Swift: Use FlowSummaryImpl from dataflow pack

Author: hvitved

config/identical-files.json

@@ -53,10 +53,6 @@
     "ruby/ql/lib/codeql/ruby/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
     "swift/ql/lib/codeql/swift/dataflow/internal/tainttracking1/TaintTrackingImpl.qll"
   ],
-  "DataFlow Java/C#/Go/Ruby/Python/Swift Flow Summaries": [
-    "java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll",
-    "swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll"
-  ],
   "SsaReadPosition Java/C#": [
     "java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll",
     "csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll"
@@ -462,10 +458,6 @@
     "python/ql/lib/semmle/python/dataflow/new/internal/SummaryTypeTracker.qll",
     "ruby/ql/lib/codeql/ruby/typetracking/internal/SummaryTypeTracker.qll"
   ],
-  "AccessPathSyntax": [
-    "java/ql/lib/semmle/code/java/dataflow/internal/AccessPathSyntax.qll",
-    "swift/ql/lib/codeql/swift/dataflow/internal/AccessPathSyntax.qll"
-  ],
   "IncompleteUrlSubstringSanitization": [
     "javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.qll",
     "ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.qll"

swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll

@@ -66,13 +66,13 @@
  */
 
 import swift
-private import internal.AccessPathSyntax
 private import internal.DataFlowDispatch
 private import internal.DataFlowPrivate
 private import internal.DataFlowPublic
+private import internal.FlowSummaryImpl
 private import internal.FlowSummaryImpl::Public
+private import internal.FlowSummaryImpl::Private
 private import internal.FlowSummaryImpl::Private::External
-private import internal.FlowSummaryImplSpecific
 private import FlowSummary as FlowSummary
 private import codeql.mad.ModelValidation as SharedModelVal
 
@@ -451,7 +451,7 @@ Element interpretElement(
   )
 }
 
-private predicate parseField(AccessPathToken c, Content::FieldContent f) {
+deprecated private predicate parseField(AccessPathToken c, Content::FieldContent f) {
   exists(string fieldRegex, string name |
     c.getName() = "Field" and
     fieldRegex = "^([^.]+)$" and
@@ -460,12 +460,12 @@ private predicate parseField(AccessPathToken c, Content::FieldContent f) {
   )
 }
 
-private predicate parseTuple(AccessPathToken c, Content::TupleContent t) {
+deprecated private predicate parseTuple(AccessPathToken c, Content::TupleContent t) {
   c.getName() = "TupleElement" and
   t.getIndex() = c.getAnArgument().toInt()
 }
 
-private predicate parseEnum(AccessPathToken c, Content::EnumContent e) {
+deprecated private predicate parseEnum(AccessPathToken c, Content::EnumContent e) {
   c.getName() = "EnumElement" and
   c.getAnArgument() = e.getSignature()
   or
@@ -474,7 +474,7 @@ private predicate parseEnum(AccessPathToken c, Content::EnumContent e) {
 }
 
 /** Holds if the specification component parses as a `Content`. */
-predicate parseContent(AccessPathToken component, Content content) {
+deprecated predicate parseContent(AccessPathToken component, Content content) {
   parseField(component, content)
   or
   parseTuple(component, content)
@@ -497,7 +497,9 @@ private module Cached {
    */
   cached
   predicate sourceNode(Node node, string kind) {
-    exists(InterpretNode n | isSourceNode(n, kind) and n.asNode() = node)
+    exists(SourceSinkInterpretationInput::InterpretNode n |
+      isSourceNode(n, kind) and n.asNode() = node
+    )
   }
 
