Update HeaderDeclaration input naming

jorgectf · jorgectf · commit b10ade17beee · 2021-06-20T00:13:59.000+02:00
diff --git a/python/ql/src/experimental/semmle/python/Concepts.qll b/python/ql/src/experimental/semmle/python/Concepts.qll
@@ -159,7 +159,7 @@ module HeaderDeclaration {
     /**
      * Gets the argument containing the header value.
      */
-    abstract DataFlow::Node getHeaderInput();
+    abstract DataFlow::Node getAnInput();
   }
 }
 
@@ -177,5 +177,5 @@ class HeaderDeclaration extends DataFlow::Node {
   /**
    * Gets the argument containing the header value.
    */
-  DataFlow::Node getHeaderInput() { result = range.getHeaderInput() }
+  DataFlow::Node getAnInput() { result = range.getAnInput() }
 }
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Django.qll b/python/ql/src/experimental/semmle/python/frameworks/Django.qll
@@ -56,7 +56,7 @@ private module PrivateDjango {
           class DjangoResponseSetItemCall extends DataFlow::CallCfgNode, HeaderDeclaration::Range {
             DjangoResponseSetItemCall() { this.getFunction() = headerSetItemCall() }
 
-            override DataFlow::Node getHeaderInput() { result = this.getArg([0, 1]) }
+            override DataFlow::Node getAnInput() { result = this.getArg([0, 1]) }
           }
 
           class DjangoResponseDefinition extends DataFlow::Node, HeaderDeclaration::Range {
@@ -67,7 +67,7 @@ private module PrivateDjango {
               headerInput.asCfgNode() = this.asCfgNode().(DefinitionNode).getValue()
             }
 
-            override DataFlow::Node getHeaderInput() {
+            override DataFlow::Node getAnInput() {
               result.asExpr() in [headerInput.asExpr(), this.asExpr().(Subscript).getIndex()]
             }
           }
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Flask.qll b/python/ql/src/experimental/semmle/python/frameworks/Flask.qll
@@ -54,20 +54,20 @@ module ExperimentalFlask {
       headerInput.asCfgNode() = this.asCfgNode().(DefinitionNode).getValue()
     }
 
-    override DataFlow::Node getHeaderInput() {
+    override DataFlow::Node getAnInput() {
       result.asExpr() in [headerInput.asExpr(), this.asExpr().(Subscript).getIndex()]
     }
   }
 
   private class FlaskMakeResponseExtend extends DataFlow::CallCfgNode, HeaderDeclaration::Range {
     FlaskMakeResponseExtend() { this.getFunction() = headerInstanceCall() }
 
-    override DataFlow::Node getHeaderInput() { result = this.getArg(_) }
+    override DataFlow::Node getAnInput() { result = this.getArg(_) }
   }
 
   private class FlaskResponse extends DataFlow::CallCfgNode, HeaderDeclaration::Range {
     FlaskResponse() { this = Flask::Response::classRef().getACall() }
 
-    override DataFlow::Node getHeaderInput() { result = this.getArgByName("headers") }
+    override DataFlow::Node getAnInput() { result = this.getArgByName("headers") }
   }
 }
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Werkzeug.qll b/python/ql/src/experimental/semmle/python/frameworks/Werkzeug.qll
@@ -24,7 +24,7 @@ private module Werkzeug {
           this.getFunction().(DataFlow::AttrRead).getAttributeName() = "add"
         }
 
