Java: Move interpretModelForTest into shared code.

Author: aschackmull

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

@@ -98,8 +98,13 @@ private import internal.FlowSummaryImpl
 private import internal.FlowSummaryImpl::Public
 private import internal.FlowSummaryImpl::Private
 private import internal.FlowSummaryImpl::Private::External
-private import internal.ExternalFlowExtensions as Extensions
+private import internal.ExternalFlowExtensions
 private import codeql.mad.ModelValidation as SharedModelVal
+private import codeql.mad.static.MaD as SharedMaD
+
+private module MaD = SharedMaD::ModelsAsData<Extensions>;
+
+import MaD
 
 /**
  * A class for activating additional model rows.
@@ -214,11 +219,12 @@ predicate summaryModel(
  * This predicate should only be used in tests.
  */
 predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) {
+  MaD::interpretModelForTest(madId, model)
+  or
   exists(
     string package, string type, boolean subtypes, string name, string signature, string ext,
     string output, string kind, string provenance
   |
-    sourceModel(package, type, subtypes, name, signature, ext, output, kind, provenance, madId) or
     Extensions::experimentalSourceModel(package, type, subtypes, name, signature, ext, output, kind,
       provenance, _, madId)
   |
@@ -231,7 +237,6 @@ predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) {
     string package, string type, boolean subtypes, string name, string signature, string ext,
     string input, string kind, string provenance
   |
-    sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance, madId) or
     Extensions::experimentalSinkModel(package, type, subtypes, name, signature, ext, input, kind,
       provenance, _, madId)
   |
@@ -244,16 +249,13 @@ predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) {
     string package, string type, boolean subtypes, string name, string signature, string ext,
     string input, string output, string kind, string provenance
   |
-    summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance,
-      madId) or
     Extensions::experimentalSummaryModel(package, type, subtypes, name, signature, ext, input,
       output, kind, provenance, _, madId)
   |
     model =
       "Summary: " + package + "; " + type + "; " + subtypes + "; " + name + "; " + signature + "; " +
         ext + "; " + input + "; " + output + "; " + kind + "; " + provenance
   )
-  //TODO: possibly barrier models?
 }
 
 /** Holds if a neutral model exists for the given parameters. */

java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll

@@ -4,6 +4,8 @@
 overlay[local?]
 module;
 
+private import codeql.mad.static.MaD as SharedMaD
+
 /**
  * Holds if a source model exists for the given parameters.
  */
@@ -93,3 +95,7 @@ extensible predicate experimentalSummaryModel(
   string input, string output, string kind, string provenance, string filter,
   QlBuiltins::ExtensionId madId
 );
+
+module Extensions implements SharedMaD::ExtensionsSig {
+  import ExternalFlowExtensions
+}

shared/mad/codeql/mad/static/MaD.qll

@@ -0,0 +1,124 @@
+overlay[local?]
+module;
+
+signature module ExtensionsSig {
+  /**
+   * Holds if a source model exists for the given parameters.
+   */
+  predicate sourceModel(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext,
+    string output, string kind, string provenance, QlBuiltins::ExtensionId madId
+  );
+
+  /**
+   * Holds if a sink model exists for the given parameters.
+   */
+  predicate sinkModel(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext,
+    string input, string kind, string provenance, QlBuiltins::ExtensionId madId
+  );
+
+  /**
+   * Holds if a barrier model exists for the given parameters.
+   */
+  predicate barrierModel(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext,
+    string output, string kind, string provenance, QlBuiltins::ExtensionId madId
+  );
+
+  /**
+   * Holds if a barrier guard model exists for the given parameters.
+   */
+  predicate barrierGuardModel(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext,
+    string input, string acceptingvalue, string kind, string provenance,
+    QlBuiltins::ExtensionId madId
+  );
+
+  /**
+   * Holds if a summary model exists for the given parameters.
+   */
+  predicate summaryModel(
+    string namespace, string type, boolean subtypes, string name, string signature, string ext,
+    string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId
+  );
+
+  /**
+   * Holds if a neutral model exists for the given parameters.
+   */
+  predicate neutralModel(
+    string namespace, string type, string name, string signature, string kind, string provenance
+  );
+}
+
+module ModelsAsData<ExtensionsSig Extensions> {
+  /**
+   * Holds if the given extension tuple `madId` should pretty-print as `model`.
+   *
+   * Barrier models are included for completeness even though they will not show up in a path.
+   *
+   * This predicate should only be used in tests.
+   */
+  predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) {
+    exists(
+      string namespace, string type, boolean subtypes, string name, string signature, string ext,
+      string output, string kind, string provenance
+    |
+      Extensions::sourceModel(namespace, type, subtypes, name, signature, ext, output, kind,
+        provenance, madId)
+    |
+      model =
+        "Source: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature +
+          "; " + ext + "; " + output + "; " + kind + "; " + provenance
+    )
+    or
+    exists(
+      string namespace, string type, boolean subtypes, string name, string signature, string ext,
+      string input, string kind, string provenance
+    |
+      Extensions::sinkModel(namespace, type, subtypes, name, signature, ext, input, kind,
+        provenance, madId)
+    |
+      model =
+        "Sink: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature + "; "
+          + ext + "; " + input + "; " + kind + "; " + provenance
+    )
+    or
+    exists(
+      string namespace, string type, boolean subtypes, string name, string signature, string ext,
+      string output, string kind, string provenance
+    |
+      Extensions::barrierModel(namespace, type, subtypes, name, signature, ext, output, kind,
+        provenance, madId)
+    |
+      model =
+        "Barrier: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature +
+          "; " + ext + "; " + output + "; " + kind + "; " + provenance
+    )
+    or
+    exists(
+      string namespace, string type, boolean subtypes, string name, string signature, string ext,
+      string input, string acceptingvalue, string kind, string provenance
+    |
+      Extensions::barrierGuardModel(namespace, type, subtypes, name, signature, ext, input,
+        acceptingvalue, kind, provenance, madId)
+    |
+      model =
+        "Barrier Guard: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " +
+          signature + "; " + ext + "; " + input + "; " + acceptingvalue + "; " + kind + "; " +
+          provenance
+    )
+    or
+    exists(
+      string namespace, string type, boolean subtypes, string name, string signature, string ext,
+      string input, string output, string kind, string provenance
+    |
+      Extensions::summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind,
+        provenance, madId)
+    |
+      model =
+        "Summary: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature +
+          "; " + ext + "; " + input + "; " + output + "; " + kind + "; " + provenance
+    )
+  }
+}