Ruby: Remove deprecated configuration classes referencing deleted api.

Author: aschackmull

ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll

@@ -9,22 +9,6 @@ private import codeql.ruby.TaintTracking
 private import codeql.ruby.ApiGraphs
 import UnicodeBypassValidationCustomizations::UnicodeBypassValidation
 
-/**
- * A state signifying that a logical validation has not been performed.
- * DEPRECATED: Use `PreValidationState()`
- */
-deprecated class PreValidation extends DataFlow::FlowState {
-  PreValidation() { this = "PreValidation" }
-}
-
-/**
- * A state signifying that a logical validation has been performed.
- * DEPRECATED: Use `PostValidationState()`
- */
-deprecated class PostValidation extends DataFlow::FlowState {
-  PostValidation() { this = "PostValidation" }
-}
-
 /**
  * A state signifying if a logical validation has been performed or not.
  */
@@ -34,40 +18,6 @@ private newtype ValidationState =
   // A state signifying that a logical validation has been performed.
   PostValidationState()
 
-/**
- * A taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities.
- *
- * This configuration uses two flow states, `PreValidation` and `PostValidation`,
- * to track the requirement that a logical validation has been performed before the Unicode Transformation.
- * DEPRECATED: Use `UnicodeBypassValidationFlow`
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "UnicodeBypassValidation" }
-
-  private ValidationState convertState(DataFlow::FlowState state) {
-    state instanceof PreValidation and result = PreValidationState()
-    or
-    state instanceof PostValidation and result = PostValidationState()
-  }
-
-  override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) {
-    UnicodeBypassValidationConfig::isSource(source, this.convertState(state))
-  }
-
-  override predicate isAdditionalTaintStep(
-    DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo,
-    DataFlow::FlowState stateTo
-  ) {
-    UnicodeBypassValidationConfig::isAdditionalFlowStep(nodeFrom, this.convertState(stateFrom),
-      nodeTo, this.convertState(stateTo))
-  }
-
-  /* A Unicode Tranformation (Unicode tranformation) is considered a sink when the algorithm used is either NFC or NFKC.  */
-  override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) {
-    UnicodeBypassValidationConfig::isSink(sink, this.convertState(state))
-  }
-}
-
 /**
  * A taint-tracking configuration for detecting "Unicode transformation mishandling" vulnerabilities.
  *

ruby/ql/lib/codeql/ruby/experimental/ZipSlipQuery.qll

@@ -9,35 +9,6 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.TaintTracking
 private import codeql.ruby.ApiGraphs
 
-/**
- * A taint-tracking configuration for reasoning about zip slip
- * vulnerabilities.
- * DEPRECATED: Use `ZipSlipFlow`
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "ZipSlip" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof ZipSlip::Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof ZipSlip::Sink }
-
-  /**
-   * This should actually be
-   * `and cn = API::getTopLevelMember("Gem").getMember("Package").getMember("TarReader").getMember("Entry").getAMethodCall("full_name")` and similar for other classes
-   * but I couldn't make it work so there's only check for the method name called on the entry. It is `full_name` for `Gem::Package::TarReader::Entry` and `Zlib`
-   * and `name` for `Zip::File`
-   */
-  override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
-    exists(DataFlow::CallNode cn |
-      cn.getReceiver() = nodeFrom and
-      cn.getMethodName() in ["full_name", "name"] and
-      cn = nodeTo
-    )
-  }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof ZipSlip::Sanitizer }
-}
-
 private module ZipSlipConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof ZipSlip::Source }
 

ruby/ql/lib/codeql/ruby/security/CleartextLoggingQuery.qll

@@ -12,28 +12,6 @@ private import codeql.ruby.TaintTracking
 import CleartextLoggingCustomizations::CleartextLogging
 private import CleartextLoggingCustomizations::CleartextLogging as CL
 
