From 65d009f353b51d46bbc2b32d98fe991e1b1ae1e5 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 21 Nov 2024 16:25:19 +0100 Subject: [PATCH] C#: Ignore the content of the subtypes column for MaD models and default it to true. --- .../csharp/dataflow/internal/ExternalFlow.qll | 31 ++++++++++++++++++- .../dataflow/internal/FlowSummaryImpl.qll | 7 +++-- 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlow.qll index ccc0a333b9e72..a68d761588e72 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlow.qll @@ -88,7 +88,7 @@ */ import csharp -import ExternalFlowExtensions +private import ExternalFlowExtensions as ExternalFlowExtensions private import DataFlowDispatch private import DataFlowPrivate private import DataFlowPublic @@ -102,6 +102,35 @@ private import semmle.code.csharp.frameworks.System private import codeql.dataflow.internal.AccessPathSyntax as AccessPathSyntax private import codeql.mad.ModelValidation as SharedModelVal +private predicate sourceModel( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string output, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + subtypes = true and + ExternalFlowExtensions::sourceModel(namespace, type, _, name, signature, ext, output, kind, + provenance, madId) +} + +private predicate sinkModel( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string input, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + subtypes = true and + ExternalFlowExtensions::sinkModel(namespace, type, _, name, signature, ext, input, kind, + provenance, madId) +} + +private predicate summaryModel( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + subtypes = true and + ExternalFlowExtensions::summaryModel(namespace, type, _, name, signature, ext, input, output, + kind, provenance, madId) +} + +private predicate neutralModel = ExternalFlowExtensions::neutralModel/6; + /** * Holds if the given extension tuple `madId` should pretty-print as `model`. * diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index d777566a336a1..9a768e7fe9582 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -11,6 +11,7 @@ private import DataFlowImplSpecific as DataFlowImplSpecific private import DataFlowImplSpecific::Private private import DataFlowImplSpecific::Public private import semmle.code.csharp.Unification +private import semmle.code.csharp.dataflow.internal.ExternalFlowExtensions as ExternalFlowExtensions private import semmle.code.csharp.dataflow.internal.ExternalFlow module Input implements InputSig { @@ -198,7 +199,8 @@ module SourceSinkInterpretationInput implements string namespace, string type, boolean subtypes, string name, string signature, string ext, QlBuiltins::ExtensionId madId | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance, madId) and + ExternalFlowExtensions::sourceModel(namespace, type, _, name, signature, ext, output, kind, + provenance, madId) and model = "MaD:" + madId.toString() and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) @@ -211,7 +213,8 @@ module SourceSinkInterpretationInput implements string namespace, string type, boolean subtypes, string name, string signature, string ext, QlBuiltins::ExtensionId madId | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance, madId) and + ExternalFlowExtensions::sinkModel(namespace, type, _, name, signature, ext, input, kind, + provenance, madId) and model = "MaD:" + madId.toString() and e = interpretElement(namespace, type, subtypes, name, signature, ext) )