JS: Avoid some uses of deprecated guard classes in tests

asgerf · asgerf · commit 3548544970a1 · 2024-12-03T14:30:11.000+01:00
diff --git a/javascript/ql/test/library-tests/LabelledBarrierGuards/LabelledBarrierGuards.ql b/javascript/ql/test/library-tests/LabelledBarrierGuards/LabelledBarrierGuards.ql
@@ -20,19 +20,15 @@ module TestConfig implements DataFlow::StateConfigSig {
     )
   }
 
-  additional predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
-    node instanceof IsTypeAGuard or
-    node instanceof IsSanitizedGuard
-  }
-
   predicate isBarrier(DataFlow::Node node, DataFlow::FlowLabel lbl) {
-    node = DataFlow::MakeLegacyBarrierGuardLabeled<isBarrierGuard/1>::getABarrierNode(lbl)
+    node = DataFlow::MakeLabeledBarrierGuard<IsTypeAGuard>::getABarrierNode(lbl) or
+    node = DataFlow::MakeLabeledBarrierGuard<IsSanitizedGuard>::getABarrierNode(lbl)
   }
 }
 
 module TestFlow = TaintTracking::GlobalWithState<TestConfig>;
 
-class LegacyConfig extends TaintTracking::Configuration {
+deprecated class LegacyConfig extends TaintTracking::Configuration {
   LegacyConfig() { this = "LegacyConfig" }
 
   override predicate isSource(DataFlow::Node node, DataFlow::FlowLabel lbl) {
@@ -44,21 +40,18 @@ class LegacyConfig extends TaintTracking::Configuration {
   }
 
   override predicate isSanitizerGuard(TaintTracking::SanitizerGuardNode node) {
-    TestConfig::isBarrierGuard(node)
+    node instanceof IsTypeAGuardLegacy or
+    node instanceof IsSanitizedGuardLegacy
   }
 }
 
 /**
  * A condition that checks what kind of value the input is. Not enough to
  * sanitize the value, but later sanitizers only need to handle the relevant case.
  */
-class IsTypeAGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::CallNode {
+class IsTypeAGuard extends DataFlow::CallNode {
   IsTypeAGuard() { this.getCalleeName() = "isTypeA" }
 
-  override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {
-    this.blocksExpr(outcome, e, lbl)
-  }
-
   predicate blocksExpr(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {
     e = this.getArgument(0).asExpr() and
     (
@@ -69,12 +62,14 @@ class IsTypeAGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::C
   }
 }
 
-class IsSanitizedGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::CallNode {
-  IsSanitizedGuard() { this.getCalleeName() = "sanitizeA" or this.getCalleeName() = "sanitizeB" }
-
+deprecated class IsTypeAGuardLegacy extends IsTypeAGuard, TaintTracking::LabeledSanitizerGuardNode {
   override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {
     this.blocksExpr(outcome, e, lbl)
   }
+}
+
+class IsSanitizedGuard extends DataFlow::CallNode {
+  IsSanitizedGuard() { this.getCalleeName() = "sanitizeA" or this.getCalleeName() = "sanitizeB" }
 
   predicate blocksExpr(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {
     e = this.getArgument(0).asExpr() and
@@ -87,7 +82,15 @@ class IsSanitizedGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlo
   }
 }
 
-import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
+deprecated class IsSanitizedGuardLegacy extends IsSanitizedGuard,
+  TaintTracking::LabeledSanitizerGuardNode
+{
+  override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {
+    this.blocksExpr(outcome, e, lbl)
+  }
+}
+
+deprecated import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
 
 from DataFlow::Node source, DataFlow::Node sink
 where TestFlow::flow(source, sink)
diff --git a/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.ql b/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.ql
@@ -7,39 +7,37 @@ module TestConfig implements DataFlow::ConfigSig {
 
   predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
 
-  additional predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
-    node instanceof BasicBarrierGuard
-  }
-
   predicate isBarrier(DataFlow::Node node) {
-    node = DataFlow::MakeLegacyBarrierGuard<isBarrierGuard/1>::getABarrierNode()
+    node = DataFlow::MakeBarrierGuard<BasicBarrierGuard>::getABarrierNode()
   }
 }
 
 module TestFlow = DataFlow::Global<TestConfig>;
 
-class BasicBarrierGuard extends DataFlow::BarrierGuardNode, DataFlow::CallNode {
+class BasicBarrierGuard extends DataFlow::CallNode {
   BasicBarrierGuard() { this = getACall("isSafe") }
 
-  override predicate blocks(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
-
   predicate blocksExpr(boolean outcome, Expr e) {
     outcome = true and e = this.getArgument(0).asExpr()
   }
 }
 
-class LegacyConfig extends DataFlow::Configuration {
+deprecated class BasicBarrierGuardLegacy extends DataFlow::BarrierGuardNode, BasicBarrierGuard {
+  override predicate blocks(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+}
+
+deprecated class LegacyConfig extends DataFlow::Configuration {
   LegacyConfig() { this = "LegacyConfig" }
 
   override predicate isSource(DataFlow::Node source) { TestConfig::isSource(source) }
 
   override predicate isSink(DataFlow::Node sink) { TestConfig::isSink(sink) }
 
   override predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
-    TestConfig::isBarrierGuard(node)
+    node instanceof BasicBarrierGuardLegacy
   }
 }
 
