JS/Python/Ruby: use 'SharedModelValidation' file

Jami Cogswell · Jami Cogswell · commit 0ab1848b7080 · 2023-06-05T12:18:33.000-04:00
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll
@@ -653,22 +653,26 @@ module ModelOutput {
 
   import Cached
   import Specific::ModelOutputSpecific
+  private import SharedModelValidation
 
   private string getInvalidModelKind() {
+    exists(string kind | summaryModel(_, _, _, _, kind) |
+      not kind instanceof ValidSummaryKind and
+      result = "Invalid kind \"" + kind + "\" in summary model."
+    )
+    or
     exists(string kind | sinkModel(_, _, kind) |
-      not kind =
-        [
-          "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection",
-          "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection",
-          "ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
-          "path-injection", "file-content-store", "hostname-verification", "response-splitting",
-          "information-leak", "xslt-injection", "jexl-injection", "bean-validation",
-          "template-injection", "fragment-injection", "command-injection"
-        ] and
+      not kind instanceof ValidSinkKind and
       not kind.matches("credentials-%") and
       not kind.matches("test-%") and
       result = "Invalid kind \"" + kind + "\" in sink model."
     )
+    or
+    exists(string kind | sourceModel(_, _, kind) |
+      not kind instanceof ValidSourceKind and
+      not kind.matches("qltest%") and
+      result = "Invalid kind \"" + kind + "\" in source model."
+    )
   }
 
   /**
diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll b/python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll
@@ -653,22 +653,26 @@ module ModelOutput {
 
   import Cached
   import Specific::ModelOutputSpecific
+  private import SharedModelValidation
 
   private string getInvalidModelKind() {
+    exists(string kind | summaryModel(_, _, _, _, kind) |
+      not kind instanceof ValidSummaryKind and
+      result = "Invalid kind \"" + kind + "\" in summary model."
+    )
+    or
     exists(string kind | sinkModel(_, _, kind) |
-      not kind =
-        [
-          "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection",
-          "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection",
-          "ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
-          "path-injection", "file-content-store", "hostname-verification", "response-splitting",
-          "information-leak", "xslt-injection", "jexl-injection", "bean-validation",
-          "template-injection", "fragment-injection", "command-injection"
-        ] and
+      not kind instanceof ValidSinkKind and
       not kind.matches("credentials-%") and
       not kind.matches("test-%") and
       result = "Invalid kind \"" + kind + "\" in sink model."
     )
+    or
+    exists(string kind | sourceModel(_, _, kind) |
+      not kind instanceof ValidSourceKind and
+      not kind.matches("qltest%") and
+      result = "Invalid kind \"" + kind + "\" in source model."
+    )
   }
 
   /**
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll
@@ -653,22 +653,26 @@ module ModelOutput {
 
   import Cached
   import Specific::ModelOutputSpecific
+  private import SharedModelValidation
 
   private string getInvalidModelKind() {
+    exists(string kind | summaryModel(_, _, _, _, kind) |
+      not kind instanceof ValidSummaryKind and
+      result = "Invalid kind \"" + kind + "\" in summary model."
+    )
+    or
     exists(string kind | sinkModel(_, _, kind) |
-      not kind =
-        [
-          "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection",
-          "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection",
-          "ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
-          "path-injection", "file-content-store", "hostname-verification", "response-splitting",
-          "information-leak", "xslt-injection", "jexl-injection", "bean-validation",
-          "template-injection", "fragment-injection", "command-injection"
-        ] and
+      not kind instanceof ValidSinkKind and
       not kind.matches("credentials-%") and
       not kind.matches("test-%") and
       result = "Invalid kind \"" + kind + "\" in sink model."
     )
+    or
+    exists(string kind | sourceModel(_, _, kind) |
+      not kind instanceof ValidSourceKind and
+      not kind.matches("qltest%") and
+      result = "Invalid kind \"" + kind + "\" in source model."
+    )
   }
 
   /**
