Update ExternalValueFlow to use value flow

Author: owen-mc

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ext.yml

@@ -3,21 +3,21 @@ extensions:
       pack: codeql/go-all
       extensible: summaryModel
     data:
-      - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResArrayContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgArrayContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResCollectionContent", "", "", "Argument[0]", "ReturnValue.Element", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgCollectionContentRes", "", "", "Argument[0].Element", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResMapKeyContent", "", "", "Argument[0]", "ReturnValue.MapKey", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgMapKeyContentRes", "", "", "Argument[0].MapKey", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResMapValueContent", "", "", "Argument[0]", "ReturnValue.MapValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgMapValueContentRes", "", "", "Argument[0].MapValue", "ReturnValue", "taint", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResArrayContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgArrayContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResCollectionContent", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgCollectionContentRes", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResMapKeyContent", "", "", "Argument[0]", "ReturnValue.MapKey", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgMapKeyContentRes", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResMapValueContent", "", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgMapValueContentRes", "", "", "Argument[0].MapValue", "ReturnValue", "value", "manual"]
       - ["github.com/nonexistent/test", "", False, "GetElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"]
       - ["github.com/nonexistent/test", "", False, "GetMapKey", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"]
       - ["github.com/nonexistent/test", "", False, "SetElement", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"]

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ql

@@ -14,4 +14,4 @@ module Config implements DataFlow::ConfigSig {
   predicate isSink(DataFlow::Node src) { sinkNode(src, "qltest") }
 }
 
-import TaintFlowTest<Config>
+import ValueFlowTest<Config>

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ext.yml

@@ -3,12 +3,12 @@ extensions:
       pack: codeql/go-all
       extensible: summaryModel
     data:
-      - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgResContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"]
-      - ["github.com/nonexistent/test", "", False, "StepArgContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgResContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "value", "manual"]
+      - ["github.com/nonexistent/test", "", False, "StepArgContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"]

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ql

@@ -4,5 +4,5 @@ import ModelValidation
 import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
 
 from DataFlow::Node node1, DataFlow::Node node2
-where FlowSummaryImpl::Private::Steps::summaryThroughStepTaint(node1, node2, _)
+where FlowSummaryImpl::Private::Steps::summaryThroughStepValue(node1, node2, _)
 select node1, node2

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go

@@ -58,108 +58,108 @@ func simpleflow() {
 	src := a.Src1()
 
 	taint1 := t.StepArgRes(src)
-	b.Sink1(taint1) // $ hasTaintFlow="taint1"
+	b.Sink1(taint1) // $ hasValueFlow="taint1"
 
 	_, taint2 := t.StepArgRes1(src)
-	b.Sink1(taint2) // $ hasTaintFlow="taint2"
+	b.Sink1(taint2) // $ hasValueFlow="taint2"
 
 	var taint3 interface{}
 	t.StepArgArg(src, taint3)
-	b.Sink1(taint3) // $ hasTaintFlow="taint3"
+	b.Sink1(taint3) // $ hasValueFlow="taint3"
 
 	var taint4 test.T
 	taint4.StepArgQual(src)
-	b.Sink1(taint4) // $ hasTaintFlow="taint4"
+	b.Sink1(taint4) // $ hasValueFlow="taint4"
 
 	taint5 := (src.(*test.T)).StepQualRes()
-	b.Sink1(taint5) // $ hasTaintFlow="taint5"
+	b.Sink1(taint5) // $ hasValueFlow="taint5"
 
 	var taint6 interface{}
 	(src.(*test.T)).StepQualArg(taint6)
-	b.Sink1(taint6) // $ hasTaintFlow="taint6"
+	b.Sink1(taint6) // $ hasValueFlow="taint6"
 
 	taint7 := test.StepArgResNoQual(src)
-	b.Sink1(taint7) // $ hasTaintFlow="taint7"
+	b.Sink1(taint7) // $ hasValueFlow="taint7"
 
 	taint8 := test.StepArgResArrayContent(src)
-	b.Sink1(taint8[0]) // $ hasTaintFlow="index expression"
+	b.Sink1(taint8[0]) // $ hasValueFlow="index expression"
 
 	srcArray := []interface{}{nil, src}
 	taint9 := test.StepArgArrayContentRes(srcArray)
-	b.Sink1(taint9) // $ hasTaintFlow="taint9"
+	b.Sink1(taint9) // $ hasValueFlow="taint9"
 
 	taint10 := test.StepArgResCollectionContent(a.Src1()).(chan interface{})
-	b.Sink1(test.GetElement(taint10)) // $ hasTaintFlow="call to GetElement"
-	b.Sink1(<-taint10)                // $ hasTaintFlow="<-..."
+	b.Sink1(test.GetElement(taint10)) // $ hasValueFlow="call to GetElement"
+	b.Sink1(<-taint10)                // $ hasValueFlow="<-..."
 
