Add qtil.go

Author: MichaelRFairhurst

go/src/codeql-pack.lock.yml

@@ -0,0 +1,20 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/go-all:
+    version: 2.1.3
+  codeql/mad:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+compiled: false

go/src/qlpack.yml

@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-go
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  codeql/go-all: '>=0.0.1 <5.0.0'
+  mfairhurst/qtil: 0.0.1

go/src/qtil/Go.qll

@@ -0,0 +1,8 @@
+module Qtil {
+  private import qtil.Qtil as Common
+  // Importing qtil.Go should import all of Qtil.
+  import Common::Qtil
+  import qtil.go.ast.TwoOperands 
+  import qtil.go.format.QlFormat
+  import qtil.go.graph.CustomPathProblem
+}

go/src/qtil/go/ast/TwoOperands.qll

@@ -0,0 +1,55 @@
+import go as go
+import qtil.parameterization.SignatureTypes
+
+/**
+ * A module for dealing with pairs of exclusive operands in C++ ASTs.
+ *
+ * For instance, to find cases where one operand is an integer and the other is a constant, you
+ * will want to to perform checks on each operand separately and consistently without worrying about
+ * order. This module makes this common pattern easy to implement.
+ *
+ * This module takes two type parameters:
+ *  - `Operand`: the type of the operands (e.g. `Expr`)
+ *  - `HasOperands`: a type that has operands of type `Operand` (e.g. `BinaryExpr`)
+ *
+ * ```ql
+ * // Using this module:
+ * predicate myBinaryTestNew(BinaryExpr e) {
+ *   exists(TwoOperands<BinaryExpr>::Set set |
+ *     set.getOperation() = e and
+ *     set.someOperand().isInteger() and
+ *     set.otherOperand().isConstant()
+ *   )
+ * }
+ *
+ * // Is roughly equivalent to:
+ * predicate myBinaryTestOld(BinaryExpr e) {
+ *   exists(Expr a, Expr b |
+ *     e.getAnOperand() = a and
+ *     e.getAnOperand() = b and
+ *     a != b and
+ *     a.isInteger() and
+ *     b.isConstant()
+ *   )
+ * }
+ * ```
+ *
+ * Some caution about using this module: for each use, two `Set` objects exst. If you do not
+ * properly constrain the usage of `someOperand()` and `otherOperand()`, then these members could
+ * hold for different `Set`s. Therefore, `someOperand()` and `otherOperand()` may be the same
+ * operand. This will not happen if the `Set` is properly constrained across the two member
+ * invocations.
+ *
+ * ```ql
+ * predicate bug(BinaryExpr e) {
+ *   // Bad: the two sets are not constrained to the same instance, therefore the operands not
+ *   // guaranteed to be different.
+ *   TwoOperands<BinaryExpr>::getASet(e).someOperand().isInteger() and
+ *   TwoOperands<BinaryExpr>::getASet(e).otherOperand().isConstant()
+ * }
+ * ```
+ */
+module TwoOperands<Signature<go::BinaryExpr>::Type BinOp> {
+  private import qtil.ast.TwoOperands as Make
+  import Make::TwoOperands<go::Expr, BinOp>
+}

go/src/qtil/go/format/QlFormat.qll

@@ -0,0 +1,5 @@
+private import qtil.format.QLFormat
+private import go
+private import qtil.go.locations.Locatable
+
+import QlFormat<DbLocation, GoLocatableConfig>

go/src/qtil/go/graph/CustomPathProblem.qll

@@ -0,0 +1,6 @@
+private import qtil.locations.CustomPathProblem
+private import qtil.go.locations.Locatable
+private import go
+
+// Import the Go specific configuration for making custom path problems.
+import PathProblem<DbLocation, GoLocatableConfig>

go/src/qtil/go/locations/Locatable.qll

@@ -0,0 +1,9 @@
+private import qtil.locations.Locatable
+private import go as go
+
+/**
+ * A module to declare `Locatable`s specific to Go for use in other qtil modules.
+ */
+module GoLocatableConfig implements LocatableConfig<go::DbLocation> {
+  class Locatable = go::Locatable;
+}

go/test/codeql-pack.lock.yml

@@ -0,0 +1,20 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/go-all:
+    version: 2.1.3
+  codeql/mad:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+compiled: false

go/test/go.mod

@@ -0,0 +1,3 @@
+module codeql.qtil.go.test
+
+go 1.2.1

go/test/qlpack.yml

@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-go-test
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  mfairhurst/qtil-go: "*"
+extractor: go