Merge pull request github#12917 from egregius313/egregius313/java/dataflow/refactor-inline-flow-test

Java: Refactor `InlineFlowTest` to remove usage of `DataFlow::Configuration` API

Author: egregius313

java/ql/test/TestUtilities/InlineFlowTest.qll

@@ -61,37 +61,11 @@ private module DefaultValueFlow = DataFlow::Global<DefaultFlowConfig>;
 
 private module DefaultTaintFlow = TaintTracking::Global<DefaultFlowConfig>;
 
-class DefaultValueFlowConf extends DataFlow::Configuration {
-  DefaultValueFlowConf() { this = "qltest:defaultValueFlowConf" }
-
-  override predicate isSource(DataFlow::Node n) { defaultSource(n) }
-
-  override predicate isSink(DataFlow::Node n) {
-    exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
-  }
-
-  override int fieldFlowBranchLimit() { result = 1000 }
-}
-
-class DefaultTaintFlowConf extends TaintTracking::Configuration {
-  DefaultTaintFlowConf() { this = "qltest:defaultTaintFlowConf" }
-
-  override predicate isSource(DataFlow::Node n) { defaultSource(n) }
-
-  override predicate isSink(DataFlow::Node n) {
-    exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
-  }
-
-  override int fieldFlowBranchLimit() { result = 1000 }
-}
-
 private string getSourceArgString(DataFlow::Node src) {
   defaultSource(src) and
   src.asExpr().(MethodAccess).getAnArgument().(StringLiteral).getValue() = result
 }
 
-abstract class EnableLegacyConfiguration extends Unit { }
-
 class InlineFlowTest extends InlineExpectationsTest {
   InlineFlowTest() { this = "HasFlowTest" }
 
@@ -116,18 +90,10 @@ class InlineFlowTest extends InlineExpectationsTest {
   }
 
   predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) {
-    if exists(EnableLegacyConfiguration e)
-    then getValueFlowConfig().hasFlow(src, sink)
-    else DefaultValueFlow::flow(src, sink)
+    DefaultValueFlow::flow(src, sink)
   }
 
   predicate hasTaintFlow(DataFlow::Node src, DataFlow::Node sink) {
-    if exists(EnableLegacyConfiguration e)
-    then getTaintFlowConfig().hasFlow(src, sink)
-    else DefaultTaintFlow::flow(src, sink)
+    DefaultTaintFlow::flow(src, sink)
   }
-
-  DataFlow::Configuration getValueFlowConfig() { result = any(DefaultValueFlowConf config) }
-
-  DataFlow::Configuration getTaintFlowConfig() { result = any(DefaultTaintFlowConf config) }
 }

java/ql/test/library-tests/frameworks/JaxWs/JaxRsFlow.ql

@@ -3,22 +3,26 @@ import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.dataflow.FlowSources
 import TestUtilities.InlineFlowTest
 
-class EnableLegacy extends EnableLegacyConfiguration {
-  EnableLegacy() { exists(this) }
-}
-
-class TaintFlowConf extends DefaultTaintFlowConf {
-  override predicate isSource(DataFlow::Node n) {
-    super.isSource(n)
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) {
+    DefaultFlowConfig::isSource(node)
     or
-    n instanceof RemoteFlowSource
+    node instanceof RemoteFlowSource
   }
+
+  predicate isSink = DefaultFlowConfig::isSink/1;
 }
 
-class ValueFlowConf extends DefaultValueFlowConf {
-  override predicate isSource(DataFlow::Node n) {
-    super.isSource(n)
-    or
-    n instanceof RemoteFlowSource
+module TaintFlow = TaintTracking::Global<Config>;
+
+module ValueFlow = DataFlow::Global<Config>;
+
+class Test extends InlineFlowTest {
+  override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
+    TaintFlow::flow(source, sink)
+  }
+
+  override predicate hasValueFlow(DataFlow::Node source, DataFlow::Node sink) {
+    ValueFlow::flow(source, sink)
   }
 }

java/ql/test/library-tests/frameworks/android/slice/test.ql

@@ -1,22 +1,37 @@
 import java
+import semmle.code.java.dataflow.TaintTracking
 import TestUtilities.InlineFlowTest
 import semmle.code.java.dataflow.FlowSources
 