-/**
- * A taint-tracking configuration for detecting "Clear-text logging of sensitive information".
- * DEPRECATED: Use `CleartextLoggingFlow` instead
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CleartextLogging" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof CL::Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof CL::Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    super.isSanitizer(node)
-    or
-    node instanceof CL::Sanitizer
-  }
-
-  override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
-    CL::isAdditionalTaintStep(nodeFrom, nodeTo)
-  }
-}
-
 private module Config implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof CL::Source }
 

ruby/ql/lib/codeql/ruby/security/CleartextStorageQuery.qll

@@ -11,28 +11,6 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.TaintTracking
 private import CleartextStorageCustomizations::CleartextStorage as CS
 
-/**
- * A taint-tracking configuration for detecting "Clear-text storage of sensitive information".
- * DEPRECATED: Use `CleartextStorageFlow` instead
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CleartextStorage" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof CS::Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof CS::Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    super.isSanitizer(node)
-    or
-    node instanceof CS::Sanitizer
-  }
-
-  override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
-    CS::isAdditionalTaintStep(nodeFrom, nodeTo)
-  }
-}
-
 private module Config implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof CS::Source }
 

ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll

@@ -14,18 +14,6 @@ private import codeql.ruby.frameworks.data.internal.ApiGraphModels
 module CodeInjection {
   /** Flow states used to distinguish whether an attacker controls the entire string. */
   module FlowState {
-    /**
-     * Flow state used for normal tainted data, where an attacker might only control a substring.
-     * DEPRECATED: Use `SubString()`
-     */
-    deprecated DataFlow::FlowState substring() { result = "substring" }
-
-    /**
-     * Flow state used for data that is entirely controlled by the attacker.
-     * DEPRECATED: Use `Full()`
-     */
-    deprecated DataFlow::FlowState full() { result = "full" }
-
     private newtype TState =
       TFull() or
       TSubString()
@@ -62,14 +50,6 @@ module CodeInjection {
    * A data flow source for "Code injection" vulnerabilities.
    */
   abstract class Source extends DataFlow::Node {
-    /**
-     * Gets a flow state for which this is a source.
-     * DEPRECATED: Use `getAState()`
-     */
-    deprecated DataFlow::FlowState getAFlowState() {
-      result = [FlowState::substring(), FlowState::full()]
-    }
-
     /** Gets a flow state for which this is a source. */
     FlowState::State getAState() {
       result instanceof FlowState::SubString or result instanceof FlowState::Full
@@ -80,14 +60,6 @@ module CodeInjection {
    * A data flow sink for "Code injection" vulnerabilities.
    */
   abstract class Sink extends DataFlow::Node {
-    /**
-     * Holds if this sink is safe for an attacker that only controls a substring.
-     * DEPRECATED: Use `getAState()`
-     */
-    deprecated DataFlow::FlowState getAFlowState() {
-      result = [FlowState::substring(), FlowState::full()]
-    }
-
     /** Holds if this sink is safe for an attacker that only controls a substring. */
     FlowState::State getAState() { any() }
   }
@@ -96,13 +68,6 @@ module CodeInjection {
    * A sanitizer for "Code injection" vulnerabilities.
    */
   abstract class Sanitizer extends DataFlow::Node {
-    /**
-     * Gets a flow state for which this is a sanitizer.
-     * Sanitizes all states if the result is empty.
-     * DEPRECATED: Use `getAState()`
-     */
-    deprecated DataFlow::FlowState getAFlowState() { none() }
-
     /**
      * Gets a flow state for which this is a sanitizer.
      * Sanitizes all states if the result is empty.
@@ -123,12 +88,6 @@ module CodeInjection {
 
     CodeExecutionAsSink() { this = c.getCode() }
 
-    deprecated override DataFlow::FlowState getAFlowState() {
-      if c.runsArbitraryCode()
-      then result = [FlowState::substring(), FlowState::full()] // If it runs arbitrary code then it's always vulnerable.
-      else result = FlowState::full() // If it "just" loads something, then it's only vulnerable if the attacker controls the entire string.
-    }
-
     override FlowState::State getAState() {
       if c.runsArbitraryCode()
       then any() // If it runs arbitrary code then it's always vulnerable.
@@ -153,8 +112,6 @@ module CodeInjection {
       )
     }
 
