Merge pull request #11567 from asgerf/js/data-extensions2

JS: Move MaD models to data extensions

Author: asgerf

config/identical-files.json

@@ -541,6 +541,11 @@
     "ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll",
     "python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll"
   ],
+  "ApiGraphModelsExtensions": [
+    "javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll",
+    "ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll",
+    "python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll"
+  ],
   "TaintedFormatStringQuery Ruby/JS": [
     "javascript/ql/lib/semmle/javascript/security/dataflow/TaintedFormatStringQuery.qll",
     "ruby/ql/lib/codeql/ruby/security/TaintedFormatStringQuery.qll"

javascript/ql/lib/javascript.qll

@@ -99,7 +99,6 @@ import semmle.javascript.frameworks.JWT
 import semmle.javascript.frameworks.Handlebars
 import semmle.javascript.frameworks.History
 import semmle.javascript.frameworks.Immutable
-import semmle.javascript.frameworks.ImportGeneratedModels
 import semmle.javascript.frameworks.Knex
 import semmle.javascript.frameworks.LazyCache
 import semmle.javascript.frameworks.LdapJS

javascript/ql/lib/qlpack.yml

@@ -7,3 +7,5 @@ library: true
 upgrades: upgrades
 dependencies:
   codeql/regex: ${workspace}
+dataExtensions:
+  - semmle/javascript/frameworks/**/model.yml

javascript/ql/lib/semmle/javascript/frameworks/ImportGeneratedModels.qll

@@ -72,6 +72,7 @@ private module API = Specific::API;
 private module DataFlow = Specific::DataFlow;
 
 private import Specific::AccessPathSyntax
+private import ApiGraphModelsExtensions as Extensions
 
 /** Module containing hooks for providing input data to be interpreted as a model. */
 module ModelInput {
@@ -236,6 +237,8 @@ predicate sourceModel(string type, string path, string kind) {
     row.splitAt(";", 1) = path and
     row.splitAt(";", 2) = kind
   )
+  or
+  Extensions::sourceModel(type, path, kind)
 }
 
 /** Holds if a sink model exists for the given parameters. */
@@ -246,6 +249,8 @@ private predicate sinkModel(string type, string path, string kind) {
     row.splitAt(";", 1) = path and
     row.splitAt(";", 2) = kind
   )
+  or
+  Extensions::sinkModel(type, path, kind)
 }
 
 /** Holds if a summary model `row` exists for the given parameters. */
@@ -258,6 +263,8 @@ private predicate summaryModel(string type, string path, string input, string ou
     row.splitAt(";", 3) = output and
     row.splitAt(";", 4) = kind
   )
+  or
+  Extensions::summaryModel(type, path, input, output, kind)
 }
 
 /** Holds if a type model exists for the given parameters. */
@@ -268,6 +275,8 @@ private predicate typeModel(string type1, string type2, string path) {
     row.splitAt(";", 1) = type2 and
     row.splitAt(";", 2) = path
   )
+  or
+  Extensions::typeModel(type1, type2, path)
 }
 
 /** Holds if a type variable model exists for the given parameters. */
@@ -277,6 +286,8 @@ private predicate typeVariableModel(string name, string path) {
     row.splitAt(";", 0) = name and
     row.splitAt(";", 1) = path
   )
+  or
+  Extensions::typeVariableModel(name, path)
 }
 
 /**

javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll

@@ -0,0 +1,36 @@
+/**
+ * Defines extensible predicates for contributing library models from data extensions.
+ */
+
+/**
+ * Holds if the value at `(type, path)` should be seen as a flow
+ * source of the given `kind`.
+ *
+ * The kind `remote` represents a general remote flow source.
+ */
+extensible predicate sourceModel(string type, string path, string kind);
+
+/**
+ * Holds if the value at `(type, path)` should be seen as a sink
+ * of the given `kind`.
+ */
+extensible predicate sinkModel(string type, string path, string kind);
+
+/**
+ * Holds if calls to `(type, path)`, the value referred to by `input`
+ * can flow to the value referred to by `output`.
+ *
+ * `kind` should be either `value` or `taint`, for value-preserving or taint-preserving steps,
+ * respectively.
+ */
+extensible predicate summaryModel(string type, string path, string input, string output, string kind);
+
+/**
+ * Holds if `(type2, path)` should be seen as an instance of `type1`.
+ */
+extensible predicate typeModel(string type1, string type2, string path);
+
+/**
+ * Holds if `path` can be substituted for a token `TypeVar[name]`.
+ */
+extensible predicate typeVariableModel(string name, string path);

javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll

@@ -0,0 +1,26 @@
+extensions:
+  # Contribute empty data sets to avoid errors about an undefined extensionals
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: sourceModel
+    data: []
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: sinkModel
+    data: []
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: summaryModel
+    data: []
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeModel
+    data: []
+
+  - addsTo:
+      pack: codeql/javascript-all
+      extensible: typeVariableModel
+    data: []

javascript/ql/lib/semmle/javascript/frameworks/data/internal/model.yml

@@ -0,0 +1,80 @@
+extensions:
+  - addsTo: 
+      pack: codeql/javascript-all
+      extensible: typeModel
+    data:
+      - [minimongo.HybridCollection, minimongo.HybridCollectionStatic, Instance]
+      - [minimongo.HybridCollection, "minimongo/lib/HybridDb.HybridCollection", ""]
+      - [minimongo.HybridCollection, "minimongo/lib/HybridDb.default", "Member[collections].AnyMember"]
+      - [minimongo.HybridCollectionStatic, "minimongo/lib/HybridDb.HybridCollectionStatic", ""]
+      - [minimongo.HybridCollectionStatic, "minimongo/lib/HybridDb", "Member[HybridCollection]"]
+      - [minimongo.HybridCollectionStatic, minimongo, "Member[HybridCollection]"]
+      - [minimongo.MinimongoBaseCollection, minimongo.HybridCollection, ""]
+      - [minimongo.MinimongoBaseCollection, minimongo.MinimongoCollection, ""]
+      - [minimongo.MinimongoBaseCollection, minimongo.MinimongoDb, AnyMember]
+      - [minimongo.MinimongoBaseCollection, minimongo.MinimongoLocalCollection, ""]
+      - [minimongo.MinimongoBaseCollection, "minimongo/RemoteDb.Collection", ""]
+      - [minimongo.MinimongoBaseCollection, "minimongo/lib/types.MinimongoBaseCollection", ""]
+      - [minimongo.MinimongoCollection, minimongo.HybridCollection, "Member[remoteCol]"]
+      - [minimongo.MinimongoCollection, minimongo.MinimongoDb, "Member[collections].AnyMember"]
+      - [minimongo.MinimongoCollection, "minimongo/lib/LocalStorageDb.default", "Member[collections].AnyMember"]
+      - [minimongo.MinimongoCollection, "minimongo/lib/WebSQLDb.default", "Member[collections].AnyMember"]
+      - [minimongo.MinimongoCollection, "minimongo/lib/types.MinimongoCollection", ""]
+      - [minimongo.MinimongoDb, minimongo.MinimongoDb, "Member[remoteDb]"]
+      - [minimongo.MinimongoDb, minimongo.MinimongoLocalDb, ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/HybridDb.default", ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/HybridDb.default", "Member[remoteDb]"]
+      - [minimongo.MinimongoDb, "minimongo/lib/LocalStorageDb.default", ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/MemoryDb.default", ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/RemoteDb.default", ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/ReplicatingDb.default", "Member[masterDb,replicaDb]"]
+      - [minimongo.MinimongoDb, "minimongo/lib/WebSQLDb.default", ""]
+      - [minimongo.MinimongoDb, "minimongo/lib/types.MinimongoDb", ""]
+      - [minimongo.MinimongoLocalCollection, minimongo.HybridCollection, "Member[localCol]"]
+      - [minimongo.MinimongoLocalCollection, minimongo.MinimongoCollection, ""]
+      - [minimongo.MinimongoLocalCollection, minimongo.MinimongoLocalDb, "Member[addCollection].Argument[2].Argument[0]"]
+      - [minimongo.MinimongoLocalCollection, minimongo.MinimongoLocalDb, "Member[collections].AnyMember"]
+      - [minimongo.MinimongoLocalCollection, "minimongo/IndexedDb.IndexedDbCollection", ""]
+      - [minimongo.MinimongoLocalCollection, "minimongo/MemoryDb.Collection", ""]
+      - [minimongo.MinimongoLocalCollection, "minimongo/ReplicatingDb.Collection", ""]
+      - [minimongo.MinimongoLocalCollection, "minimongo/ReplicatingDb.Collection", "Member[masterCol,replicaCol]"]
