Merge pull request github#12578 from egregius313/egregius313/conform-dataflow-configs-to-config-naming-convention

Conform dataflow config modules to follow `*Config` naming convention

Author: egregius313

cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql

@@ -132,7 +132,7 @@ predicate isSinkImpl(DataFlow::Node sink, Expr formatString) {
   exists(FormattingFunctionCall fc | formatString = fc.getArgument(fc.getFormatParameterIndex()))
 }
 
-module NonConstFlowConfiguration implements DataFlow::ConfigSig {
+module NonConstFlowConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     exists(boolean isIndirect, Type t |
       isNonConst(source, isIndirect) and
@@ -146,7 +146,7 @@ module NonConstFlowConfiguration implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node node) { isBarrierNode(node) }
 }
 
-module NonConstFlow = TaintTracking::Make<NonConstFlowConfiguration>;
+module NonConstFlow = TaintTracking::Make<NonConstFlowConfig>;
 
 from FormattingFunctionCall call, Expr formatString
 where

cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll

@@ -223,15 +223,15 @@ deprecated class LeapYearCheckConfiguration extends DataFlow::Configuration {
  * Data flow configuration for finding a variable access that would flow into
  * a function call that includes an operation to check for leap year.
  */
-private module LeapYearCheckConfiguration implements DataFlow::ConfigSig {
+private module LeapYearCheckConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source.asExpr() instanceof VariableAccess }
 
   predicate isSink(DataFlow::Node sink) {
     exists(ChecksForLeapYearFunctionCall fc | sink.asExpr() = fc.getAnArgument())
   }
 }
 
-module LeapYearCheckFlow = DataFlow::Make<LeapYearCheckConfiguration>;
+module LeapYearCheckFlow = DataFlow::Make<LeapYearCheckConfig>;
 
 /**
  * Data flow configuration for finding an operation with hardcoded 365 that will flow into
@@ -264,7 +264,7 @@ deprecated class FiletimeYearArithmeticOperationCheckConfiguration extends DataF
  * Data flow configuration for finding an operation with hardcoded 365 that will flow into
  * a `FILEINFO` field.
  */
-private module FiletimeYearArithmeticOperationCheckConfiguration implements DataFlow::ConfigSig {
+private module FiletimeYearArithmeticOperationCheckConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     exists(Expr e, Operation op | e = source.asExpr() |
       op.getAChild*().getValue().toInt() = 365 and
@@ -284,7 +284,7 @@ private module FiletimeYearArithmeticOperationCheckConfiguration implements Data
 }
 
 module FiletimeYearArithmeticOperationCheckFlow =
-  DataFlow::Make<FiletimeYearArithmeticOperationCheckConfiguration>;
+  DataFlow::Make<FiletimeYearArithmeticOperationCheckConfig>;
 
 /**
  * Taint configuration for finding an operation with hardcoded 365 that will flow into any known date/time field.
@@ -334,7 +334,7 @@ deprecated class PossibleYearArithmeticOperationCheckConfiguration extends Taint
 /**
  * Taint configuration for finding an operation with hardcoded 365 that will flow into any known date/time field.
  */
-private module PossibleYearArithmeticOperationCheckConfiguration implements DataFlow::ConfigSig {
+private module PossibleYearArithmeticOperationCheckConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     exists(Operation op | op = source.asConvertedExpr() |
       op.getAChild*().getValue().toInt() = 365 and
@@ -372,4 +372,4 @@ private module PossibleYearArithmeticOperationCheckConfiguration implements Data
 }
 
 module PossibleYearArithmeticOperationCheckFlow =
-  TaintTracking::Make<PossibleYearArithmeticOperationCheckConfiguration>;
+  TaintTracking::Make<PossibleYearArithmeticOperationCheckConfig>;

cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll

@@ -147,7 +147,7 @@ deprecated class NetworkToBufferSizeConfiguration extends DataFlow::Configuratio
   }
 }
 