-import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
+deprecated import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
 
 query predicate flow = TestFlow::flow/2;

Original file line number	Diff line number	Diff line change
`@@ -20,19 +20,15 @@ module TestConfig implements DataFlow::StateConfigSig {`
`20`	`20`	`)`
`21`	`21`	`}`
`22`	`22`
`23`		`- additional predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {`
`24`		`- node instanceof IsTypeAGuard or`
`25`		`- node instanceof IsSanitizedGuard`
`26`		`- }`
`27`		`-`
`28`	`23`	`predicate isBarrier(DataFlow::Node node, DataFlow::FlowLabel lbl) {`
`29`		`- node = DataFlow::MakeLegacyBarrierGuardLabeled<isBarrierGuard/1>::getABarrierNode(lbl)`
	`24`	`+ node = DataFlow::MakeLabeledBarrierGuard<IsTypeAGuard>::getABarrierNode(lbl) or`
	`25`	`+ node = DataFlow::MakeLabeledBarrierGuard<IsSanitizedGuard>::getABarrierNode(lbl)`
`30`	`26`	`}`
`31`	`27`	`}`
`32`	`28`
`33`	`29`	`module TestFlow = TaintTracking::GlobalWithState<TestConfig>;`
`34`	`30`
`35`		`-class LegacyConfig extends TaintTracking::Configuration {`
	`31`	`+deprecated class LegacyConfig extends TaintTracking::Configuration {`
`36`	`32`	`LegacyConfig() { this = "LegacyConfig" }`
`37`	`33`
`38`	`34`	`override predicate isSource(DataFlow::Node node, DataFlow::FlowLabel lbl) {`
`@@ -44,21 +40,18 @@ class LegacyConfig extends TaintTracking::Configuration {`
`44`	`40`	`}`
`45`	`41`
`46`	`42`	`override predicate isSanitizerGuard(TaintTracking::SanitizerGuardNode node) {`
`47`		`- TestConfig::isBarrierGuard(node)`
	`43`	`+ node instanceof IsTypeAGuardLegacy or`
	`44`	`+ node instanceof IsSanitizedGuardLegacy`
`48`	`45`	`}`
`49`	`46`	`}`
`50`	`47`
`51`	`48`	`/**`
`52`	`49`	`* A condition that checks what kind of value the input is. Not enough to`
`53`	`50`	`* sanitize the value, but later sanitizers only need to handle the relevant case.`
`54`	`51`	`*/`
`55`		`-class IsTypeAGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::CallNode {`
	`52`	`+class IsTypeAGuard extends DataFlow::CallNode {`
`56`	`53`	`IsTypeAGuard() { this.getCalleeName() = "isTypeA" }`
`57`	`54`
`58`		`- override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {`
`59`		`- this.blocksExpr(outcome, e, lbl)`
`60`		`- }`
`61`		`-`
`62`	`55`	`predicate blocksExpr(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {`
`63`	`56`	`e = this.getArgument(0).asExpr() and`
`64`	`57`	`(`
`@@ -69,12 +62,14 @@ class IsTypeAGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::C`
`69`	`62`	`}`
`70`	`63`	`}`
`71`	`64`
`72`		`-class IsSanitizedGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlow::CallNode {`
`73`		`- IsSanitizedGuard() { this.getCalleeName() = "sanitizeA" or this.getCalleeName() = "sanitizeB" }`
`74`		`-`
	`65`	`+deprecated class IsTypeAGuardLegacy extends IsTypeAGuard, TaintTracking::LabeledSanitizerGuardNode {`
`75`	`66`	`override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {`
`76`	`67`	`this.blocksExpr(outcome, e, lbl)`
`77`	`68`	`}`
	`69`	`+}`
	`70`	`+`
	`71`	`+class IsSanitizedGuard extends DataFlow::CallNode {`
	`72`	`+ IsSanitizedGuard() { this.getCalleeName() = "sanitizeA" or this.getCalleeName() = "sanitizeB" }`
`78`	`73`
`79`	`74`	`predicate blocksExpr(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {`
`80`	`75`	`e = this.getArgument(0).asExpr() and`
`@@ -87,7 +82,15 @@ class IsSanitizedGuard extends TaintTracking::LabeledSanitizerGuardNode, DataFlo`
`87`	`82`	`}`
`88`	`83`	`}`
`89`	`84`
`90`		`-import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>`
	`85`	`+deprecated class IsSanitizedGuardLegacy extends IsSanitizedGuard,`
	`86`	`+ TaintTracking::LabeledSanitizerGuardNode`
	`87`	`+{`
	`88`	`+ override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel lbl) {`
	`89`	`+ this.blocksExpr(outcome, e, lbl)`
	`90`	`+ }`
	`91`	`+}`
	`92`	`+`
	`93`	`+deprecated import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>`
`91`	`94`
`92`	`95`	`from DataFlow::Node source, DataFlow::Node sink`
`93`	`96`	`where TestFlow::flow(source, sink)`