Python: update synced file FlowSummaryImpl.qll

yoff · yoff · commit d9444d8b0875 · 2022-08-25T09:31:45.000Z
diff --git a/config/identical-files.json b/config/identical-files.json
@@ -72,7 +72,7 @@
     "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll",
     "swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll"
   ],
-  "DataFlow Java/C# Flow Summaries": [
+  "DataFlow Java/C#/Ruby/Python/Swift Flow Summaries": [
     "java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll",
     "csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll",
     "ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll",
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
@@ -240,6 +240,16 @@ module Public {
      */
     predicate isAutoGenerated() { none() }
   }
+
+  /** A callable with a flow summary stating there is no flow via the callable. */
+  class NegativeSummarizedCallable extends SummarizedCallableBase {
+    NegativeSummarizedCallable() { negativeSummaryElement(this, _) }
+
+    /**
+     *  Holds if the negative summary is auto generated.
+     */
+    predicate isAutoGenerated() { negativeSummaryElement(this, true) }
+  }
 }
 
 /**
@@ -1094,7 +1104,7 @@ module Private {
 
   /** Provides a query predicate for outputting a set of relevant flow summaries. */
   module TestOutput {
-    /** A flow summary to include in the `summary/3` query predicate. */
+    /** A flow summary to include in the `summary/1` query predicate. */
     abstract class RelevantSummarizedCallable instanceof SummarizedCallable {
       /** Gets the string representation of this callable used by `summary/1`. */
       abstract string getCallableCsv();
@@ -1109,15 +1119,27 @@ module Private {
       string toString() { result = super.toString() }
     }
 
+    /** A flow summary to include in the `negativeSummary/1` query predicate. */
+    abstract class RelevantNegativeSummarizedCallable instanceof NegativeSummarizedCallable {
+      /** Gets the string representation of this callable used by `summary/1`. */
+      abstract string getCallableCsv();
+
+      string toString() { result = super.toString() }
+    }
+
     /** Render the kind in the format used in flow summaries. */
     private string renderKind(boolean preservesValue) {
       preservesValue = true and result = "value"
       or
       preservesValue = false and result = "taint"
     }
 
-    private string renderProvenance(RelevantSummarizedCallable c) {
-      if c.(SummarizedCallable).isAutoGenerated() then result = "generated" else result = "manual"
+    private string renderProvenance(SummarizedCallable c) {
+      if c.isAutoGenerated() then result = "generated" else result = "manual"
+    }
+
+    private string renderProvenanceNegative(NegativeSummarizedCallable c) {
+      if c.isAutoGenerated() then result = "generated" else result = "manual"
     }
 
     /**
@@ -1132,8 +1154,23 @@ module Private {
       |
         c.relevantSummary(input, output, preservesValue) and
         csv =
-          c.getCallableCsv() + getComponentStackCsv(input) + ";" + getComponentStackCsv(output) +
-            ";" + renderKind(preservesValue) + ";" + renderProvenance(c)
+          c.getCallableCsv() // Callable information
+            + getComponentStackCsv(input) + ";" // input
+            + getComponentStackCsv(output) + ";" // output
+            + renderKind(preservesValue) + ";" // kind
+            + renderProvenance(c) // provenance
+      )
+    }
+
+    /**
+     * Holds if a negative flow summary `csv` exists (semi-colon separated format). Used for testing purposes.
+     * The syntax is: "namespace;type;name;signature;provenance"",
+     */
+    query predicate negativeSummary(string csv) {
+      exists(RelevantNegativeSummarizedCallable c |
+        csv =
+          c.getCallableCsv() // Callable information
+            + renderProvenanceNegative(c) // provenance
       )
     }
   }
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll
@@ -58,6 +58,13 @@ predicate summaryElement(
   )
 }
 
+/**
+ * Holds if a negative flow summary exists for `c`, which means that there is no
+ * flow through `c`. The flag `generated` states whether the summary is autogenerated.
+ * Note. Negative flow summaries has not been implemented for Python.
+ */
+predicate negativeSummaryElement(FlowSummary::SummarizedCallable c, boolean generated) { none() }
+
 /**
  * Gets the summary component for specification component `c`, if any.
  *

Original file line number	Diff line number	Diff line change
`@@ -58,6 +58,13 @@ predicate summaryElement(`
`58`	`58`	`)`
`59`	`59`	`}`
`60`	`60`
	`61`	`+/**`
	`62`	+ * Holds if a negative flow summary exists for `c`, which means that there is no
	`63`	+ * flow through `c`. The flag `generated` states whether the summary is autogenerated.
	`64`	`+ * Note. Negative flow summaries has not been implemented for Python.`
	`65`	`+ */`
	`66`	`+predicate negativeSummaryElement(FlowSummary::SummarizedCallable c, boolean generated) { none() }`
	`67`	`+`
`61`	`68`	`/**`
`62`	`69`	* Gets the summary component for specification component `c`, if any.
`63`	`70`	`*`