-        override DataFlow::Node getHeaderInput() { result = this.getArg(_) }
+        override DataFlow::Node getAnInput() { result = this.getArg(_) }
       }
     }
   }
diff --git a/python/ql/src/experimental/semmle/python/security/injection/HTTPHeaders.qll b/python/ql/src/experimental/semmle/python/security/injection/HTTPHeaders.qll
@@ -13,6 +13,6 @@ class HeaderInjectionFlowConfig extends TaintTracking::Configuration {
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   override predicate isSink(DataFlow::Node sink) {
-    sink = any(HeaderDeclaration headerDeclaration).getHeaderInput()
+    sink = any(HeaderDeclaration headerDeclaration).getAnInput()
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -159,7 +159,7 @@ module HeaderDeclaration {`
`159`	`159`	`/**`
`160`	`160`	`* Gets the argument containing the header value.`
`161`	`161`	`*/`
`162`		`- abstract DataFlow::Node getHeaderInput();`
	`162`	`+ abstract DataFlow::Node getAnInput();`
`163`	`163`	`}`
`164`	`164`	`}`
`165`	`165`
`@@ -177,5 +177,5 @@ class HeaderDeclaration extends DataFlow::Node {`
`177`	`177`	`/**`
`178`	`178`	`* Gets the argument containing the header value.`
`179`	`179`	`*/`
`180`		`- DataFlow::Node getHeaderInput() { result = range.getHeaderInput() }`
	`180`	`+ DataFlow::Node getAnInput() { result = range.getAnInput() }`
`181`	`181`	`}`
Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ private module PrivateDjango {`
`56`	`56`	`class DjangoResponseSetItemCall extends DataFlow::CallCfgNode, HeaderDeclaration::Range {`
`57`	`57`	`DjangoResponseSetItemCall() { this.getFunction() = headerSetItemCall() }`
`58`	`58`
`59`		`- override DataFlow::Node getHeaderInput() { result = this.getArg([0, 1]) }`
	`59`	`+ override DataFlow::Node getAnInput() { result = this.getArg([0, 1]) }`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`class DjangoResponseDefinition extends DataFlow::Node, HeaderDeclaration::Range {`
`@@ -67,7 +67,7 @@ private module PrivateDjango {`
`67`	`67`	`headerInput.asCfgNode() = this.asCfgNode().(DefinitionNode).getValue()`
`68`	`68`	`}`
`69`	`69`
`70`		`- override DataFlow::Node getHeaderInput() {`
	`70`	`+ override DataFlow::Node getAnInput() {`
`71`	`71`	`result.asExpr() in [headerInput.asExpr(), this.asExpr().(Subscript).getIndex()]`
`72`	`72`	`}`
`73`	`73`	`}`
Original file line number	Diff line number	Diff line change
`@@ -54,20 +54,20 @@ module ExperimentalFlask {`
`54`	`54`	`headerInput.asCfgNode() = this.asCfgNode().(DefinitionNode).getValue()`
`55`	`55`	`}`
`56`	`56`
`57`		`- override DataFlow::Node getHeaderInput() {`
	`57`	`+ override DataFlow::Node getAnInput() {`
`58`	`58`	`result.asExpr() in [headerInput.asExpr(), this.asExpr().(Subscript).getIndex()]`
`59`	`59`	`}`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`private class FlaskMakeResponseExtend extends DataFlow::CallCfgNode, HeaderDeclaration::Range {`
`63`	`63`	`FlaskMakeResponseExtend() { this.getFunction() = headerInstanceCall() }`
`64`	`64`
`65`		`- override DataFlow::Node getHeaderInput() { result = this.getArg(_) }`
	`65`	`+ override DataFlow::Node getAnInput() { result = this.getArg(_) }`
`66`	`66`	`}`
`67`	`67`
`68`	`68`	`private class FlaskResponse extends DataFlow::CallCfgNode, HeaderDeclaration::Range {`
`69`	`69`	`FlaskResponse() { this = Flask::Response::classRef().getACall() }`
`70`	`70`
`71`		`- override DataFlow::Node getHeaderInput() { result = this.getArgByName("headers") }`
	`71`	`+ override DataFlow::Node getAnInput() { result = this.getArgByName("headers") }`
`72`	`72`	`}`
`73`	`73`	`}`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ private module Werkzeug {`
`24`	`24`	`this.getFunction().(DataFlow::AttrRead).getAttributeName() = "add"`
`25`	`25`	`}`
`26`	`26`
`27`		`- override DataFlow::Node getHeaderInput() { result = this.getArg(_) }`
	`27`	`+ override DataFlow::Node getAnInput() { result = this.getArg(_) }`
`28`	`28`	`}`
`29`	`29`	`}`
`30`	`30`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,6 @@ class HeaderInjectionFlowConfig extends TaintTracking::Configuration {`
`13`	`13`	`override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }`
`14`	`14`
`15`	`15`	`override predicate isSink(DataFlow::Node sink) {`
`16`		`- sink = any(HeaderDeclaration headerDeclaration).getHeaderInput()`
	`16`	`+ sink = any(HeaderDeclaration headerDeclaration).getAnInput()`
`17`	`17`	`}`
`18`	`18`	`}`