github · egregius313 · Apr 18, 2023 · Apr 13, 2023 · Apr 13, 2023 · Apr 14, 2023
@@ -1,18 +1,16 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:extension-method" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().hasName("taint")
   }
 
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,16 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:foreach-array-iterator" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().hasName("taint")
   }
 
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,14 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:lambdaFlow" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
 
-  override predicate isSource(DataFlow::Node n) {
-    n.asExpr().(MethodAccess).getMethod().hasName("taint")
-  }
-
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,14 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:notNullExprFlow" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
 
-  override predicate isSource(DataFlow::Node n) {
-    n.asExpr().(MethodAccess).getMethod().hasName("taint")
-  }
-
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,16 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 
-class Conf extends DataFlow::Configuration {
-  Conf() { this = "qltest:exprStmtFlow" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(ClassInstanceExpr).getType().(RefType).getASupertype*().hasName("Source")
   }
 
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = DataFlow::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,14 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "kttaintconf" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
 
-  override predicate isSource(DataFlow::Node n) {
-    n.asExpr().(MethodAccess).getMethod().hasName("taint")
-  }
-
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,18 +1,14 @@
 import java
 import semmle.code.java.dataflow.TaintTracking
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:notNullExprFlow" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
 
-  override predicate isSource(DataFlow::Node n) {
-    n.asExpr().(MethodAccess).getMethod().hasName("taint")
-  }
-
-  override predicate isSink(DataFlow::Node n) {
-    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
-  }
+  predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
 }
 
-from DataFlow::Node src, DataFlow::Node sink, Conf conf
-where conf.hasFlow(src, sink)
+module Flow = TaintTracking::Global<Config>;
+
+from DataFlow::Node src, DataFlow::Node sink
+where Flow::flow(src, sink)
 select src, sink
@@ -1,20 +1,20 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 
-class Config extends DataFlow::Configuration {
-  Config() { this = "Config" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(StringLiteral).getValue() = "Source" }
 
-  override predicate isSource(DataFlow::Node n) { n.asExpr().(StringLiteral).getValue() = "Source" }
-
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().getName() = "sink"
   }
 }
 
+module Flow = DataFlow::Global<Config>;
+
 query predicate isFinalField(Field f) {
   exists(FieldDeclaration f2 | f = f2.getAField()) and f.isFinal()
 }
 
 from DataFlow::Node source, DataFlow::Node sink
-where any(Config c).hasFlow(source, sink)
+where Flow::flow(source, sink)
 select source, sink
@@ -1,18 +1,18 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 
-class Config extends DataFlow::Configuration {
-  Config() { this = "config" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(MethodAccess).getCallee().getName() = "source"
   }
 
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().getName() = "sink"
   }
 }
 
-from Config c, DataFlow::Node source, DataFlow::Node sink
-where c.hasFlow(source, sink)
+module Flow = DataFlow::Global<Config>;
+
+from DataFlow::Node source, DataFlow::Node sink
+where Flow::flow(source, sink)
 select source, sink, source.getEnclosingCallable()
@@ -12,21 +12,21 @@ class ShouldBeSunk extends StringLiteral {
   }
 }
 
-class Config extends DataFlow::Configuration {
-  Config() { this = "Config" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr() instanceof ShouldBeSunk or
     n.asExpr() instanceof ShouldNotBeSunk
   }
 
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().getName() = "sink"
   }
 }
 
+module Flow = DataFlow::Global<Config>;
+
 predicate isSunk(StringLiteral sl) {
-  exists(Config c, DataFlow::Node source | c.hasFlow(source, _) and sl = source.asExpr())
+  exists(DataFlow::Node source | Flow::flow(source, _) and sl = source.asExpr())
 }
 
 query predicate shouldBeSunkButIsnt(ShouldBeSunk src) { not isSunk(src) }

@@ -1,18 +1,18 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 
-class Config extends DataFlow::Configuration {
-  Config() { this = "abc" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(MethodAccess).getMethod().getName() = "source"
   }
 
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     n.asExpr().(Argument).getCall().getCallee().getName() = "sink"
   }
 }
 
-from Config c, DataFlow::Node n1, DataFlow::Node n2
-where c.hasFlow(n1, n2)
+module Flow = DataFlow::Global<Config>;
+
+from DataFlow::Node n1, DataFlow::Node n2
+where Flow::flow(n1, n2)
 select n1, n2
@@ -1,18 +1,18 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 
-class Config extends DataFlow::Configuration {
-  Config() { this = "varargs-dataflow-test" }
-
-  override predicate isSource(DataFlow::Node n) {
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) {
     n.asExpr().(CompileTimeConstantExpr).getEnclosingCallable().fromSource()
   }
 
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     n.asExpr() = any(MethodAccess ma | ma.getMethod().getName() = "sink").getAnArgument()
   }
 }
 
-from DataFlow::Node source, DataFlow::Node sink, Config c
-where c.hasFlow(source, sink)
+module Flow = DataFlow::Global<Config>;
+
+from DataFlow::Node source, DataFlow::Node sink
+where Flow::flow(source, sink)
 select source, sink
@@ -4,21 +4,21 @@
 
 import java
 import semmle.code.java.dataflow.DataFlow
-import DataFlow::PathGraph
+import Flow::PathGraph
 
-class Conf extends DataFlow::Configuration {
-  Conf() { this = "CallSensitiveFlowConf" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ClassInstanceExpr }
 
-  override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ClassInstanceExpr }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(MethodAccess ma |
       ma.getMethod().hasName("sink") and
       ma.getAnArgument() = sink.asExpr()
     )
   }
 }
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, Conf conf
-where conf.hasFlowPath(source, sink)
+module Flow = DataFlow::Global<Config>;
+
+from Flow::PathNode source, Flow::PathNode sink
+where Flow::flowPath(source, sink)
 select source, source, sink, "$@", sink, sink.toString()
@@ -2,26 +2,24 @@ import java
 import semmle.code.java.dataflow.DataFlow
 import TestUtilities.InlineExpectationsTest
 
-class Conf extends DataFlow::Configuration {
-  Conf() { this = "qltest:callback-dispatch" }
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
 
-  override predicate isSource(DataFlow::Node n) {
-    n.asExpr().(MethodAccess).getMethod().hasName("source")
-  }
-
-  override predicate isSink(DataFlow::Node n) {
+  predicate isSink(DataFlow::Node n) {
     exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
   }
 }
 
+module Flow = DataFlow::Global<Config>;
+
 class HasFlowTest extends InlineExpectationsTest {
   HasFlowTest() { this = "HasFlowTest" }
 
   override string getARelevantTag() { result = "flow" }
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "flow" and
-    exists(DataFlow::Node src, DataFlow::Node sink, Conf conf | conf.hasFlow(src, sink) |
+    exists(DataFlow::Node src, DataFlow::Node sink | Flow::flow(src, sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = src.asExpr().(MethodAccess).getAnArgument().toString()