Python: Re-factor provenance related predicates for summarized callable.

michaelnebel · michaelnebel · commit 59a9e255c758 · 2023-01-11T16:20:55.000+01:00
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll
@@ -78,25 +78,24 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any(
 
 /**
  * Holds if an external flow summary exists for `c` with input specification
- * `input`, output specification `output`, kind `kind`, and a flag `generated`
- * stating whether the summary is autogenerated.
+ * `input`, output specification `output`, kind `kind`, and provenance `provenance`.
  */
 predicate summaryElement(
-  FlowSummary::SummarizedCallable c, string input, string output, string kind, boolean generated
+  FlowSummary::SummarizedCallable c, string input, string output, string kind, string provenance
 ) {
   exists(boolean preservesValue |
     c.propagatesFlowExt(input, output, preservesValue) and
     (if preservesValue = true then kind = "value" else kind = "taint") and
-    generated = false
+    provenance = "manual"
   )
 }
 
 /**
- * Holds if a neutral model exists for `c`, which means that there is no
- * flow through `c`. The flag `generated` states whether the neutral model is autogenerated.
+ * Holds if a neutral model exists for `c` with provenance `provenance`,
+ * which means that there is no flow through `c`.
  * Note. Neutral models have not been implemented for Python.
  */
-predicate neutralElement(FlowSummary::SummarizedCallable c, boolean generated) { none() }
+predicate neutralElement(FlowSummary::SummarizedCallable c, string provenance) { none() }
 
 /**
  * Gets the summary component for specification component `c`, if any.
@@ -137,17 +136,15 @@ ReturnKind getReturnValueKind() { any() }
 private module UnusedSourceSinkInterpretation {
   /**
    * Holds if an external source specification exists for `n` with output specification
-   * `output`, kind `kind`, and a flag `generated` stating whether the source specification is
-   * autogenerated.
+   * `output`, kind `kind`, and provenance `provenance`.
    */
-  predicate sourceElement(AstNode n, string output, string kind, boolean generated) { none() }
+  predicate sourceElement(AstNode n, string output, string kind, string provenance) { none() }
 
   /**
    * Holds if an external sink specification exists for `n` with input specification
-   * `input`, kind `kind` and a flag `generated` stating whether the sink specification is
-   * autogenerated.
+   * `input`, kind `kind` and provenance `provenance`.
    */
-  predicate sinkElement(AstNode n, string input, string kind, boolean generated) { none() }
+  predicate sinkElement(AstNode n, string input, string kind, string provenance) { none() }
 
   class SourceOrSinkElement = AstNode;
 
