C++: Support for extension models (.yml) #16665
Conversation
geoffw0
added
the
ready-for-doc-review
cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
Outdated
Show resolved
Hide resolved
cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
Outdated
Show resolved
Hide resolved
| The sixth value should be left empty and is out of scope for this documentation. | ||
| The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the source. | ||
|
|
||
| - The seventh value ``"Argument[*1]"`` is the ``access path``, which means that the sink is the first indirection (or pointed-to value, ``*``) of the second argument (``Argument[1]``) passed to the function. |
There was a problem hiding this comment.
Do other languages also call this "access path"? This is not really aligned with what an "access path" in the dataflow library is (or the way we talk about access paths internally). I'd much rather we called this "input specification" and "input specification" or something like that, but if other languages are already calling this "access paths" I guess we have to live with it 😅
There was a problem hiding this comment.
It was described as an "access path" in the csharp doc this is based on. I'm happy to rephrase if "input specification" is preferred?
There was a problem hiding this comment.
I do prefer "input specification", but I suppose there's some benefits to language consistency 🤔 I'm happy with whatever you decide on this one
There was a problem hiding this comment.
Done. Please could you check you're happy with the new phrasing?
docs/codeql/codeql-language-guides/customizing-library-models-for-cpp.rst
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Question, will there be specifically C/C++ sources/sinks (mainly sinks) that other languages may not have? Something like custom allocation and deallocation functions in a custom library versus using malloc and free.
There was a problem hiding this comment.
We could definitely add a MaD entry point for defining custom allocation and deallocation functions. This should be fairly straightforward to do already (although the MaD rows will need to be defined in .qll files until this PR has been merged. After that, they can go into .yml files)
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
I should say that the DCA run LGTM. |
Add support for extension models in C/C++, that is, defining source, sink and summary models in
.ymlfiles rather than by writing QL classes to contain them.In addition to the changes, tests and documentation for this feature, I have added a partial model for the
Boost.Asionetwork library (using extension models). This was necessary in order to create verified examples for the documentation. In addition, it adds a further layer of testing for the feature and a few new models for CPP.