C#: Re-factor the invalidModelRow predicate.

michaelnebel · michaelnebel · commit 4c59cfb296c9 · 2022-08-24T09:58:52.000+02:00
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/CsvValidation.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/CsvValidation.qll
@@ -6,42 +6,7 @@ private import internal.FlowSummaryImpl::Private::External
 private import internal.FlowSummaryImplSpecific
 private import ExternalFlow
 
-/** Holds if some row in a CSV-based flow model appears to contain typos. */
-query predicate invalidModelRow(string msg) {
-  exists(
-    string pred, string namespace, string type, string name, string signature, string ext,
-    string provenance
-  |
-    sourceModel(namespace, type, _, name, signature, ext, _, _, provenance) and pred = "source"
-    or
-    sinkModel(namespace, type, _, name, signature, ext, _, _, provenance) and pred = "sink"
-    or
-    summaryModel(namespace, type, _, name, signature, ext, _, _, _, provenance) and
-    pred = "summary"
-    or
-    negativeSummaryModel(namespace, type, name, signature, provenance) and
-    ext = "" and
-    pred = "nonesummary"
-  |
-    not namespace.regexpMatch("[a-zA-Z0-9_\\.]+") and
-    msg = "Dubious namespace \"" + namespace + "\" in " + pred + " model."
-    or
-    not type.regexpMatch("[a-zA-Z0-9_<>,\\+]+") and
-    msg = "Dubious type \"" + type + "\" in " + pred + " model."
-    or
-    not name.regexpMatch("[a-zA-Z0-9_<>,]*") and
-    msg = "Dubious member name \"" + name + "\" in " + pred + " model."
-    or
-    not signature.regexpMatch("|\\([a-zA-Z0-9_<>\\.\\+\\*,\\[\\]]*\\)") and
-    msg = "Dubious signature \"" + signature + "\" in " + pred + " model."
-    or
-    not ext.regexpMatch("|Attribute") and
-    msg = "Unrecognized extra API graph element \"" + ext + "\" in " + pred + " model."
-    or
-    not provenance = ["manual", "generated"] and
-    msg = "Unrecognized provenance description \"" + provenance + "\" in " + pred + " model."
-  )
-  or
+private string getInvalidModelInput() {
   exists(string pred, AccessPath input, string part |
     sinkModel(_, _, _, _, _, _, input, _, _) and pred = "sink"
     or
@@ -56,9 +21,11 @@ query predicate invalidModelRow(string msg) {
       part = input.getToken(_) and
       parseParam(part, _)
     ) and
-    msg = "Unrecognized input specification \"" + part + "\" in " + pred + " model."
+    result = "Unrecognized input specification \"" + part + "\" in " + pred + " model."
   )
-  or
+}
+
+private string getInvalidModelOutput() {
   exists(string pred, string output, string part |
     sourceModel(_, _, _, _, _, _, output, _, _) and pred = "source"
     or
@@ -67,9 +34,47 @@ query predicate invalidModelRow(string msg) {
     invalidSpecComponent(output, part) and
     not part = "" and
     not (part = ["Argument", "Parameter"] and pred = "source") and
-    msg = "Unrecognized output specification \"" + part + "\" in " + pred + " model."
+    result = "Unrecognized output specification \"" + part + "\" in " + pred + " model."
+  )
+}
+
+private string getInvalidModelKind() {
+  exists(string row, string kind | summaryModel(row) |
+    kind = row.splitAt(";", 8) and
+    not kind = ["taint", "value"] and
+    result = "Invalid kind \"" + kind + "\" in summary model."
   )
   or
+  exists(string row, string kind | sinkModel(row) |
+    kind = row.splitAt(";", 7) and
+    not kind = ["code", "sql", "xss", "remote", "html"] and
+    result = "Invalid kind \"" + kind + "\" in sink model."
+  )
+  or
+  exists(string row, string kind | sourceModel(row) |
+    kind = row.splitAt(";", 7) and
+    not kind = "local" and
+    result = "Invalid kind \"" + kind + "\" in source model."
