Python: Cleanup "first" type-tracking predicate to be private

RasmusWL · RasmusWL · commit 1f5e52e82240 · 2021-03-23T16:40:56.000+01:00
Since it's exposed nicely in the version that doesn't have a
`DataFlow::TypeTracker` parameter, these should be private.

Also found one instance where I had accidentially used DataFlow::Node instead of
LocalSourceNode
diff --git a/python/ql/src/semmle/python/Concepts.qll b/python/ql/src/semmle/python/Concepts.qll
@@ -563,7 +563,9 @@ module Cryptography {
     /** Provides classes for modeling new key-pair generation APIs. */
     module KeyGeneration {
       /** Gets a back-reference to the keysize argument `arg` that was used to generate a new key-pair. */
-      DataFlow::LocalSourceNode keysizeBacktracker(DataFlow::TypeBackTracker t, DataFlow::Node arg) {
+      private DataFlow::LocalSourceNode keysizeBacktracker(
+        DataFlow::TypeBackTracker t, DataFlow::Node arg
+      ) {
         t.start() and
         arg = any(KeyGeneration::Range r).getKeySizeArg() and
         result = arg.getALocalSource()
diff --git a/python/ql/src/semmle/python/dataflow/new/TypeTracker.qll b/python/ql/src/semmle/python/dataflow/new/TypeTracker.qll
@@ -180,7 +180,7 @@ private newtype TTypeTracker = MkTypeTracker(Boolean hasCall, OptionalAttributeN
  * It is recommended that all uses of this type are written in the following form,
  * for tracking some type `myType`:
  * ```
- * DataFlow::LocalSourceNode myType(DataFlow::TypeTracker t) {
+ * private DataFlow::LocalSourceNode myType(DataFlow::TypeTracker t) {
  *   t.start() and
  *   result = < source of myType >
  *   or
@@ -341,7 +341,7 @@ private newtype TTypeBackTracker = MkTypeBackTracker(Boolean hasReturn, Optional
  * for back-tracking some callback type `myCallback`:
  *
  * ```
- * DataFlow::LocalSourceNode myCallback(DataFlow::TypeBackTracker t) {
+ * private DataFlow::LocalSourceNode myCallback(DataFlow::TypeBackTracker t) {
  *   t.start() and
  *   result = (< some API call >).getArgument(< n >).getALocalSource()
  *   or
diff --git a/python/ql/src/semmle/python/frameworks/Cryptography.qll b/python/ql/src/semmle/python/frameworks/Cryptography.qll
@@ -76,7 +76,7 @@ private module CryptographyModel {
     }
 
     /** Gets a reference to a predefined curve class instance with a specific key size (in bits), as well as the origin of the class. */
-    private DataFlow::Node curveClassInstanceWithKeySize(
+    private DataFlow::LocalSourceNode curveClassInstanceWithKeySize(
       DataFlow::TypeTracker t, int keySize, DataFlow::Node origin
     ) {
       t.start() and
diff --git a/python/ql/test/experimental/dataflow/typetracking/moduleattr.ql b/python/ql/test/experimental/dataflow/typetracking/moduleattr.ql
@@ -2,7 +2,7 @@ import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TypeTracker
 
-DataFlow::LocalSourceNode module_tracker(TypeTracker t) {
+private DataFlow::LocalSourceNode module_tracker(TypeTracker t) {
   t.start() and
   result = DataFlow::importNode("module")
   or
@@ -13,7 +13,7 @@ query DataFlow::Node module_tracker() {
   module_tracker(DataFlow::TypeTracker::end()).flowsTo(result)
 }
 
-DataFlow::LocalSourceNode module_attr_tracker(TypeTracker t) {
+private DataFlow::LocalSourceNode module_attr_tracker(TypeTracker t) {
   t.startInAttr("attr") and
   result = module_tracker()
   or
diff --git a/python/ql/test/experimental/dataflow/typetracking/tracked.ql b/python/ql/test/experimental/dataflow/typetracking/tracked.ql
@@ -6,7 +6,7 @@ import TestUtilities.InlineExpectationsTest
 // -----------------------------------------------------------------------------
 // tracked
 // -----------------------------------------------------------------------------
-DataFlow::LocalSourceNode tracked(TypeTracker t) {
+private DataFlow::LocalSourceNode tracked(TypeTracker t) {
   t.start() and
   result.asCfgNode() = any(NameNode n | n.getId() = "tracked")
   or
@@ -34,14 +34,14 @@ class TrackedTest extends InlineExpectationsTest {
 // -----------------------------------------------------------------------------
 // int + str
 // -----------------------------------------------------------------------------
-DataFlow::LocalSourceNode int_type(TypeTracker t) {
+private DataFlow::LocalSourceNode int_type(TypeTracker t) {
   t.start() and
   result.asCfgNode() = any(CallNode c | c.getFunction().(NameNode).getId() = "int")
   or
   exists(TypeTracker t2 | result = int_type(t2).track(t2, t))
 }
 
-DataFlow::LocalSourceNode string_type(TypeTracker t) {
+private DataFlow::LocalSourceNode string_type(TypeTracker t) {
   t.start() and
   result.asCfgNode() = any(CallNode c | c.getFunction().(NameNode).getId() = "str")
   or
@@ -83,7 +83,7 @@ class TrackedStringTest extends InlineExpectationsTest {
 // -----------------------------------------------------------------------------
 // tracked_self
 // -----------------------------------------------------------------------------
-DataFlow::LocalSourceNode tracked_self(TypeTracker t) {
+private DataFlow::LocalSourceNode tracked_self(TypeTracker t) {
   t.start() and
   exists(Function f |
     f.isMethod() and

Original file line number	Diff line number	Diff line change
`@@ -76,7 +76,7 @@ private module CryptographyModel {`
`76`	`76`	`}`
`77`	`77`
`78`	`78`	`/** Gets a reference to a predefined curve class instance with a specific key size (in bits), as well as the origin of the class. */`
`79`		`- private DataFlow::Node curveClassInstanceWithKeySize(`
	`79`	`+ private DataFlow::LocalSourceNode curveClassInstanceWithKeySize(`
`80`	`80`	`DataFlow::TypeTracker t, int keySize, DataFlow::Node origin`
`81`	`81`	`) {`
`82`	`82`	`t.start() and`