C#: Convert System.String flow to CSV format.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll

@@ -535,142 +535,6 @@ class SystemIOStringReaderFlow extends LibraryTypeDataFlow, SystemIOStringReader
   }
 }
 
-/** Data flow for `System.String`. */
-class SystemStringFlow extends LibraryTypeDataFlow, SystemStringClass {
-  override predicate callableFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationCallable c, boolean preservesValue
-  ) {
-    this.constructorFlow(source, sourceAp, sink, sinkAp, c) and
-    preservesValue = false
-    or
-    this.methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue)
-  }
-
-  private predicate constructorFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    Constructor c
-  ) {
-    c = this.getAMember() and
-    c.getParameter(0).getType().(ArrayType).getElementType() instanceof CharType and
-    source = TCallableFlowSourceArg(0) and
-    sourceAp = AccessPath::element() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty()
-  }
-
-  private predicate methodFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationMethod m, boolean preservesValue
-  ) {
-    m = this.getAMethod("ToString") and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = true
-    or
-    m = this.getSplitMethod() and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::element() and
-    preservesValue = false
-    or
-    m = this.getReplaceMethod() and
-    sourceAp = AccessPath::empty() and
-    sinkAp = AccessPath::empty() and
-    (
-      source = TCallableFlowSourceQualifier() and
-      sink = TCallableFlowSinkReturn() and
-      preservesValue = false
-      or
-      source = TCallableFlowSourceArg(1) and
-      sink = TCallableFlowSinkReturn() and
-      preservesValue = false
-    )
-    or
-    m = this.getSubstringMethod() and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = false
-    or
-    m = this.getCloneMethod() and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = true
-    or
-    m = this.getInsertMethod() and
-    sourceAp = AccessPath::empty() and
-    sinkAp = AccessPath::empty() and
-    (
-      source = TCallableFlowSourceQualifier() and
-      sink = TCallableFlowSinkReturn() and
-      preservesValue = false
-      or
-      source = TCallableFlowSourceArg(1) and
-      sink = TCallableFlowSinkReturn() and
-      preservesValue = false
-    )
-    or
-    m = this.getNormalizeMethod() and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = false
-    or
-    m = this.getRemoveMethod() and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = false
-    or
-    m = this.getAMethod() and
-    m.getName().regexpMatch("((ToLower|ToUpper)(Invariant)?)|(Trim(Start|End)?)|(Pad(Left|Right))") and
-    source = TCallableFlowSourceQualifier() and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = false
-    or
-    m = this.getConcatMethod() and
-    exists(int i |
-      source = getFlowSourceArg(m, i, sourceAp) and
-      sink = TCallableFlowSinkReturn() and
-      sinkAp = AccessPath::empty() and
-      preservesValue = false
-    )
-    or
-    m = this.getCopyMethod() and
-    source = TCallableFlowSourceArg(0) and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = true
-    or
-    m = this.getJoinMethod() and
-    source = getFlowSourceArg(m, [0, 1], sourceAp) and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::empty() and
-    preservesValue = false
-    or
-    m = this.getFormatMethod() and
-    exists(int i |
-      (m.getParameter(0).getType() instanceof SystemIFormatProviderInterface implies i != 0) and
-      source = getFlowSourceArg(m, i, sourceAp) and
-      sink = TCallableFlowSinkReturn() and
-      sinkAp = AccessPath::empty() and
-      preservesValue = false
-    )
-  }
-}
-
 /** Data flow for `System.Text.StringBuilder`. */
 class SystemTextStringBuilderFlow extends LibraryTypeDataFlow, SystemTextStringBuilderClass {
   override predicate callableFlow(