+      - [minimongo.MinimongoLocalCollection, "minimongo/lib/types.MinimongoLocalCollection", ""]
+      - [minimongo.MinimongoLocalDb, minimongo.MinimongoDb, "Member[localDb]"]
+      - [minimongo.MinimongoLocalDb, "minimongo/lib/HybridDb.default", "Member[localDb]"]
+      - [minimongo.MinimongoLocalDb, "minimongo/lib/IndexedDb.default", ""]
+      - [minimongo.MinimongoLocalDb, "minimongo/lib/ReplicatingDb.default", ""]
+      - [minimongo.MinimongoLocalDb, "minimongo/lib/types.MinimongoLocalDb", ""]
+      - ["minimongo/IndexedDb.IndexedDbCollection", "minimongo/IndexedDb.IndexedDbCollectionStatic", Instance]
+      - ["minimongo/IndexedDb.IndexedDbCollection", "minimongo/lib/IndexedDb.default", "Member[collections].AnyMember"]
+      - ["minimongo/MemoryDb.Collection", "minimongo/MemoryDb.CollectionStatic", Instance]
+      - ["minimongo/MemoryDb.Collection", "minimongo/lib/MemoryDb.default", "Member[collections].AnyMember"]
+      - ["minimongo/RemoteDb.Collection", "minimongo/RemoteDb.CollectionStatic", Instance]
+      - ["minimongo/RemoteDb.Collection", "minimongo/lib/RemoteDb.default", "Member[collections].AnyMember"]
+      - ["minimongo/ReplicatingDb.Collection", "minimongo/ReplicatingDb.CollectionStatic", Instance]
+      - ["minimongo/ReplicatingDb.Collection", "minimongo/lib/ReplicatingDb.default", "Member[collections].AnyMember"]
+      - ["minimongo/lib/HybridDb.default", "minimongo/lib/HybridDb.defaultStatic", Instance]
+      - ["minimongo/lib/HybridDb.defaultStatic", "minimongo/lib/HybridDb", "Member[default]"]
+      - ["minimongo/lib/HybridDb.defaultStatic", minimongo, "Member[HybridDb]"]
+      - ["minimongo/lib/IndexedDb.default", "minimongo/lib/IndexedDb.defaultStatic", Instance]
+      - ["minimongo/lib/IndexedDb.default", minimongo, "Member[utils].Member[autoselectLocalDb].ReturnValue"]
+      - ["minimongo/lib/IndexedDb.defaultStatic", "minimongo/lib/IndexedDb", "Member[default]"]
+      - ["minimongo/lib/IndexedDb.defaultStatic", minimongo, "Member[IndexedDb]"]
+      - ["minimongo/lib/LocalStorageDb.default", "minimongo/lib/LocalStorageDb.defaultStatic", Instance]
+      - ["minimongo/lib/LocalStorageDb.default", minimongo, "Member[utils].Member[autoselectLocalDb].ReturnValue"]
+      - ["minimongo/lib/LocalStorageDb.defaultStatic", "minimongo/lib/LocalStorageDb", "Member[default]"]
+      - ["minimongo/lib/LocalStorageDb.defaultStatic", minimongo, "Member[LocalStorageDb]"]
+      - ["minimongo/lib/MemoryDb.default", "minimongo/lib/MemoryDb.defaultStatic", Instance]
+      - ["minimongo/lib/MemoryDb.default", minimongo, "Member[utils].Member[autoselectLocalDb].ReturnValue"]
+      - ["minimongo/lib/MemoryDb.defaultStatic", "minimongo/lib/MemoryDb", "Member[default]"]
+      - ["minimongo/lib/MemoryDb.defaultStatic", minimongo, "Member[MemoryDb]"]
+      - ["minimongo/lib/RemoteDb.default", "minimongo/lib/RemoteDb.defaultStatic", Instance]
+      - ["minimongo/lib/RemoteDb.defaultStatic", "minimongo/lib/RemoteDb", "Member[default]"]
+      - ["minimongo/lib/RemoteDb.defaultStatic", minimongo, "Member[RemoteDb]"]
+      - ["minimongo/lib/ReplicatingDb.default", "minimongo/lib/ReplicatingDb.defaultStatic", Instance]
+      - ["minimongo/lib/ReplicatingDb.defaultStatic", "minimongo/lib/ReplicatingDb", "Member[default]"]
+      - ["minimongo/lib/ReplicatingDb.defaultStatic", minimongo, "Member[ReplicatingDb]"]
+      - ["minimongo/lib/WebSQLDb.default", "minimongo/lib/WebSQLDb.defaultStatic", Instance]
+      - ["minimongo/lib/WebSQLDb.default", minimongo, "Member[utils].Member[autoselectLocalDb].ReturnValue"]
+      - ["minimongo/lib/WebSQLDb.defaultStatic", "minimongo/lib/WebSQLDb", "Member[default]"]
+      - ["minimongo/lib/WebSQLDb.defaultStatic", minimongo, "Member[WebSQLDb]"]
+      - [mongodb.Collection, minimongo.MinimongoBaseCollection, ""]