   /**
@@ -506,8 +508,71 @@ private module Cached {
    */
   cached
   predicate sinkNode(Node node, string kind) {
-    exists(InterpretNode n | isSinkNode(n, kind) and n.asNode() = node)
+    exists(SourceSinkInterpretationInput::InterpretNode n |
+      isSinkNode(n, kind) and n.asNode() = node
+    )
   }
 }
 
 import Cached
+
+private predicate interpretSummary(
+  Function f, string input, string output, string kind, string provenance
+) {
+  exists(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext
+  |
+    summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) and
+    f = interpretElement(namespace, type, subtypes, name, signature, ext)
+  )
+}
+
+private class SummarizedCallableAdapter extends SummarizedCallable {
+  SummarizedCallableAdapter() { interpretSummary(this, _, _, _, _) }
+
+  private predicate relevantSummaryElementManual(string input, string output, string kind) {
+    exists(Provenance provenance |
+      interpretSummary(this, input, output, kind, provenance) and
+      provenance.isManual()
+    )
+  }
+
+  private predicate relevantSummaryElementGenerated(string input, string output, string kind) {
+    exists(Provenance provenance |
+      interpretSummary(this, input, output, kind, provenance) and
+      provenance.isGenerated()
+    )
+  }
+
+  override predicate propagatesFlow(string input, string output, boolean preservesValue) {
+    exists(string kind |
+      this.relevantSummaryElementManual(input, output, kind)
+      or
+      not this.relevantSummaryElementManual(_, _, _) and
+      this.relevantSummaryElementGenerated(input, output, kind)
+    |
+      if kind = "value" then preservesValue = true else preservesValue = false
+    )
+  }
+
+  override predicate hasProvenance(Provenance provenance) {
+    interpretSummary(this, _, _, _, provenance)
+  }
+}
+
+private class NeutralCallableAdapter extends NeutralCallable {
+  string kind;
+  string provenance_;
+
+  NeutralCallableAdapter() {
+    // Neutral models have not been implemented for Swift.
+    none() and
+    exists(this) and
+    exists(kind) and
+    exists(provenance_)
+  }
+
+  override string getKind() { result = kind }
+
+  override predicate hasProvenance(Provenance provenance) { provenance = provenance_ }
+}

swift/ql/lib/codeql/swift/dataflow/FlowSummary.qll

@@ -13,36 +13,14 @@ private module Summaries {
   private import codeql.swift.frameworks.Frameworks
 }
 
-class SummaryComponent = Impl::Public::SummaryComponent;
+deprecated class SummaryComponent = Impl::Private::SummaryComponent;
 
-/** Provides predicates for constructing summary components. */
-module SummaryComponent {
-  private import Impl::Public::SummaryComponent as SummaryComponentInternal
+deprecated module SummaryComponent = Impl::Private::SummaryComponent;
 
-  predicate content = SummaryComponentInternal::content/1;
+deprecated class SummaryComponentStack = Impl::Private::SummaryComponentStack;
 
-  predicate parameter = SummaryComponentInternal::parameter/1;
-
-  predicate argument = SummaryComponentInternal::argument/1;
-
-  predicate return = SummaryComponentInternal::return/1;
-}
-
-class SummaryComponentStack = Impl::Public::SummaryComponentStack;
-
-/** Provides predicates for constructing stacks of summary components. */
-module SummaryComponentStack {
-  private import Impl::Public::SummaryComponentStack as SummaryComponentStackInternal
-
-  predicate singleton = SummaryComponentStackInternal::singleton/1;
-
-  predicate push = SummaryComponentStackInternal::push/2;
-
-  predicate argument = SummaryComponentStackInternal::argument/1;
-
-  predicate return = SummaryComponentStackInternal::return/1;
-}
+deprecated module SummaryComponentStack = Impl::Private::SummaryComponentStack;
 
 class SummarizedCallable = Impl::Public::SummarizedCallable;
 
-class RequiredSummaryComponentStack = Impl::Public::RequiredSummaryComponentStack;
+deprecated class RequiredSummaryComponentStack = Impl::Private::RequiredSummaryComponentStack;

swift/ql/lib/codeql/swift/dataflow/internal/AccessPathSyntax.qll

@@ -5,7 +5,6 @@ private import codeql.swift.controlflow.ControlFlowGraph
 private import codeql.swift.controlflow.CfgNodes
 private import codeql.swift.controlflow.internal.Scope
 private import FlowSummaryImpl as FlowSummaryImpl
-private import FlowSummaryImplSpecific as FlowSummaryImplSpecific
 private import codeql.swift.dataflow.FlowSummary as FlowSummary
 
 newtype TReturnKind =