Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dataflow: Add support for not skipping configuration-specific nodes in big-step #13717

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Dataflow: Add support for not skipping configuration-specific nodes in big-step #13717

wants to merge 5 commits into from
+747 −125

Conversation

aschackmull
Copy link
Contributor

@owen-mc
Copy link
Contributor

owen-mc commented Jul 11, 2023

For a flow config using the new API (ConfigSig and so on) that does what I was expecting. I was a bit surprised that it didn’t do anything for old-style configuration classes. I guess it’s not important, as everything will move over to the new API in time.

@aschackmull
Copy link
Contributor Author

aschackmull commented Jul 14, 2023
edited

The C/C++ XXE query gets a bunch of additional steps due to its

  predicate isAdditionalFlowStep(
    DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2
  ) {
    // create additional flow steps for `XxeFlowStateTransformer`s
    state2 = node2.asIndirectExpr().(XxeFlowStateTransformer).transform(state1) and
    DataFlow::simpleLocalFlowStep(node1, node2)
  }

Is that desirable? Or should we add a predicate neverSkip(Node node) { none() } in the XXE config?

Edit: There are also a bunch of other queries with additional steps where we might also want to consider whether or not to use the new default that this PR introduces.

@aschackmull aschackmull marked this pull request as ready for review July 14, 2023 09:49
@aschackmull aschackmull requested review from a team as code owners July 14, 2023 09:49
owen-mc
owen-mc previously approved these changes Jul 14, 2023
View reviewed changes
Copy link
Contributor

@owen-mc owen-mc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Go 👍🏻

MathiasVP
MathiasVP approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

C++/Swift 👍

@MathiasVP
Copy link
Contributor

The C/C++ XXE query gets a bunch of additional steps due to its

  predicate isAdditionalFlowStep(
    DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2
  ) {
    // create additional flow steps for `XxeFlowStateTransformer`s
    state2 = node2.asIndirectExpr().(XxeFlowStateTransformer).transform(state1) and
    DataFlow::simpleLocalFlowStep(node1, node2)
  }

Is that desirable? Or should we add a predicate neverSkip(Node node) { none() } in the XXE config?

Edit: There are also a bunch of other queries with additional steps where we might also want to consider whether or not to use the new default that this PR introduces.

We resolved this on Slack and decided to add a neverSkip override (see 8a71408).

owen-mc
owen-mc approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor

@owen-mc owen-mc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Go 👍🏻 (but I think you should add a change note to let users know about the new feature)

yoff
yoff approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor

@yoff yoff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Python 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yoff yoff yoff approved these changes

@MathiasVP MathiasVP MathiasVP approved these changes

@owen-mc owen-mc owen-mc approved these changes

@github/codeql-ruby codeql-ruby Awaiting requested review from github/codeql-ruby github/codeql-ruby is a code owner

@github/codeql-java codeql-java Awaiting requested review from github/codeql-java github/codeql-java is a code owner

@github/codeql-csharp codeql-csharp Awaiting requested review from github/codeql-csharp github/codeql-csharp is a code owner

Assignees
No one assigned
Labels
C# C++ DataFlow Library Go Java Python Ruby Swift
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@aschackmull @owen-mc @MathiasVP @yoff