Data flow: Use parameterized module to share code between pruning stages #8301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closed

hvitved wants to merge 4 commits into github:main from hvitved:dataflow/param-stages

Contributor

hvitved commented Mar 1, 2022

No description provided.

github-actions bot added C# C++ Java Python Ruby labels

hvitved force-pushed the dataflow/param-stages branch 3 times, most recently from ea8f3ba to 31e5693 Compare

March 3, 2022 09:30

hvitved force-pushed the dataflow/param-stages branch 2 times, most recently from e1c369c to 987b8c6 Compare

March 28, 2022 11:54

hvitved force-pushed the dataflow/param-stages branch 2 times, most recently from aa88421 to e2e4f26 Compare

April 8, 2022 09:39

hvitved added 4 commits

May 10, 2022 09:21


          Data flow: Replace stage 2 with a parameterized module

d5139e3


          Data flow: Replace stage 3 with a parameterized module

8d4e182


          Data flow: Replace stage 4 with a parameterized module

f0f1a36


          Data flow: Sync files

a7e7cb4

hvitved force-pushed the dataflow/param-stages branch from e2e4f26 to a7e7cb4 Compare

May 10, 2022 07:27

github-advanced-security bot found potential problems

View reviewed changes

github-advanced-security bot left a comment

Found 40 vulnerabilities.

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll

    
                predicate prevStageReadStepCand(NodeEx n1, Content c, NodeEx n2, Configuration config);

                predicate prevStageStoreStepCand(

                  NodeEx node1, ApApprox ap1, TypedContent tc, NodeEx node2, DataFlowType contentType,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll

    
                class ApApprox = PrevStage::Ap;

                predicate prevStageParameterMayFlowThrough(

                  ParamNodeEx p, DataFlowCallable c, ApApprox ap, Configuration config

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll

    
                predicate prevStageReadStepCand(NodeEx n1, Content c, NodeEx n2, Configuration config);

                predicate prevStageStoreStepCand(

                  NodeEx node1, ApApprox ap1, TypedContent tc, NodeEx node2, DataFlowType contentType,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

github-advanced-security bot found potential problems

View reviewed changes

github-advanced-security bot left a comment

Found 55 vulnerabilities.

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll

    
                class ApApprox = PrevStage::Ap;

                predicate prevStageParameterMayFlowThrough(

                  ParamNodeEx p, DataFlowCallable c, ApApprox ap, Configuration config

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::noResolve

github-advanced-security bot found potential problems

View reviewed changes

github-advanced-security bot left a comment

Found 50 vulnerabilities.

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * The corresponding paths are generated from the end-points and the graph

                 * included in the module `PathGraph`.

                 */

                predicate hasFlowPath(PathNode source, PathNode sink) { flowsTo(source, sink, _, _, this) }

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll Outdated

    
                 *

                 * To use this in a `path-problem` query, import the module `PartialPathGraph`.

                 */

                final predicate hasPartialFlow(PartialPathNode source, PartialPathNode node, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll Outdated

    
                 * Note that reverse flow has slightly lower precision than the corresponding

                 * forward flow, as reverse flow disregards type pruning among other features.

                 */

                final predicate hasPartialFlowRev(PartialPathNode node, PartialPathNode sink, int dist) {

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll

    
                // TODO: Use separate module once supported for all `prevStage` predicates

                bindingset[node, state, config]

                predicate prevStageRevFlow(

                  NodeEx node, FlowState state, boolean toReturn, ApApproxOption returnAp, ApApprox ap,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll

    
                class ApApprox = PrevStage::Ap;

                predicate prevStageParameterMayFlowThrough(

                  ParamNodeEx p, DataFlowCallable c, ApApprox ap, Configuration config

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll

    
                predicate prevStageReadStepCand(NodeEx n1, Content c, NodeEx n2, Configuration config);

                predicate prevStageStoreStepCand(

                  NodeEx node1, ApApprox ap1, TypedContent tc, NodeEx node2, DataFlowType contentType,

Check warning

Code scanning / CodeQL

Consistency predicate that should be empty

TypeConsistency::varDefNoType

Contributor Author

hvitved commented Aug 8, 2022

Superseded by #9823.

hvitved closed this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

C# C++ Java Python Ruby