-private module NetworkToBufferSizeConfiguration implements DataFlow::ConfigSig {
+private module NetworkToBufferSizeConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node node) { node.asExpr() instanceof NetworkFunctionCall }
 
   predicate isSink(DataFlow::Node node) { node.asExpr() = any(BufferAccess ba).getAccessedLength() }
@@ -161,4 +161,4 @@ private module NetworkToBufferSizeConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module NetworkToBufferSizeFlow = DataFlow::Make<NetworkToBufferSizeConfiguration>;
+module NetworkToBufferSizeFlow = DataFlow::Make<NetworkToBufferSizeConfig>;

cpp/ql/src/Security/CWE/CWE-022/TaintedPath.ql

@@ -70,7 +70,7 @@ predicate hasUpperBoundsCheck(Variable var) {
   )
 }
 
-module TaintedPathConfiguration implements DataFlow::ConfigSig {
+module TaintedPathConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node node) { node instanceof FlowSource }
 
   predicate isSink(DataFlow::Node node) {
@@ -90,7 +90,7 @@ module TaintedPathConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module TaintedPath = TaintTracking::Make<TaintedPathConfiguration>;
+module TaintedPath = TaintTracking::Make<TaintedPathConfig>;
 
 from
   FileFunction fileFunction, Expr taintedArg, FlowSource taintSource,

cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql

@@ -97,7 +97,7 @@ predicate isBarrierImpl(DataFlow::Node node) {
  * given sink. This avoids a cartesian product between all sinks and all `ExecState`s in
  * `ExecTaintConfiguration::isSink`.
  */
-module ExecStateConfiguration implements DataFlow::ConfigSig {
+module ExecStateConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { any(ExecState state).getOutgoingNode() = source }
 
   predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _, _) }
@@ -109,9 +109,9 @@ module ExecStateConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module ExecState = TaintTracking::Make<ExecStateConfiguration>;
+module ExecState = TaintTracking::Make<ExecStateConfig>;
 
-module ExecTaintConfiguration implements DataFlow::StateConfigSig {
+module ExecTaintConfig implements DataFlow::StateConfigSig {
   class FlowState = TState;
 
   predicate isSource(DataFlow::Node source, FlowState state) {
@@ -120,7 +120,7 @@ module ExecTaintConfiguration implements DataFlow::StateConfigSig {
   }
 
   predicate isSink(DataFlow::Node sink, FlowState state) {
-    ExecStateConfiguration::isSink(sink) and
+    ExecStateConfig::isSink(sink) and
     state.(ExecState).isFeasibleForSink(sink)
   }
 
@@ -141,7 +141,7 @@ module ExecTaintConfiguration implements DataFlow::StateConfigSig {
   }
 }
 
-module ExecTaint = TaintTracking::MakeWithState<ExecTaintConfiguration>;
+module ExecTaint = TaintTracking::MakeWithState<ExecTaintConfig>;
 
 from
   ExecTaint::PathNode sourceNode, ExecTaint::PathNode sinkNode, string taintCause, string callChain,

cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql

@@ -90,7 +90,7 @@ predicate missingGuard(VariableAccess va, string effect) {
   )
 }
 
-module UncontrolledArithConfiguration implements DataFlow::ConfigSig {
+module UncontrolledArithConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     exists(RandomFunction rand, Call call | call.getTarget() = rand |
       rand.getFunctionOutput().isReturnValue() and
@@ -122,7 +122,7 @@ module UncontrolledArithConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module UncontrolledArith = TaintTracking::Make<UncontrolledArithConfiguration>;
+module UncontrolledArith = TaintTracking::Make<UncontrolledArithConfig>;
 
 /** Gets the expression that corresponds to `node`, if any. */
 Expr getExpr(DataFlow::Node node) { result = [node.asExpr(), node.asDefiningArgument()] }

cpp/ql/src/Security/CWE/CWE-190/TaintedAllocationSize.ql

@@ -54,7 +54,7 @@ predicate nodeIsBarrierEqualityCandidate(DataFlow::Node node, Operand access, Va
 
 predicate isFlowSource(FlowSource source, string sourceType) { sourceType = source.getSourceType() }
 
