PS: Cleanup and autoformat.

MathiasVP · MathiasVP · commit b65d41b49843 · 2025-04-23T12:36:48.000+01:00
diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/Parameter.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/Parameter.qll
@@ -47,7 +47,7 @@ class PipelineParameter extends Parameter instanceof PipelineParameterImpl {
 
 /**
  * The iterator variable associated with a pipeline parameter.
- * 
+ *
  * This is the variable that is bound to the current element in the pipeline.
  */
 class PipelineIteratorVariable extends Variable instanceof PipelineIteratorVariableImpl {
@@ -61,8 +61,6 @@ class PipelineByPropertyNameParameter extends Parameter instanceof PipelineByPro
 {
   ScriptBlock getScriptBlock() { result = super.getScriptBlock() }
 
-  string getPropertyName() { result = super.getName() }
-
   /**
    * Gets the iterator variable that is used to iterate over the elements in the pipeline.
    */
@@ -71,7 +69,7 @@ class PipelineByPropertyNameParameter extends Parameter instanceof PipelineByPro
 
 /**
  * The iterator variable associated with a pipeline-by-property-name parameter.
- * 
+ *
  * This is the variable that is bound to the current element in the pipeline.
  */
 class PipelineByPropertyNameIteratorVariable extends Variable instanceof PipelineByPropertyNameIteratorVariableImpl
@@ -85,4 +83,4 @@ class PipelineByPropertyNameIteratorVariable extends Variable instanceof Pipelin
    * iterates over.
    */
   PipelineByPropertyNameParameter getParameter() { result = super.getParameter() }
-}
+}
diff --git a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll
@@ -21,7 +21,7 @@ module CommandInjection {
   /**
    * A data flow sink for command-injection vulnerabilities.
    */
-  abstract class Sink extends DataFlow::Node { 
+  abstract class Sink extends DataFlow::Node {
     abstract string getSinkType();
   }
 
@@ -49,9 +49,8 @@ module CommandInjection {
       // Or the call command itself in case it's a use of operator &.
       any(DataFlow::CallOperatorNode call).getCommand() = this
     }
-    override string getSinkType() {
-      result = "call to Invoke-Expression"
-    }
+
+    override string getSinkType() { result = "call to Invoke-Expression" }
   }
 
   class AddTypeSink extends Sink {
@@ -61,151 +60,143 @@ module CommandInjection {
         call.getAnArgument() = this
       )
     }
-    override string getSinkType() {
-      result = "call to Add-Type"
-    } 
+
+    override string getSinkType() { result = "call to Add-Type" }
   }
 
   class InvokeScriptSink extends Sink {
-    InvokeScriptSink() { 
-        exists(API::Node call | 
-            API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and
-            this = call.getArgument(_).asSink()
-        )
+    InvokeScriptSink() {
+      exists(API::Node call |
+        API::getTopLevelMember("executioncontext")
+            .getMember("invokecommand")
+            .getMethod("invokescript") = call and
+        this = call.getArgument(_).asSink()
+      )
     }
-    override string getSinkType(){
-        result = "call to InvokeScript"
-    } 
-}
 
-class CreateNestedPipelineSink extends Sink {
-    CreateNestedPipelineSink() { 
-        exists(API::Node call | 
-            API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and
-            this = call.getArgument(_).asSink()
-        )
-    }
-    override string getSinkType(){
-        result = "call to CreateNestedPipeline"
+    override string getSinkType() { result = "call to InvokeScript" }
+  }
+
+  class CreateNestedPipelineSink extends Sink {
+    CreateNestedPipelineSink() {
+      exists(API::Node call |
+        API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") =
+          call and
+        this = call.getArgument(_).asSink()
+      )
     }
-}
 
-class AddScriptInvokeSink extends Sink {
-  AddScriptInvokeSink() { 
-      exists(InvokeMemberExpr addscript, InvokeMemberExpr create | 
-          this.asExpr().getExpr() = addscript.getAnArgument() and
-          addscript.matchesName("AddScript") and
-          create.matchesName("Create") and
+    override string getSinkType() { result = "call to CreateNestedPipeline" }
+  }
 
-          addscript.getQualifier().(InvokeMemberExpr) = create and
-          create.getQualifier().(TypeNameExpr).getName() = "PowerShell"
+  class AddScriptInvokeSink extends Sink {
+    AddScriptInvokeSink() {
+      exists(InvokeMemberExpr addscript, InvokeMemberExpr create |
+        this.asExpr().getExpr() = addscript.getAnArgument() and
+        addscript.matchesName("AddScript") and
+        create.matchesName("Create") and
+        addscript.getQualifier().(InvokeMemberExpr) = create and
+        create.getQualifier().(TypeNameExpr).getName() = "PowerShell"
       )
+    }
+
+    override string getSinkType() { result = "call to AddScript" }
   }
-  override string getSinkType(){
-      result = "call to AddScript"
+
+  class PowershellSink extends Sink {
+    PowershellSink() {
+      exists(CmdCall c | c.matchesName("powershell") |
+        this.asExpr().getExpr() = c.getArgument(1) and
+        c.getArgument(0).getValue().asString() = "-command"
+        or
+        this.asExpr().getExpr() = c.getArgument(0)
+      )
+    }
+
+    override string getSinkType() { result = "call to Powershell" }
   }
-}
 
