Merge pull request github#6869 from MathiasVP/fix-prefix/suffix-equality

Java/JS/Python: Replace '.prefix'/'.suffix' with '.matches'

Author: MathiasVP

java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll

@@ -37,7 +37,7 @@ predicate isGigaSpacesEventMethod(Method eventMethod) {
 class GigaSpacesSpaceIdGetterMethod extends Method {
   GigaSpacesSpaceIdGetterMethod() {
     getAnAnnotation().getType().hasQualifiedName("com.gigaspaces.annotation.pojo", "SpaceId") and
-    getName().prefix(3) = "get"
+    getName().matches("get%")
   }
 }
 
@@ -48,7 +48,7 @@ class GigaSpacesSpaceIdSetterMethod extends Method {
   GigaSpacesSpaceIdSetterMethod() {
     exists(GigaSpacesSpaceIdGetterMethod getterMethod |
       getterMethod.getDeclaringType() = getDeclaringType() and
-      getName().prefix(3) = "set"
+      getName().matches("set%")
     |
       getterMethod.getName().suffix(3) = getName().suffix(3)
     )
@@ -62,6 +62,6 @@ class GigaSpacesSpaceIdSetterMethod extends Method {
 class GigaSpacesSpaceRoutingMethod extends Method {
   GigaSpacesSpaceRoutingMethod() {
     getAnAnnotation().getType().hasQualifiedName("com.gigaspaces.annotation.pojo", "SpaceRouting") and
-    getName().prefix(3) = "get"
+    getName().matches("get%")
   }
 }

java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll

@@ -37,7 +37,7 @@ class SpringProfileExpr extends string {
  * A Spring profile expression that begins with "!", indicating a negated expression.
  */
 class NotSpringProfileExpr extends SpringProfileExpr {
-  NotSpringProfileExpr() { this.prefix(1) = "!" }
+  NotSpringProfileExpr() { this.matches("!%") }
 
   /**
    * Gets the profile described in this profile expression.

java/ql/lib/semmle/code/xml/MavenPom.qll

@@ -129,7 +129,7 @@ class Pom extends ProtoPom {
    * occurs by considering the properties defined by this project or an ancestor project.
    */
   string resolvePlaceholder(string name) {
-    if name.prefix(8) = "project."
+    if name.matches("project.%")
     then
       exists(PomElement p |
         p = getProjectProperty() and

javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll

@@ -727,7 +727,7 @@ module NodeJSLib {
       result = getParameter(1).getARhs()
     }
 
-    override predicate isSync() { "Sync" = methodName.suffix(methodName.length() - 4) }
+    override predicate isSync() { methodName.matches("%Sync") }
 
     override DataFlow::Node getOptionsArg() {
       not result.getALocalSource() instanceof DataFlow::FunctionNode and // looks like callback

javascript/ql/lib/semmle/javascript/frameworks/SystemCommandExecutors.qll

@@ -107,9 +107,7 @@ private class SystemCommandExecutors extends SystemCommandExecution, DataFlow::I
  */
 bindingset[name]
 private boolean getSync(string name) {
-  if name.suffix(name.length() - 4) = "Sync" or name.suffix(name.length() - 4) = "sync"
-  then result = true
-  else result = false
+  if name.matches("%Sync") or name.matches("%sync") then result = true else result = false
 }
 
 private class RemoteCommandExecutor extends SystemCommandExecution, DataFlow::InvokeNode {

javascript/ql/lib/semmle/javascript/security/UselessUseOfCat.qll

@@ -303,14 +303,11 @@ module PrettyPrintCatCall {
   bindingset[str]
   private string createSimplifiedStringConcat(string str) {
     // Remove an initial ""+ (e.g. in `""+file`)
-    if str.prefix(5) = "\"\" + "
+    if str.matches("\"\" + %")
     then result = str.suffix(5)
     else
       // prettify `${newpath}` to just newpath
-      if
-        str.prefix(3) = "`${" and
-        str.suffix(str.length() - 2) = "}`" and
-        not str.suffix(3).matches("%{%")
+      if str.matches("`${%") and str.matches("%}`") and not str.suffix(3).matches("%{%")
       then result = str.prefix(str.length() - 2).suffix(3)
       else result = str
   }

javascript/ql/src/Security/CWE-730/ServerCrash.ql

@@ -104,7 +104,7 @@ class AsyncSentinelCall extends DataFlow::CallNode {
     exists(DataFlow::FunctionNode node | node.getAstNode() = asyncCallee |
       // manual models
       exists(string memberName |
-        not "Sync" = memberName.suffix(memberName.length() - 4) and
+        not memberName.matches("%Sync") and
         this = NodeJSLib::FS::moduleMember(memberName).getACall() and
         node = this.getCallback([1 .. 2])
       )

python/ql/lib/semmle/python/templates/PyxlTags.qll

@@ -29,7 +29,7 @@ private predicate pyxl_tag(Call c, string name) {
 }
 
 class PyxlHtmlTag extends PyxlTag {
-  PyxlHtmlTag() { this.getPyxlTagName().prefix(2) = "x_" }
+  PyxlHtmlTag() { this.getPyxlTagName().matches("x\\_%") }
 
   string getTagName() { result = this.getPyxlTagName().suffix(2) }
 

python/ql/lib/semmle/python/web/Http.qll

@@ -33,7 +33,7 @@ class WsgiEnvironment extends TaintKind {
       (
         text = "QUERY_STRING" or
         text = "PATH_INFO" or
-        text.prefix(5) = "HTTP_"
+        text.matches("HTTP\\_%")
       )
     )
   }

python/ql/src/Security/CWE-798/HardcodedCredentials.ql

@@ -88,7 +88,7 @@ class CredentialSink extends TaintSink {
   CredentialSink() {
     exists(string name |
       name.regexpMatch(getACredentialRegex()) and
-      not name.suffix(name.length() - 4) = "file"
+      not name.matches("%file")
     |
       any(FunctionValue func).getNamedArgumentForCall(_, name) = this
       or