C++: Refactor dataflow examples to use DataFlow::ConfigSig

Author: jketema

cpp/ql/test/examples/docs-examples/analyzing-data-flow-in-cpp/exercise2.ql

@@ -1,26 +1,22 @@
 import cpp
 import semmle.code.cpp.dataflow.new.DataFlow
 
-class LiteralToGethostbynameConfiguration extends DataFlow::Configuration {
-  LiteralToGethostbynameConfiguration() { this = "LiteralToGethostbynameConfiguration" }
+module LiteralToGethostbynameConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source.asIndirectExpr(1) instanceof StringLiteral }
 
-  override predicate isSource(DataFlow::Node source) {
-    source.asIndirectExpr(1) instanceof StringLiteral
-  }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(FunctionCall fc |
       sink.asIndirectExpr(1) = fc.getArgument(0) and
       fc.getTarget().hasName("gethostbyname")
     )
   }
 }
 
-from
-  StringLiteral sl, FunctionCall fc, LiteralToGethostbynameConfiguration cfg, DataFlow::Node source,
-  DataFlow::Node sink
+module LiteralToGethostbynameFlow = DataFlow::Make<LiteralToGethostbynameConfig>;
+
+from StringLiteral sl, FunctionCall fc, DataFlow::Node source, DataFlow::Node sink
 where
   source.asIndirectExpr(1) = sl and
   sink.asIndirectExpr(1) = fc.getArgument(0) and
-  cfg.hasFlow(source, sink)
+  LiteralToGethostbynameFlow::hasFlow(source, sink)
 select sl, fc

cpp/ql/test/examples/docs-examples/analyzing-data-flow-in-cpp/exercise4.ql

@@ -5,24 +5,22 @@ class GetenvSource extends DataFlow::Node {
   GetenvSource() { this.asIndirectExpr(1).(FunctionCall).getTarget().hasGlobalName("getenv") }
 }
 
-class GetenvToGethostbynameConfiguration extends DataFlow::Configuration {
-  GetenvToGethostbynameConfiguration() { this = "GetenvToGethostbynameConfiguration" }
+module GetenvToGethostbynameConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof GetenvSource }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof GetenvSource }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(FunctionCall fc |
       sink.asIndirectExpr(1) = fc.getArgument(0) and
       fc.getTarget().hasName("gethostbyname")
     )
   }
 }
 
-from
-  Expr getenv, FunctionCall fc, GetenvToGethostbynameConfiguration cfg, DataFlow::Node source,
-  DataFlow::Node sink
+module GetenvToGethostbynameFlow = DataFlow::Make<GetenvToGethostbynameConfig>;
+
+from Expr getenv, FunctionCall fc, DataFlow::Node source, DataFlow::Node sink
 where
   source.asIndirectExpr(1) = getenv and
   sink.asIndirectExpr(1) = fc.getArgument(0) and
-  cfg.hasFlow(source, sink)
+  GetenvToGethostbynameFlow::hasFlow(source, sink)
 select getenv, fc

cpp/ql/test/examples/docs-examples/analyzing-data-flow-in-cpp/fopen-flow-from-getenv.ql

@@ -1,29 +1,27 @@
 import cpp
 import semmle.code.cpp.dataflow.new.DataFlow
 
-class EnvironmentToFileConfiguration extends DataFlow::Configuration {
-  EnvironmentToFileConfiguration() { this = "EnvironmentToFileConfiguration" }
-
-  override predicate isSource(DataFlow::Node source) {
+module EnvironmentToFileConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
     exists(Function getenv |
       source.asIndirectExpr(1).(FunctionCall).getTarget() = getenv and
       getenv.hasGlobalName("getenv")
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(FunctionCall fc |
       sink.asIndirectExpr(1) = fc.getArgument(0) and
       fc.getTarget().hasGlobalName("fopen")
     )
   }
 }
 
-from
-  Expr getenv, Expr fopen, EnvironmentToFileConfiguration config, DataFlow::Node source,
-  DataFlow::Node sink
+module EnvironmentToFileFlow = DataFlow::Make<EnvironmentToFileConfig>;
+
+from Expr getenv, Expr fopen, DataFlow::Node source, DataFlow::Node sink
 where
   source.asIndirectExpr(1) = getenv and
   sink.asIndirectExpr(1) = fopen and
-  config.hasFlow(source, sink)
+  EnvironmentToFileFlow::hasFlow(source, sink)
 select fopen, "This 'fopen' uses data from $@.", getenv, "call to 'getenv'"

cpp/ql/test/examples/docs-examples/analyzing-data-flow-in-cpp/index-flow-from-ntohl.ql

@@ -2,18 +2,16 @@ import cpp
 import semmle.code.cpp.controlflow.Guards
 import semmle.code.cpp.dataflow.new.TaintTracking
 
-class NetworkToBufferSizeConfiguration extends TaintTracking::Configuration {
-  NetworkToBufferSizeConfiguration() { this = "NetworkToBufferSizeConfiguration" }
-
-  override predicate isSource(DataFlow::Node node) {
+module NetworkToBufferSizeConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) {
     node.asExpr().(FunctionCall).getTarget().hasGlobalName("ntohl")
   }
 
-  override predicate isSink(DataFlow::Node node) {
+  predicate isSink(DataFlow::Node node) {
     exists(ArrayExpr ae | node.asExpr() = ae.getArrayOffset())
   }
 
-  override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
+  predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
     exists(Loop loop, LoopCounter lc |
       loop = lc.getALoop() and
       loop.getControllingExpr().(RelationalOperation).getGreaterOperand() = pred.asExpr()
@@ -22,7 +20,7 @@ class NetworkToBufferSizeConfiguration extends TaintTracking::Configuration {
     )
   }
 
-  override predicate isSanitizer(DataFlow::Node node) {
+  predicate isBarrier(DataFlow::Node node) {
     exists(GuardCondition gc, Variable v |
       gc.getAChild*() = v.getAnAccess() and
       node.asExpr() = v.getAnAccess() and
@@ -32,7 +30,9 @@ class NetworkToBufferSizeConfiguration extends TaintTracking::Configuration {
   }
 }
 
-from DataFlow::Node ntohl, DataFlow::Node offset, NetworkToBufferSizeConfiguration conf
-where conf.hasFlow(ntohl, offset)
+module NetworkToBufferSizeFlow = TaintTracking::Make<NetworkToBufferSizeConfig>;
+
+from DataFlow::Node ntohl, DataFlow::Node offset
+where NetworkToBufferSizeFlow::hasFlow(ntohl, offset)
 select offset, "This array offset may be influenced by $@.", ntohl,
   "converted data from the network"