-class EnableLegacy extends EnableLegacyConfiguration {
-  EnableLegacy() { exists(this) }
+module SliceValueFlowConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
+    DefaultFlowConfig::isSource(source) or source instanceof RemoteFlowSource
+  }
+
+  predicate isSink = DefaultFlowConfig::isSink/1;
 }
 
-class SliceValueFlowConf extends DefaultValueFlowConf {
-  override predicate isSource(DataFlow::Node source) {
-    super.isSource(source) or source instanceof RemoteFlowSource
+module SliceValueFlow = DataFlow::Global<SliceValueFlowConfig>;
+
+module SliceTaintFlowConfig implements DataFlow::ConfigSig {
+  predicate isSource = DefaultFlowConfig::isSource/1;
+
+  predicate isSink = DefaultFlowConfig::isSink/1;
+
+  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
+    DefaultFlowConfig::isSink(node) and
+    c.(DataFlow::SyntheticFieldContent).getField() = "androidx.slice.Slice.action"
   }
 }
 
-class SliceTaintFlowConf extends DefaultTaintFlowConf {
-  override predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
-    super.allowImplicitRead(node, c)
-    or
-    isSink(node) and
-    c.(DataFlow::SyntheticFieldContent).getField() = "androidx.slice.Slice.action"
+module SliceTaintFlow = TaintTracking::Global<SliceTaintFlowConfig>;
+
+class SliceFlowTest extends InlineFlowTest {
+  override predicate hasValueFlow(DataFlow::Node source, DataFlow::Node sink) {
+    SliceValueFlow::flow(source, sink)
+  }
+
+  override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
+    SliceTaintFlow::flow(source, sink)
   }
 }

java/ql/test/library-tests/frameworks/netty/manual/test.ql

@@ -1,15 +1,22 @@
 import java
+import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.FlowSources
 import TestUtilities.InlineFlowTest
 
-class Conf extends DefaultTaintFlowConf {
-  override predicate isSource(DataFlow::Node node) {
-    super.isSource(node)
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) {
+    DefaultFlowConfig::isSource(node)
     or
     node instanceof RemoteFlowSource
   }
+
+  predicate isSink = DefaultFlowConfig::isSink/1;
 }
 
-class LegacyConfig extends EnableLegacyConfiguration {
-  LegacyConfig() { this instanceof Unit }
+module Flow = TaintTracking::Global<Config>;
+
+class Test extends InlineFlowTest {
+  override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
+    Flow::flow(source, sink)
+  }
 }

java/ql/test/library-tests/frameworks/okhttp/test.ql

@@ -1,10 +1,17 @@
 import java
+import semmle.code.java.dataflow.DataFlow
 import TestUtilities.InlineFlowTest
 
-class EnableLegacy extends EnableLegacyConfiguration {
-  EnableLegacy() { exists(this) }
+module OkHttpFlowConfig implements DataFlow::ConfigSig {
+  predicate isSource = DefaultFlowConfig::isSource/1;
+
+  predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") }
 }
 
-class FlowConf extends DefaultValueFlowConf {
-  override predicate isSink(DataFlow::Node n) { super.isSink(n) or sinkNode(n, "open-url") }
+module OkHttpFlow = DataFlow::Global<OkHttpFlowConfig>;
+
+class OkHttpTest extends InlineFlowTest {
+  override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) {
+    OkHttpFlow::flow(src, sink)
+  }
 }

java/ql/test/library-tests/frameworks/retrofit/test.ql

@@ -1,10 +1,15 @@
 import java
+import semmle.code.java.dataflow.DataFlow
 import TestUtilities.InlineFlowTest
 
-class EnableLegacy extends EnableLegacyConfiguration {
-  EnableLegacy() { exists(this) }
+module FlowConfig implements DataFlow::ConfigSig {
+  predicate isSource = DefaultFlowConfig::isSource/1;
+
+  predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") }
 }
 
-class FlowConf extends DefaultValueFlowConf {
-  override predicate isSink(DataFlow::Node n) { super.isSink(n) or sinkNode(n, "open-url") }
+module Flow = DataFlow::Global<FlowConfig>;
+
+class RetrofitFlowTest extends InlineFlowTest {
+  override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) { Flow::flow(src, sink) }
 }