Merge pull request github#12980 from yoff/python/update-taint-debug

python: update debug queries

Author: yoff

python/ql/test/experimental/dataflow/testConfig.qll

@@ -46,6 +46,4 @@ class TestConfiguration extends DataFlow::Configuration {
   }
 
   override predicate isBarrierIn(DataFlow::Node node) { this.isSource(node) }
-
-  override int explorationLimit() { result = 5 }
 }

python/ql/test/experimental/dataflow/testTaintConfig.qll

@@ -46,6 +46,4 @@ class TestConfiguration extends TaintTracking::Configuration {
   }
 
   override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) }
-
-  override int explorationLimit() { result = 5 }
 }

python/ql/test/experimental/meta/debug/InlineTaintTestPaths.ql

@@ -9,17 +9,27 @@
 // 3. if necessary, look at partial paths by (un)commenting appropriate lines
 import python
 import semmle.python.dataflow.new.DataFlow
+import semmle.python.dataflow.new.TaintTracking
 import experimental.meta.InlineTaintTest::Conf
-// import DataFlow::PartialPathGraph
-import DataFlow::PathGraph
 
-class Conf extends TestTaintTrackingConfiguration {
-  // override int explorationLimit() { result = 5 }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
+    any(TestTaintTrackingConfiguration c).isSource(source)
+  }
+
+  predicate isSink(DataFlow::Node source) { any(TestTaintTrackingConfiguration c).isSink(source) }
 }
 
-// from Conf config, DataFlow::PartialPathNode source, DataFlow::PartialPathNode sink
-// where config.hasPartialFlow(source, sink, _)
-from Conf config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
+module Flows = TaintTracking::Global<Config>;
+
+import Flows::PathGraph
+
+// int explorationLimit() { result = 5 }
+// module FlowsPartial = Flows::FlowExploration<explorationLimit/0>;
+// import FlowsPartial::PartialPathGraph
+from Flows::PathNode source, Flows::PathNode sink
+where Flows::flowPath(source, sink)
+// from FlowsPartial::PartialPathNode source, FlowsPartial::PartialPathNode sink
+// where FlowsPartial::partialFlow(source, sink, _)
 select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
   "this source"

python/ql/test/experimental/meta/debug/dataflowTestPaths.ql

@@ -10,16 +10,23 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 import experimental.dataflow.testConfig
-// import DataFlow::PartialPathGraph
-import DataFlow::PathGraph
 
-class Conf extends TestConfiguration {
-  override int explorationLimit() { result = 5 }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { any(TestConfiguration c).isSource(source) }
+
+  predicate isSink(DataFlow::Node source) { any(TestConfiguration c).isSink(source) }
 }
 
-// from Conf config, DataFlow::PartialPathNode source, DataFlow::PartialPathNode sink
-// where config.hasPartialFlow(source, sink, _)
-from Conf config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
+module Flows = DataFlow::Global<Config>;
+
+import Flows::PathGraph
+
+// int explorationLimit() { result = 5 }
+// module FlowsPartial = Flows::FlowExploration<explorationLimit/0>;
+// import FlowsPartial::PartialPathGraph
+from Flows::PathNode source, Flows::PathNode sink
+where Flows::flowPath(source, sink)
+// from FlowsPartial::PartialPathNode source, FlowsPartial::PartialPathNode sink
+// where FlowsPartial::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "This node receives flow from $@.", source.getNode(),
   "this source"