 	srcCollection := test.SetElement(a.Src1())
 	taint11 := test.StepArgCollectionContentRes(srcCollection)
-	b.Sink1(taint11) // $ hasTaintFlow="taint11"
+	b.Sink1(taint11) // $ hasValueFlow="taint11"
 
 	taint12 := test.StepArgResMapKeyContent(a.Src1()).(map[string]string)
-	b.Sink1(test.GetMapKey(taint12)) // $ hasTaintFlow="call to GetMapKey"
+	b.Sink1(test.GetMapKey(taint12)) // $ hasValueFlow="call to GetMapKey"
 	for k, _ := range taint12 {
-		b.Sink1(k) // $ hasTaintFlow="k"
+		b.Sink1(k) // $ hasValueFlow="k"
 	}
 	for k := range taint12 {
-		b.Sink1(k) // $ hasTaintFlow="k"
+		b.Sink1(k) // $ hasValueFlow="k"
 	}
 
 	srcMap13 := map[string]string{src.(string): ""}
 	taint13 := test.StepArgMapKeyContentRes(srcMap13)
-	b.Sink1(taint13) // $ hasTaintFlow="taint13"
+	b.Sink1(taint13) // $ hasValueFlow="taint13"
 
 	taint14 := test.StepArgResMapValueContent(src).(map[string]string)
-	b.Sink1(taint14[""]) // $ hasTaintFlow="index expression"
+	b.Sink1(taint14[""]) // $ hasValueFlow="index expression"
 
 	srcMap15 := map[string]string{"": src.(string)}
 	taint15 := test.StepArgMapValueContentRes(srcMap15)
-	b.Sink1(taint15) // $ hasTaintFlow="taint15"
+	b.Sink1(taint15) // $ hasValueFlow="taint15"
 
 	slice := make([]interface{}, 0)
 	slice = append(slice, src)
-	b.Sink1(slice[0]) // $ hasTaintFlow="index expression"
+	b.Sink1(slice[0]) // $ hasValueFlow="index expression"
 
 	ch := make(chan string)
 	ch <- a.Src1().(string)
 	taint16 := test.StepArgCollectionContentRes(ch)
-	b.Sink1(taint16) // $ MISSING: hasTaintFlow="taint16" // currently fails due to lack of post-update nodes after send statements
+	b.Sink1(taint16) // $ MISSING: hasValueFlow="taint16" // currently fails due to lack of post-update nodes after send statements
 
 	c1 := test.C{""}
 	c1.Set(a.Src1().(string))
-	b.Sink1(c1.F) // $ hasTaintFlow="selection of F"
+	b.Sink1(c1.F) // $ hasValueFlow="selection of F"
 
 	c2 := test.C{a.Src1().(string)}
-	b.Sink1(c2.Get()) // $ hasTaintFlow="call to Get"
+	b.Sink1(c2.Get()) // $ hasValueFlow="call to Get"
 
 	c3 := test.C{""}
 	c3.Set(a.Src1().(string))
-	b.Sink1(c3.Get()) // $ hasTaintFlow="call to Get"
+	b.Sink1(c3.Get()) // $ hasValueFlow="call to Get"
 
 	c4 := test.C{""}
 	c4.Set(a.Src1().(string))
 	c4.Set("")
-	b.Sink1(c4.Get()) // $ SPURIOUS: hasTaintFlow="call to Get" // because we currently don't clear content
+	b.Sink1(c4.Get()) // $ SPURIOUS: hasValueFlow="call to Get" // because we currently don't clear content
 
 	cp1 := &test.C{""}
 	cp1.SetThroughPointer(a.Src1().(string))
-	b.Sink1(cp1.F) // $ hasTaintFlow="selection of F"
+	b.Sink1(cp1.F) // $ hasValueFlow="selection of F"
 
 	cp2 := &test.C{a.Src1().(string)}
-	b.Sink1(cp2.GetThroughPointer()) // $ hasTaintFlow="call to GetThroughPointer"
+	b.Sink1(cp2.GetThroughPointer()) // $ hasValueFlow="call to GetThroughPointer"
 
 	cp3 := &test.C{""}
 	cp3.SetThroughPointer(a.Src1().(string))
-	b.Sink1(cp3.GetThroughPointer()) // $ hasTaintFlow="call to GetThroughPointer"
+	b.Sink1(cp3.GetThroughPointer()) // $ hasValueFlow="call to GetThroughPointer"
 
 	cp4 := &test.C{""}
 	cp4.SetThroughPointer(a.Src1().(string))
 	cp4.SetThroughPointer("")
-	b.Sink1(cp4.GetThroughPointer()) // $ SPURIOUS: hasTaintFlow="call to GetThroughPointer" // because we currently don't clear content
+	b.Sink1(cp4.GetThroughPointer()) // $ SPURIOUS: hasValueFlow="call to GetThroughPointer" // because we currently don't clear content
 
 	arg1 := src
 	arg2 := src
 	arg3 := src
 	arg4 := src
-	b.SinkManyArgs(arg1, arg2, arg3, arg4) // $ hasTaintFlow="arg1" hasTaintFlow="arg2" hasTaintFlow="arg3"
+	b.SinkManyArgs(arg1, arg2, arg3, arg4) // $ hasValueFlow="arg1" hasValueFlow="arg2" hasValueFlow="arg3"
 }