-    deprecated override DataFlow::FlowState getAFlowState() { result = FlowState::full() }
-
     override FlowState::State getAState() { result instanceof FlowState::Full }
   }
 

ruby/ql/lib/codeql/ruby/security/CodeInjectionQuery.qll

@@ -11,34 +11,6 @@ import codeql.ruby.TaintTracking
 import CodeInjectionCustomizations::CodeInjection
 import codeql.ruby.dataflow.BarrierGuards
 
-/**
- * A taint-tracking configuration for detecting "Code injection" vulnerabilities.
- * DEPRECATED: Use `CodeInjectionFlow` instead
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CodeInjection" }
-
-  override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) {
-    state = source.(Source).getAFlowState()
-  }
-
-  override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) {
-    state = sink.(Sink).getAFlowState()
-  }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    node instanceof Sanitizer and not exists(node.(Sanitizer).getAFlowState())
-    or
-    node instanceof StringConstCompareBarrier
-    or
-    node instanceof StringConstArrayInclusionCallBarrier
-  }
-
-  override predicate isSanitizer(DataFlow::Node node, DataFlow::FlowState state) {
-    node.(Sanitizer).getAFlowState() = state
-  }
-}
-
 private module Config implements DataFlow::StateConfigSig {
   class FlowState = FlowState::State;
 

ruby/ql/lib/codeql/ruby/security/CommandInjectionQuery.qll

@@ -13,24 +13,6 @@ import CommandInjectionCustomizations::CommandInjection
 import codeql.ruby.DataFlow
 import codeql.ruby.dataflow.BarrierGuards
 
-/**
- * A taint-tracking configuration for reasoning about command-injection vulnerabilities.
- * DEPRECATED: Use `CommandInjectionFlow` instead
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CommandInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    node instanceof Sanitizer or
-    node instanceof StringConstCompareBarrier or
-    node instanceof StringConstArrayInclusionCallBarrier
-  }
-}
-
 private module Config implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 

ruby/ql/lib/codeql/ruby/security/ConditionalBypassQuery.qll

@@ -11,23 +11,6 @@ private import codeql.ruby.TaintTracking
 private import codeql.ruby.security.SensitiveActions
 import ConditionalBypassCustomizations::ConditionalBypass
 
-/**
- * A taint tracking configuration for bypass of sensitive action guards.
- * DEPRECATED: Use `ConditionalBypassFlow` instead
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "ConditionalBypass" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    super.isSanitizer(node) or
-    node instanceof Sanitizer
-  }
-}
-
 private module Config implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 

ruby/ql/lib/codeql/ruby/security/HardcodedDataInterpretedAsCodeCustomizations.qll

@@ -19,18 +19,6 @@ module HardcodedDataInterpretedAsCode {
    * Flow states used to distinguish value-preserving flow from taint flow.
    */
   module FlowState {
-    /**
-     * Flow state used to track value-preserving flow.
-     * DEPRECATED: Use `Data()`
-     */
-    deprecated DataFlow::FlowState data() { result = "data" }
-
-    /**
-     * Flow state used to tainted data (non-value preserving flow).
-     * DEPRECATED: Use `Taint()`
-     */
-    deprecated DataFlow::FlowState taint() { result = "taint" }
-
     /**
      * Flow states used to distinguish value-preserving flow from taint flow.
      */
@@ -45,12 +33,6 @@ module HardcodedDataInterpretedAsCode {
    * A data flow source for hard-coded data.
    */
   abstract class Source extends DataFlow::Node {
-    /**
-     * Gets a flow label for which this is a source.
-     * DEPRECATED: Use `getALabel()`
-     */
-    deprecated DataFlow::FlowState getLabel() { result = FlowState::data() }
-
     /**
      * Gets a flow label for which this is a source.
      */
@@ -64,17 +46,6 @@ module HardcodedDataInterpretedAsCode {
     /** Gets a description of what kind of sink this is. */
     abstract string getKind();
 
-    /**
-     * Gets a flow label for which this is a sink.
-     * DEPRECATED: Use `getALabel()`
-     */
-    deprecated DataFlow::FlowState getLabel() {
-      // We want to ignore value-flow and only consider taint-flow, since the
-      // source is just a hex string, and evaluating that directly will just
-      // cause a syntax error.
-      result = FlowState::taint()
-    }
-
     /**
      * Gets a flow label for which this is a sink.
      */