csharp/ql/lib/semmle/code/csharp/frameworks/System.qll

@@ -492,6 +492,132 @@ class SystemStringClass extends StringType {
   }
 }
 
+/** Data flow for `System.String`. */
+private class SystemStringFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System;String;false;Clone;();;Argument[-1];ReturnValue;value",
+        "System;String;false;Concat;(System.Collections.Generic.IEnumerable<System.String>);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object,System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object,System.Object,System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object,System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object,System.Object,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Concat;(System.Object[]);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[2];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[2];ReturnValue;taint",
+        "System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[3];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String);;Argument[2];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String,System.String);;Argument[0];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String,System.String);;Argument[1];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String,System.String);;Argument[2];ReturnValue;taint",
+        "System;String;false;Concat;(System.String,System.String,System.String,System.String);;Argument[3];ReturnValue;taint",
+        "System;String;false;Concat;(System.String[]);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;Concat<>;(System.Collections.Generic.IEnumerable<T>);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;Copy;(System.String);;Argument[0];ReturnValue;value",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[3];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[3];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[4];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object[]);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.IFormatProvider,System.String,System.Object[]);;Element of Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object,System.Object);;Argument[0];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object,System.Object);;Argument[1];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object,System.Object);;Argument[2];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object,System.Object,System.Object);;Argument[3];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object[]);;Argument[0];ReturnValue;taint",
+        "System;String;false;Format;(System.String,System.Object[]);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;GetEnumerator;();;Element of Argument[-1];Property[System.CharEnumerator.Current] of ReturnValue;value",
+        "System;String;false;GetEnumerator;();;Element of Argument[-1];Property[System.Collections.Generic.IEnumerator<>.Current] of ReturnValue;value",
+        "System;String;false;Insert;(System.Int32,System.String);;Argument[1];ReturnValue;taint",
+        "System;String;false;Insert;(System.Int32,System.String);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.Object[]);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.Object[]);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.String[]);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.String[]);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.String[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.Char,System.String[],System.Int32,System.Int32);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.Collections.Generic.IEnumerable<System.String>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.Collections.Generic.IEnumerable<System.String>);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.Object[]);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.Object[]);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.String[]);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.String[]);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.String[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join;(System.String,System.String[],System.Int32,System.Int32);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join<>;(System.Char,System.Collections.Generic.IEnumerable<T>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join<>;(System.Char,System.Collections.Generic.IEnumerable<T>);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Join<>;(System.String,System.Collections.Generic.IEnumerable<T>);;Argument[0];ReturnValue;taint",
+        "System;String;false;Join<>;(System.String,System.Collections.Generic.IEnumerable<T>);;Element of Argument[1];ReturnValue;taint",
+        "System;String;false;Normalize;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;Normalize;(System.Text.NormalizationForm);;Argument[-1];ReturnValue;taint",
+        "System;String;false;PadLeft;(System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;PadLeft;(System.Int32,System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;PadRight;(System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;PadRight;(System.Int32,System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Remove;(System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Remove;(System.Int32,System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Replace;(System.Char,System.Char);;Argument[1];ReturnValue;taint",
+        "System;String;false;Replace;(System.Char,System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Replace;(System.String,System.String);;Argument[1];ReturnValue;taint",
+        "System;String;false;Replace;(System.String,System.String);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Split;(System.Char,System.Int32,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.Char,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.Char[]);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.Char[],System.Int32);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.Char[],System.Int32,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.Char[],System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.String,System.Int32,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.String,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.String[],System.Int32,System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;Split;(System.String[],System.StringSplitOptions);;Argument[-1];Element of ReturnValue;taint",
+        "System;String;false;String;(System.Char[]);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;String;(System.Char[],System.Int32,System.Int32);;Element of Argument[0];ReturnValue;taint",
+        "System;String;false;Substring;(System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Substring;(System.Int32,System.Int32);;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToLower;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToLower;(System.Globalization.CultureInfo);;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToLowerInvariant;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToString;();;Argument[-1];ReturnValue;value",
+        "System;String;false;ToString;(System.IFormatProvider);;Argument[-1];ReturnValue;value",
+        "System;String;false;ToUpper;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToUpper;(System.Globalization.CultureInfo);;Argument[-1];ReturnValue;taint",
+        "System;String;false;ToUpperInvariant;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;Trim;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;Trim;(System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;Trim;(System.Char[]);;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimEnd;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimEnd;(System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimEnd;(System.Char[]);;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimStart;();;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimStart;(System.Char);;Argument[-1];ReturnValue;taint",
+        "System;String;false;TrimStart;(System.Char[]);;Argument[-1];ReturnValue;taint",
+      ]
+  }
+}
+
 /** A `ToString()` method. */
 class ToStringMethod extends Method {
   ToStringMethod() { this = any(SystemObjectClass c).getToStringMethod().getAnOverrider*() }