C++: Update NonConstantFormat with DataFlow::ConfigSig

jketema · jketema · commit e65ba13da453 · 2023-03-08T15:04:52.000+01:00
diff --git a/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql b/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql
@@ -120,7 +120,7 @@ predicate isNonConst(DataFlow::Node node, boolean isIndirect) {
 }
 
 pragma[noinline]
-predicate isSanitizerNode(DataFlow::Node node) {
+predicate isBarrierNode(DataFlow::Node node) {
   underscoreMacro([node.asExpr(), node.asIndirectExpr()])
   or
   exists(node.asExpr()) and
@@ -132,27 +132,27 @@ predicate isSinkImpl(DataFlow::Node sink, Expr formatString) {
   exists(FormattingFunctionCall fc | formatString = fc.getArgument(fc.getFormatParameterIndex()))
 }
 
-class NonConstFlow extends TaintTracking::Configuration {
-  NonConstFlow() { this = "NonConstFlow" }
-
-  override predicate isSource(DataFlow::Node source) {
+module NonConstFlowConfiguration implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
     exists(boolean isIndirect, Type t |
       isNonConst(source, isIndirect) and
       t = source.getType() and
       not cannotContainString(t, isIndirect)
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _) }
+  predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _) }
 
-  override predicate isSanitizer(DataFlow::Node node) { isSanitizerNode(node) }
+  predicate isBarrier(DataFlow::Node node) { isBarrierNode(node) }
 }
 
+module NonConstFlow = TaintTracking::Make<NonConstFlowConfiguration>;
+
 from FormattingFunctionCall call, Expr formatString
 where
   call.getArgument(call.getFormatParameterIndex()) = formatString and
-  exists(NonConstFlow cf, DataFlow::Node sink |
-    cf.hasFlowTo(sink) and
+  exists(DataFlow::Node sink |
+    NonConstFlow::hasFlowTo(sink) and
     isSinkImpl(sink, formatString)
   )
 select formatString,
