Refactor Partial Path Queries

Alvaro Muñoz · Alvaro Muñoz · commit def0f47f42ad · 2023-11-30T11:13:21.000+01:00
diff --git a/cpp/src/audit/templates/BackwardsPartialDataFlow.ql b/cpp/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/cpp/src/audit/templates/ForwardPartialDataflow.ql b/cpp/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/cpp/src/audit/templates/HoistSink.ql b/cpp/src/audit/templates/HoistSink.ql
@@ -27,10 +27,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   n.getNode() instanceof DataFlow::ParameterNode
 select dist, n
diff --git a/csharp/src/audit/templates/BackwardsPartialDataFlow.ql b/csharp/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/csharp/src/audit/templates/ForwardPartialDataflow.ql b/csharp/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/csharp/src/audit/templates/HoistSink.ql b/csharp/src/audit/templates/HoistSink.ql
@@ -27,10 +27,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   exists(Parameter p | n.getNode().asParameter() = p)
 select dist, n
diff --git a/go/src/audit/templates/BackwardsPartialDataFlow.ql b/go/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/go/src/audit/templates/ForwardPartialDataflow.ql b/go/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/go/src/audit/templates/HoistSink.ql b/go/src/audit/templates/HoistSink.ql
@@ -27,10 +27,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Make<..
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   n.getNode() instanceof DataFlow::ParameterNode
 select dist, n
diff --git a/java/src/audit/templates/BackwardsPartialDataFlow.ql b/java/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,7 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -28,8 +28,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/java/src/audit/templates/ForwardPartialDataflow.ql b/java/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -28,8 +30,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/java/src/audit/templates/HoistSink.ql b/java/src/audit/templates/HoistSink.ql
@@ -28,10 +28,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   n.getNode() instanceof DataFlow::ExplicitParameterNode
 select dist, n
diff --git a/python/src/audit/templates/BackwardsPartialDataFlow.ql b/python/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -32,8 +34,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/python/src/audit/templates/ForwardPartialDataflow.ql b/python/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -29,8 +31,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/python/src/audit/templates/HoistSink.ql b/python/src/audit/templates/HoistSink.ql
@@ -28,10 +28,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   n.getNode() instanceof DataFlow::ParameterNode
 select dist, n
diff --git a/ruby/src/audit/templates/BackwardsPartialDataFlow.ql b/ruby/src/audit/templates/BackwardsPartialDataFlow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Backwards Partial Dataflow
  * @description Backwards Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/backwards-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlowRev(n, _, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/ruby/src/audit/templates/ForwardPartialDataflow.ql b/ruby/src/audit/templates/ForwardPartialDataflow.ql
@@ -1,7 +1,9 @@
 /**
  * @name Forward Partial Dataflow
  * @description Forward Partial Dataflow
- * @kind table
+ * @kind path-problem
+ * @precision low
+ * @problem.severity error
  * @id githubsecuritylab/forward-partial-dataflow
  * @tags template
  */
@@ -27,8 +29,9 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
 
-from PartialFlow::PartialPathNode n, int dist
-where PartialFlow::partialFlow(_, n, dist)
-select dist, n
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+  "this source"
diff --git a/ruby/src/audit/templates/HoistSink.ql b/ruby/src/audit/templates/HoistSink.ql
@@ -27,10 +27,10 @@ private module MyFlow = TaintTracking::Global<MyConfig>; // or DataFlow::Global<
 
 int explorationLimit() { result = 10 }
 
-private module PartialFlow = MyFlow::FlowExploration<explorationLimit/0>;
+private module PartialFlow = MyFlow::FlowExplorationRev<explorationLimit/0>;
 
 from PartialFlow::PartialPathNode n, int dist
 where
-  PartialFlow::partialFlowRev(n, _, dist) and
+  PartialFlow::partialFlow(n, _, dist) and
   n.getNode() instanceof DataFlow::ParameterNode
 select dist, n
