Add qtil.java

MichaelRFairhurst · MichaelRFairhurst · commit b634770e6b21 · 2025-05-26T17:29:57.000-07:00
diff --git a/java/src/codeql-pack.lock.yml b/java/src/codeql-pack.lock.yml
@@ -0,0 +1,28 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/java-all:
+    version: 4.2.1
+  codeql/mad:
+    version: 1.0.12
+  codeql/rangeanalysis:
+    version: 1.0.12
+  codeql/regex:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typeflow:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+  codeql/xml:
+    version: 1.0.12
+compiled: false
diff --git a/java/src/qlpack.yml b/java/src/qlpack.yml
@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-java
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  codeql/java-all: '>=0.0.1 <8.0.0'
+  mfairhurst/qtil: 0.0.1
diff --git a/java/src/qtil/Java.qll b/java/src/qtil/Java.qll
@@ -0,0 +1,8 @@
+module Qtil {
+  private import qtil.Qtil as Common
+  // Importing qtil.Cpp should import all of Qtil.
+  import Common::Qtil
+  import qtil.java.ast.TwoOperands 
+  import qtil.java.format.QlFormat
+  import qtil.java.graph.CustomPathProblem
+}
diff --git a/java/src/qtil/java/ast/TwoOperands.qll b/java/src/qtil/java/ast/TwoOperands.qll
@@ -0,0 +1,55 @@
+import java as java
+import qtil.parameterization.SignatureTypes
+
+/**
+ * A module for dealing with pairs of exclusive operands in C++ ASTs.
+ *
+ * For instance, to find cases where one operand is an integer and the other is a constant, you
+ * will want to to perform checks on each operand separately and consistently without worrying about
+ * order. This module makes this common pattern easy to implement.
+ *
+ * This module takes two type parameters:
+ *  - `Operand`: the type of the operands (e.g. `Expr`)
+ *  - `HasOperands`: a type that has operands of type `Operand` (e.g. `BinaryExpr`)
+ *
+ * ```ql
+ * // Using this module:
+ * predicate myBinaryTestNew(BinaryExpr e) {
+ *   exists(TwoOperands<BinaryExpr>::Set set |
+ *     set.getOperation() = e and
+ *     set.someOperand().isInteger() and
+ *     set.otherOperand().isConstant()
+ *   )
+ * }
+ *
+ * // Is roughly equivalent to:
+ * predicate myBinaryTestOld(BinaryExpr e) {
+ *   exists(Expr a, Expr b |
+ *     e.getAnOperand() = a and
+ *     e.getAnOperand() = b and
+ *     a != b and
+ *     a.isInteger() and
+ *     b.isConstant()
+ *   )
+ * }
+ * ```
+ *
+ * Some caution about using this module: for each use, two `Set` objects exst. If you do not
+ * properly constrain the usage of `someOperand()` and `otherOperand()`, then these members could
+ * hold for different `Set`s. Therefore, `someOperand()` and `otherOperand()` may be the same
+ * operand. This will not happen if the `Set` is properly constrained across the two member
+ * invocations.
+ *
+ * ```ql
+ * predicate bug(BinaryExpr e) {
+ *   // Bad: the two sets are not constrained to the same instance, therefore the operands not
+ *   // guaranteed to be different.
+ *   TwoOperands<BinaryExpr>::getASet(e).someOperand().isInteger() and
+ *   TwoOperands<BinaryExpr>::getASet(e).otherOperand().isConstant()
+ * }
+ * ```
+ */
+module TwoOperands<Signature<java::BinaryExpr>::Type BinOp> {
+  private import qtil.ast.TwoOperands as Make
+  import Make::TwoOperands<java::Expr, BinOp>
+}
diff --git a/java/src/qtil/java/format/QlFormat.qll b/java/src/qtil/java/format/QlFormat.qll
@@ -0,0 +1,5 @@
+private import qtil.format.QLFormat
+private import java
+private import qtil.java.locations.Locatable
+
+import QlFormat<Location, JavaLocatableConfig>
diff --git a/java/src/qtil/java/graph/CustomPathProblem.qll b/java/src/qtil/java/graph/CustomPathProblem.qll
@@ -0,0 +1,6 @@
+private import qtil.locations.CustomPathProblem
+private import qtil.java.locations.Locatable
+private import java
+
+// Import the Java specific configuration for making custom path problems.
+import PathProblem<Location, JavaLocatableConfig>
diff --git a/java/src/qtil/java/locations/Locatable.qll b/java/src/qtil/java/locations/Locatable.qll
@@ -0,0 +1,9 @@
+private import qtil.locations.Locatable
+private import java
+
+/**
+ * A module to declare `Locatable`s specific to Java for use in other qtil modules.