-class PowershellSink extends Sink {
-    PowershellSink() { 
-        exists( CmdCall c |        
-          c.matchesName("powershell") | 
-            (
-                this.asExpr().getExpr() = c.getArgument(1) and
-                c.getArgument(0).getValue().asString() = "-command"
-            ) or 
-            (
-                this.asExpr().getExpr() = c.getArgument(0)
-            )
-        )
+  class CmdSink extends Sink {
+    CmdSink() {
+      exists(CmdCall c |
+        this.asExpr().getExpr() = c.getArgument(1) and
+        c.matchesName("cmd") and
+        c.getArgument(0).getValue().asString() = "/c"
+      )
     }
-    override string getSinkType(){
-        result = "call to Powershell"
+
+    override string getSinkType() { result = "call to Cmd" }
+  }
+
+  class ForEachObjectSink extends Sink {
+    ForEachObjectSink() {
+      exists(CmdCall c |
+        this.asExpr().getExpr() = c.getAnArgument() and
+        c.matchesName("Foreach-Object")
+      )
     }
-}
 
-class CmdSink extends Sink {
-  CmdSink() { 
-      exists(CmdCall c | 
-          this.asExpr().getExpr() = c.getArgument(1) and
-          c.matchesName("cmd") and
-          c.getArgument(0).getValue().asString() = "/c" 
+    override string getSinkType() { result = "call to ForEach-Object" }
+  }
+
+  class InvokeSink extends Sink {
+    InvokeSink() {
+      exists(InvokeMemberExpr ie |
+        this.asExpr().getExpr() = ie.getCallee() or
+        this.asExpr().getExpr() = ie.getQualifier().getAChild*()
       )
-  }   
-  override string getSinkType(){
-      result = "call to Cmd"
+    }
+
+    override string getSinkType() { result = "call to Invoke" }
   }
-}
 
-class ForEachObjectSink extends Sink {
-  ForEachObjectSink() { 
-      exists(CmdCall c | 
-          this.asExpr().getExpr() = c.getAnArgument() and
-          c.matchesName("Foreach-Object")
+  class CreateScriptBlockSink extends Sink {
+    CreateScriptBlockSink() {
+      exists(InvokeMemberExpr ie |
+        this.asExpr().getExpr() = ie.getAnArgument() and
+        ie.matchesName("Create") and
+        ie.getQualifier().(TypeNameExpr).getName() = "ScriptBlock"
       )
-  }   
-  override string getSinkType(){
-      result = "call to ForEach-Object"
+    }
+
+    override string getSinkType() { result = "call to CreateScriptBlock" }
   }
-}
 
-class InvokeSink extends Sink {
-    InvokeSink() { 
-        exists(InvokeMemberExpr ie | 
-            this.asExpr().getExpr() = ie.getCallee() or 
-            this.asExpr().getExpr() = ie.getQualifier().getAChild*()
-        )
-    }   
-    override string getSinkType(){
-        result = "call to Invoke"
+  class NewScriptBlockSink extends Sink {
+    NewScriptBlockSink() {
+      exists(API::Node call |
+        API::getTopLevelMember("executioncontext")
+            .getMember("invokecommand")
+            .getMethod("newscriptblock") = call and
+        this = call.getArgument(_).asSink()
+      )
     }
-}
 
-class CreateScriptBlockSink extends Sink {
-  CreateScriptBlockSink() { 
-      exists(InvokeMemberExpr ie | 
-          this.asExpr().getExpr() = ie.getAnArgument() and
-          ie.matchesName("Create") and
-          ie.getQualifier().(TypeNameExpr).getName() = "ScriptBlock"
+    override string getSinkType() { result = "call to NewScriptBlock" }
+  }
+
+  class ExpandStringSink extends Sink {
+    ExpandStringSink() {
+      exists(API::Node call | this = call.getArgument(_).asSink() |
+        API::getTopLevelMember("executioncontext")
+            .getMember("invokecommand")
+            .getMethod("expandstring") = call or
+        API::getTopLevelMember("executioncontext")
+            .getMember("sessionstate")
+            .getMember("invokecommand")
+            .getMethod("expandstring") = call
       )
-  }   
-  override string getSinkType(){
-      result = "call to CreateScriptBlock"
-  }
-}       
-
-class NewScriptBlockSink extends Sink {
-    NewScriptBlockSink() { 
-        exists(API::Node call | 
-            API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and
-            this = call.getArgument(_).asSink()
-        )
-    }  
-    override string getSinkType(){
-        result = "call to NewScriptBlock"
-    } 
-}
+    }
 
-class ExpandStringSink extends Sink {
-    ExpandStringSink() { 
-        exists(API::Node call | this = call.getArgument(_).asSink() |
-            API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or
-            API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call 
-            
-        )
-    }  
-    override string getSinkType(){
-        result = "call to ExpandString"
-    } 
-}
+    override string getSinkType() { result = "call to ExpandString" }
+  }
 
   private class ExternalCommandInjectionSink extends Sink {
     ExternalCommandInjectionSink() {
       this = ModelOutput::getASinkNode("command-injection").asSink()
     }
-    override string getSinkType() {
-      result = "external command injection"
-    }
+
+    override string getSinkType() { result = "external command injection" }
   }
 
   class TypedParameterSanitizer extends Sanitizer {
@@ -217,15 +208,16 @@ class ExpandStringSink extends Sink {
       )
     }
   }
-  
+
   class SingleQuoteSanitizer extends Sanitizer {
-    SingleQuoteSanitizer() { 
-        exists(ExpandableStringExpr e, VarReadAccess v | 
-            v = this.asExpr().getExpr()  and
-            e.getUnexpandedValue().toLowerCase().matches("%'$" + v.getVariable().getLowerCaseName() + "'%") and
-            e.getAnExpr() = v
-        )
+    SingleQuoteSanitizer() {
+      exists(ExpandableStringExpr e, VarReadAccess v |
+        v = this.asExpr().getExpr() and
+        e.getUnexpandedValue()
+            .toLowerCase()
+            .matches("%'$" + v.getVariable().getLowerCaseName() + "'%") and
+        e.getAnExpr() = v
+      )
     }
   }
 }
-
