

ruby/test/qtil/ruby/graph/CustomPathStateProblemTest.ql

@@ -0,0 +1,33 @@
+// Minimal test to make sure CustomPathStateProblem works with Ruby code.
+import ruby
+import qtil.ruby.graph.CustomPathStateProblem
+
+module CallGraphPathStateProblemConfig implements CustomPathStateProblemConfigSig {
+  class Node = Ast::VariableWriteAccess;
+
+  class State = int; // Track search depth
+
+  predicate start(Node n, int depth) { n.getVariable().getName() = "v_start" and depth = 0 }
+
+  bindingset[depth]
+  predicate end(Node n, int depth) { n.getVariable().getName() = "v_end" }
+
+  bindingset[depth1]
+  bindingset[depth2]
+  predicate edge(Ast::VariableWriteAccess a, int depth1, Ast::VariableWriteAccess b, int depth2) {
+    depth2 = depth1 + 1 and
+    depth1 < 10 and // Limit search depth to prevent infinite loops
+    exists(Ast::VariableReadAccess mid, Ast::AssignExpr assign |
+      a = assign.getLeftOperand() and
+      assign.getRightOperand() = mid and
+      mid.getVariable() = b.getVariable()
+    )
+  }
+}
+
+import CustomPathStateProblem<CallGraphPathStateProblemConfig>
+
+from Ast::VariableWriteAccess start, Ast::VariableWriteAccess end, int startDepth, int endDepth
+where problem(start, startDepth, end, endDepth)
+select start, end, "Path from $@ (depth " + startDepth + ") to $@ (depth " + endDepth + ").",
+  start.getVariable().getName(), start, end.getVariable().getName(), end

ruby/test/qtil/ruby/graph/test.rb

@@ -0,0 +1,9 @@
+def f1
+    v_mid = 0
+    v_start = 0
+    v_end = 0
+    v_unrelated = 0
+    v_start = v_mid
+    v_start = v_unrelated
+    v_mid = v_end
+end