+ */
+module JavaLocatableConfig implements LocatableConfig<Location> {
+  class Locatable = Element;
+}
diff --git a/java/test/codeql-pack.lock.yml b/java/test/codeql-pack.lock.yml
@@ -0,0 +1,28 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/java-all:
+    version: 4.2.1
+  codeql/mad:
+    version: 1.0.12
+  codeql/rangeanalysis:
+    version: 1.0.12
+  codeql/regex:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typeflow:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+  codeql/xml:
+    version: 1.0.12
+compiled: false
diff --git a/java/test/qlpack.yml b/java/test/qlpack.yml
@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-java-test
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  mfairhurst/qtil-java: "*"
+extractor: java
diff --git a/java/test/qtil/java/ast/TwoOperandsTest.expected b/java/test/qtil/java/ast/TwoOperandsTest.expected
@@ -0,0 +1,2 @@
+| test.java:6:12:6:16 | ... + ... | test.java:6:12:6:12 | a | test.java:6:16:6:16 | b |
+| test.java:7:12:7:16 | ... + ... | test.java:7:16:7:16 | a | test.java:7:12:7:12 | b |
diff --git a/java/test/qtil/java/ast/TwoOperandsTest.ql b/java/test/qtil/java/ast/TwoOperandsTest.ql
@@ -0,0 +1,9 @@
+import java
+import qtil.java.ast.TwoOperands
+
+from BinaryExpr op, TwoOperands<BinaryExpr>::Set ops
+where
+  ops.someOperand().(VarAccess).getVariable().getName() = "a" and
+  ops.otherOperand().(VarAccess).getVariable().getName() = "b" and
+  ops.getOperation() = op
+select op, ops.someOperand(), ops.otherOperand()
diff --git a/java/test/qtil/java/ast/test.java b/java/test/qtil/java/ast/test.java
@@ -0,0 +1,12 @@
+class Test {
+    public static void f1() {
+        int a = 0;
+        int b = 0;
+        f2(a + a);
+        f2(a + b);
+        f2(b + a);
+        f2(b + b);
+    }
+
+    public static void f2(int x) { }
+}
diff --git a/java/test/qtil/java/format/QlFormatTest.expected b/java/test/qtil/java/format/QlFormatTest.expected
@@ -0,0 +1 @@
+| test.java:3:9:3:18 | int x | Variable x has initializer $@. | test.java:3:17:3:17 | test.java:3:17:3:17 | 0 | file://:0:0:0:0 | (none) | [unused] |
diff --git a/java/test/qtil/java/format/QlFormatTest.ql b/java/test/qtil/java/format/QlFormatTest.ql
@@ -0,0 +1,15 @@
+import java
+import qtil.java.format.QlFormat
+
+predicate problem(Element elem, Template msg) {
+  exists(Variable var, Expr initializer |
+    elem = var and
+    initializer = var.getInitializer() and
+    msg =
+      tpl("Variable {varname} has initializer {initializer}.")
+          .text("varname", var.getName())
+          .link("initializer", initializer)
+  )
+}
+
+import Problem<problem/2>::Query
diff --git a/java/test/qtil/java/format/test.java b/java/test/qtil/java/format/test.java
@@ -0,0 +1,5 @@
+class Test {
+    public static void f1() {
+        int x = 0;
+    }
+}
diff --git a/java/test/qtil/java/graph/CustomPathProblemTest.expected b/java/test/qtil/java/graph/CustomPathProblemTest.expected
@@ -0,0 +1,9 @@
+edges
+| test.java:3:9:3:20 | int mid | test.java:5:9:5:20 | int end |  |  |
+| test.java:4:9:4:22 | int start | test.java:3:9:3:20 | int mid |  |  |
+nodes
+| test.java:3:9:3:20 | int mid | semmle.label | int mid |
+| test.java:4:9:4:22 | int start | semmle.label | int start |
+| test.java:5:9:5:20 | int end | semmle.label | int end |
+#select
+| test.java:4:9:4:22 | int start | test.java:5:9:5:20 | int end | Path from $@ to $@. | start | test.java:4:9:4:22 | int start | end | test.java:5:9:5:20 | int end |
diff --git a/java/test/qtil/java/graph/CustomPathProblemTest.ql b/java/test/qtil/java/graph/CustomPathProblemTest.ql
@@ -0,0 +1,19 @@
+// Minimal test to make sure CustomPathProblem works with Java code.
+import java
+import qtil.java.graph.CustomPathProblem
+
+module CallGraphPathProblemConfig implements CustomPathProblemConfigSig {
+  class Node = Variable;
+
+  predicate start(Node n) { n.getName() = "start" }
+
+  predicate end(Node n) { n.getName() = "end" }
+
+  predicate edge(Variable a, Variable b) { a.getAnAssignedValue().(VarAccess).getVariable() = b }
+}
+
+import CustomPathProblem<CallGraphPathProblemConfig>
+
+from Variable start, Variable end
+where problem(start, end)
+select start, end, "Path from $@ to $@.", start.getName(), start, end.getName(), end
diff --git a/java/test/qtil/java/graph/test.java b/java/test/qtil/java/graph/test.java
@@ -0,0 +1,11 @@
+class Test {
+    public static void f1() {
+        int mid = 0;
+        int start = 0;
+        int end = 0;
+        int unrelated = 0;
+        start = mid;
+        start = unrelated;
+        mid = end;
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+\| test.java:6:12:6:16 \| ... + ... \| test.java:6:12:6:12 \| a \| test.java:6:16:6:16 \| b \|`
	`2`	`+\| test.java:7:12:7:16 \| ... + ... \| test.java:7:16:7:16 \| a \| test.java:7:12:7:12 \| b \|`