@@ -17,20 +17,6 @@ private import semmle.code.java.dataflow.internal.ModelExclusions as ModelExclus
1717import AutomodelSharedCharacteristics as SharedCharacteristics
1818import AutomodelEndpointTypes as AutomodelEndpointTypes
1919
20- /**
21- * A meta data extractor. Any Java extraction mode needs to implement exactly
22- * one instance of this class.
23- */
24- abstract class MetadataExtractor extends string {
25- bindingset [ this ]
26- MetadataExtractor ( ) { any ( ) }
27-
28- abstract predicate hasMetadata (
29- Endpoint e , string package , string type , boolean subtypes , string name , string signature ,
30- string input
31- ) ;
32- }
33-
3420newtype JavaRelatedLocationType = CallContext ( )
3521
3622/**
@@ -41,14 +27,14 @@ private class ArgumentNode extends DataFlow::Node {
4127}
4228
4329/**
44- * A candidates implementation for framework mode .
30+ * A candidates implementation.
4531 *
4632 * Some important notes:
4733 * - This mode is using parameters as endpoints.
4834 * - Sink- and neutral-information is being used from MaD models.
4935 * - When available, we use method- and class-java-docs as related locations.
5036 */
51- module FrameworkCandidatesImpl implements SharedCharacteristics:: CandidateSig {
37+ module ApplicationCandidatesImpl implements SharedCharacteristics:: CandidateSig {
5238 // for documentation of the implementations here, see the QLDoc in the CandidateSig signature module.
5339 class Endpoint = ArgumentNode ;
5440
@@ -108,7 +94,7 @@ module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig {
10894 additional predicate sinkSpec (
10995 Endpoint e , string package , string type , string name , string signature , string ext , string input
11096 ) {
111- FrameworkCandidatesImpl :: getCallable ( e ) .hasQualifiedName ( package , type , name ) and
97+ ApplicationCandidatesImpl :: getCallable ( e ) .hasQualifiedName ( package , type , name ) and
11298 signature = ExternalFlow:: paramsString ( getCallable ( e ) ) and
11399 ext = "" and
114100 (
@@ -147,21 +133,22 @@ module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig {
147133 }
148134}
149135
150- module CharacteristicsImpl = SharedCharacteristics:: SharedCharacteristics< FrameworkCandidatesImpl > ;
136+ module CharacteristicsImpl =
137+ SharedCharacteristics:: SharedCharacteristics< ApplicationCandidatesImpl > ;
151138
152139class EndpointCharacteristic = CharacteristicsImpl:: EndpointCharacteristic ;
153140
154- class Endpoint = FrameworkCandidatesImpl :: Endpoint ;
141+ class Endpoint = ApplicationCandidatesImpl :: Endpoint ;
155142
156143/*
157144 * Predicates that are used to surface prompt examples and candidates for classification with an ML model.
158145 */
159146
160147/**
161- * A MetadataExtractor that extracts metadata for framework mode.
148+ * A MetadataExtractor that extracts metadata for application mode.
162149 */
163- class FrameworkModeMetadataExtractor extends MetadataExtractor {
164- FrameworkModeMetadataExtractor ( ) { this = "FrameworkModeMetadataExtractor " }
150+ class ApplicationModeMetadataExtractor extends string {
151+ ApplicationModeMetadataExtractor ( ) { this = "ApplicationModeMetadataExtractor " }
165152
166153 /**
167154 * By convention, the subtypes property of the MaD declaration should only be
@@ -180,7 +167,7 @@ class FrameworkModeMetadataExtractor extends MetadataExtractor {
180167 else result = true
181168 }
182169
183- override predicate hasMetadata (
170+ predicate hasMetadata (
184171 Endpoint e , string package , string type , boolean subtypes , string name , string signature ,
185172 string input
186173 ) {
@@ -217,9 +204,9 @@ private class UnexploitableIsCharacteristic extends CharacteristicsImpl::NotASin
217204 UnexploitableIsCharacteristic ( ) { this = "unexploitable (is-style boolean method)" }
218205
219206 override predicate appliesToEndpoint ( Endpoint e ) {
220- not FrameworkCandidatesImpl :: isSink ( e , _) and
221- FrameworkCandidatesImpl :: getCallable ( e ) .getName ( ) .matches ( "is%" ) and
222- FrameworkCandidatesImpl :: getCallable ( e ) .getReturnType ( ) instanceof BooleanType
207+ not ApplicationCandidatesImpl :: isSink ( e , _) and
208+ ApplicationCandidatesImpl :: getCallable ( e ) .getName ( ) .matches ( "is%" ) and
209+ ApplicationCandidatesImpl :: getCallable ( e ) .getReturnType ( ) instanceof BooleanType
223210 }
224211}
225212
@@ -235,9 +222,9 @@ private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::Not
235222 UnexploitableExistsCharacteristic ( ) { this = "unexploitable (existence-checking boolean method)" }
236223
237224 override predicate appliesToEndpoint ( Endpoint e ) {
238- not FrameworkCandidatesImpl :: isSink ( e , _) and
225+ not ApplicationCandidatesImpl :: isSink ( e , _) and
239226 exists ( Callable callable |
240- callable = FrameworkCandidatesImpl :: getCallable ( e ) and
227+ callable = ApplicationCandidatesImpl :: getCallable ( e ) and
241228 callable .getName ( ) .toLowerCase ( ) = [ "exists" , "notexists" ] and
242229 callable .getReturnType ( ) instanceof BooleanType
243230 )
@@ -251,7 +238,7 @@ private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkChara
251238 ExceptionCharacteristic ( ) { this = "exception" }
252239
253240 override predicate appliesToEndpoint ( Endpoint e ) {
254- FrameworkCandidatesImpl :: getCallable ( e ) .getDeclaringType ( ) .getASupertype * ( ) instanceof
241+ ApplicationCandidatesImpl :: getCallable ( e ) .getDeclaringType ( ) .getASupertype * ( ) instanceof
255242 TypeThrowable
256243 }
257244}
@@ -286,7 +273,7 @@ private class NonPublicMethodCharacteristic extends CharacteristicsImpl::Uninter
286273 NonPublicMethodCharacteristic ( ) { this = "non-public method" }
287274
288275 override predicate appliesToEndpoint ( Endpoint e ) {
289- not FrameworkCandidatesImpl :: getCallable ( e ) .isPublic ( )
276+ not ApplicationCandidatesImpl :: getCallable ( e ) .isPublic ( )
290277 }
291278}
292279
0 commit comments