-module TaintedAllocationSizeConfiguration implements DataFlow::ConfigSig {
+module TaintedAllocationSizeConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { isFlowSource(source, _) }
 
   predicate isSink(DataFlow::Node sink) { allocSink(_, sink) }
@@ -95,7 +95,7 @@ module TaintedAllocationSizeConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module TaintedAllocationSize = TaintTracking::Make<TaintedAllocationSizeConfiguration>;
+module TaintedAllocationSize = TaintTracking::Make<TaintedAllocationSizeConfig>;
 
 from
   Expr alloc, TaintedAllocationSize::PathNode source, TaintedAllocationSize::PathNode sink,

cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql

@@ -39,7 +39,7 @@ class SensitiveBufferWrite extends Expr instanceof BufferWrite::BufferWrite {
  * A taint flow configuration for flow from user input to a buffer write
  * into a sensitive expression.
  */
-module ToBufferConfiguration implements DataFlow::ConfigSig {
+module ToBufferConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof FlowSource }
 
   predicate isBarrier(DataFlow::Node node) {
@@ -49,7 +49,7 @@ module ToBufferConfiguration implements DataFlow::ConfigSig {
   predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _) }
 }
 
-module ToBufferFlow = TaintTracking::Make<ToBufferConfiguration>;
+module ToBufferFlow = TaintTracking::Make<ToBufferConfig>;
 
 predicate isSinkImpl(DataFlow::Node sink, SensitiveBufferWrite w) {
   w.getASource() = sink.asIndirectExpr()

cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql

@@ -23,7 +23,7 @@ import FromSensitiveFlow::PathGraph
 /**
  * A taint flow configuration for flow from a sensitive expression to a `FileWrite` sink.
  */
-module FromSensitiveConfiguration implements DataFlow::ConfigSig {
+module FromSensitiveConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { isSourceImpl(source, _) }
 
   predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _, _) }
@@ -33,7 +33,7 @@ module FromSensitiveConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module FromSensitiveFlow = TaintTracking::Make<FromSensitiveConfiguration>;
+module FromSensitiveFlow = TaintTracking::Make<FromSensitiveConfig>;
 
 predicate isSinkImpl(DataFlow::Node sink, FileWrite w, Expr dest) {
   exists(Expr e |

cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql

@@ -234,7 +234,7 @@ predicate isSourceImpl(DataFlow::Node source) {
  * A taint flow configuration for flow from a sensitive expression to a network
  * operation.
  */
-module FromSensitiveConfiguration implements DataFlow::ConfigSig {
+module FromSensitiveConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { isSourceImpl(source) }
 
   predicate isSink(DataFlow::Node sink) { isSinkSendRecv(sink, _) }
@@ -250,12 +250,12 @@ module FromSensitiveConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module FromSensitiveFlow = TaintTracking::Make<FromSensitiveConfiguration>;
+module FromSensitiveFlow = TaintTracking::Make<FromSensitiveConfig>;
 
 /**
  * A taint flow configuration for flow from a sensitive expression to an encryption operation.
  */
-module ToEncryptionConfiguration implements DataFlow::ConfigSig {
+module ToEncryptionConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { FromSensitiveFlow::hasFlow(source, _) }
 
   predicate isSink(DataFlow::Node sink) { isSinkEncrypt(sink, _) }
@@ -271,12 +271,12 @@ module ToEncryptionConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module ToEncryptionFlow = TaintTracking::Make<ToEncryptionConfiguration>;
+module ToEncryptionFlow = TaintTracking::Make<ToEncryptionConfig>;
 
 /**
  * A taint flow configuration for flow from an encryption operation to a network operation.
  */
-module FromEncryptionConfiguration implements DataFlow::ConfigSig {
+module FromEncryptionConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { isSinkEncrypt(source, _) }
 
   predicate isSink(DataFlow::Node sink) { FromSensitiveFlow::hasFlowTo(sink) }
@@ -286,7 +286,7 @@ module FromEncryptionConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module FromEncryptionFlow = TaintTracking::Make<FromEncryptionConfiguration>;
+module FromEncryptionFlow = TaintTracking::Make<FromEncryptionConfig>;
 
 from
   FromSensitiveFlow::PathNode source, FromSensitiveFlow::PathNode sink,