+  )
+}
+
+private string getInvalidModelSubtype() {
+  exists(string pred, string row, int expect |
+    sourceModel(row) and expect = 9 and pred = "source"
+    or
+    sinkModel(row) and expect = 9 and pred = "sink"
+    or
+    summaryModel(row) and expect = 10 and pred = "summary"
+  |
+    exists(string b |
+      b = row.splitAt(";", 2) and
+      not b = ["true", "false"] and
+      result = "Invalid boolean \"" + b + "\" in " + pred + " model."
+    )
+  )
+}
+
+private string getInvalidModelColumnCount() {
   exists(string pred, string row, int expect |
     sourceModel(row) and expect = 9 and pred = "source"
     or
@@ -80,33 +85,56 @@ query predicate invalidModelRow(string msg) {
     exists(int cols |
       cols = 1 + max(int n | exists(row.splitAt(";", n))) and
       cols != expect and
-      msg =
+      result =
         "Wrong number of columns in " + pred + " model row, expected " + expect + ", got " + cols +
           " in " + row + "."
     )
+  )
+}
+
+/** Holds if some row in a CSV-based flow model appears to contain typos. */
+query predicate invalidModelRow(string msg) {
+  exists(
+    string pred, string namespace, string type, string name, string signature, string ext,
+    string provenance
+  |
+    sourceModel(namespace, type, _, name, signature, ext, _, _, provenance) and pred = "source"
     or
-    exists(string b |
-      b = row.splitAt(";", 2) and
-      not b = ["true", "false"] and
-      msg = "Invalid boolean \"" + b + "\" in " + pred + " model."
-    )
+    sinkModel(namespace, type, _, name, signature, ext, _, _, provenance) and pred = "sink"
+    or
+    summaryModel(namespace, type, _, name, signature, ext, _, _, _, provenance) and
+    pred = "summary"
+    or
+    negativeSummaryModel(namespace, type, name, signature, provenance) and
+    ext = "" and
+    pred = "nonesummary"
+  |
+    not namespace.regexpMatch("[a-zA-Z0-9_\\.]+") and
+    msg = "Dubious namespace \"" + namespace + "\" in " + pred + " model."
+    or
+    not type.regexpMatch("[a-zA-Z0-9_<>,\\+]+") and
+    msg = "Dubious type \"" + type + "\" in " + pred + " model."
+    or
+    not name.regexpMatch("[a-zA-Z0-9_<>,]*") and
+    msg = "Dubious member name \"" + name + "\" in " + pred + " model."
+    or
+    not signature.regexpMatch("|\\([a-zA-Z0-9_<>\\.\\+\\*,\\[\\]]*\\)") and
+    msg = "Dubious signature \"" + signature + "\" in " + pred + " model."
+    or
+    not ext.regexpMatch("|Attribute") and
+    msg = "Unrecognized extra API graph element \"" + ext + "\" in " + pred + " model."
+    or
+    not provenance = ["manual", "generated"] and
+    msg = "Unrecognized provenance description \"" + provenance + "\" in " + pred + " model."
   )
   or
-  exists(string row, string kind | summaryModel(row) |
-    kind = row.splitAt(";", 8) and
-    not kind = ["taint", "value"] and
-    msg = "Invalid kind \"" + kind + "\" in summary model."
-  )
+  msg = getInvalidModelInput()
   or
-  exists(string row, string kind | sinkModel(row) |
-    kind = row.splitAt(";", 7) and
-    not kind = ["code", "sql", "xss", "remote", "html"] and
-    msg = "Invalid kind \"" + kind + "\" in sink model."
-  )
+  msg = getInvalidModelOutput()
   or
-  exists(string row, string kind | sourceModel(row) |
-    kind = row.splitAt(";", 7) and
-    not kind = "local" and
-    msg = "Invalid kind \"" + kind + "\" in source model."
-  )
+  msg = getInvalidModelSubtype()
+  or
+  msg = getInvalidModelColumnCount()
+  or
+  msg = getInvalidModelKind()
 }
