Merge branch 'main' into openssl-signatures

Author: GrosQuildu

cpp/ql/lib/change-notes/2025-05-28-using-template.md

@@ -0,0 +1,4 @@
+---
+category: feature
+---
+* Added a predicate `getReferencedMember` to `UsingDeclarationEntry`, which yields a member depending on a type template parameter.

cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll

@@ -74,4 +74,4 @@ class EVP_Cipher_Final_Call extends EVPFinal, EVP_Cipher_Operation {
     or
     result = EVP_Cipher_Operation.super.getOutputArg()
   }
-}
+}

cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPHashOperation.qll

@@ -2,84 +2,84 @@
  * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
  */
 
- private import experimental.quantum.Language
- private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
- private import OpenSSLOperationBase
- private import EVPHashInitializer
- private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
- 
- class EVP_Digest_Update_Call extends EVPUpdate {
-   EVP_Digest_Update_Call() { this.(Call).getTarget().getName() = "EVP_DigestUpdate" }
- 
-   override Expr getInputArg() { result = this.(Call).getArgument(1) }
- }
- 
- //https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
- class EVP_Q_Digest_Operation extends EVPOperation, Crypto::HashOperationInstance {
-   EVP_Q_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Q_digest" }
- 
-   override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) }
- 
-   override EVP_Hash_Initializer getInitCall() {
-     // This variant of digest does not use an init
-     // and even if it were used, the init would be ignored/undefined
-     none()
-   }
- 
-   override Expr getInputArg() { result = this.(Call).getArgument(3) }
- 
-   override Expr getOutputArg() { result = this.(Call).getArgument(5) }
- 
-   override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
-     result = EVPOperation.super.getOutputArtifact()
-   }
- 
-   override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
-     result = EVPOperation.super.getInputConsumer()
-   }
- }
- 
- class EVP_Digest_Operation extends EVPOperation, Crypto::HashOperationInstance {
-   EVP_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Digest" }
- 
-   // There is no context argument for this function
-   override Expr getContextArg() { none() }
- 
-   override Expr getAlgorithmArg() { result = this.(Call).getArgument(4) }
- 
-   override EVP_Hash_Initializer getInitCall() {
-     // This variant of digest does not use an init
-     // and even if it were used, the init would be ignored/undefined
-     none()
-   }
- 
-   override Expr getInputArg() { result = this.(Call).getArgument(0) }
- 
-   override Expr getOutputArg() { result = this.(Call).getArgument(2) }
- 
-   override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
-     result = EVPOperation.super.getOutputArtifact()
-   }
- 
-   override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
-     result = EVPOperation.super.getInputConsumer()
-   }
- }
- 
- class EVP_Digest_Final_Call extends EVPFinal, Crypto::HashOperationInstance {
-   EVP_Digest_Final_Call() {
-     this.(Call).getTarget().getName() in [
-         "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF"
-       ]
-   }
- 
-   override Expr getOutputArg() { result = this.(Call).getArgument(1) }
- 
-   override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
-     result = EVPFinal.super.getOutputArtifact()
-   }
- 
-   override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
-     result = EVPFinal.super.getInputConsumer()
-   }
- }
+private import experimental.quantum.Language
+private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
+private import OpenSSLOperationBase
+private import EVPHashInitializer
+private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
+
+class EVP_Digest_Update_Call extends EVPUpdate {
+  EVP_Digest_Update_Call() { this.(Call).getTarget().getName() = "EVP_DigestUpdate" }
+
+  override Expr getInputArg() { result = this.(Call).getArgument(1) }
+}
+
+//https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
+class EVP_Q_Digest_Operation extends EVPOperation, Crypto::HashOperationInstance {
+  EVP_Q_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Q_digest" }
+
+  override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) }
+
+  override EVP_Hash_Initializer getInitCall() {
+    // This variant of digest does not use an init
+    // and even if it were used, the init would be ignored/undefined
+    none()
+  }
+
+  override Expr getInputArg() { result = this.(Call).getArgument(3) }
+
+  override Expr getOutputArg() { result = this.(Call).getArgument(5) }
+
+  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
+    result = EVPOperation.super.getOutputArtifact()
+  }
+
+  override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
+    result = EVPOperation.super.getInputConsumer()
+  }
+}
+
+class EVP_Digest_Operation extends EVPOperation, Crypto::HashOperationInstance {
+  EVP_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Digest" }
+
+  // There is no context argument for this function
+  override Expr getContextArg() { none() }
+
+  override Expr getAlgorithmArg() { result = this.(Call).getArgument(4) }
+
+  override EVP_Hash_Initializer getInitCall() {
+    // This variant of digest does not use an init
+    // and even if it were used, the init would be ignored/undefined
+    none()
+  }
+
+  override Expr getInputArg() { result = this.(Call).getArgument(0) }
+
+  override Expr getOutputArg() { result = this.(Call).getArgument(2) }
+
+  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
+    result = EVPOperation.super.getOutputArtifact()
+  }
+
+  override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
+    result = EVPOperation.super.getInputConsumer()
+  }
+}
+
+class EVP_Digest_Final_Call extends EVPFinal, Crypto::HashOperationInstance {
+  EVP_Digest_Final_Call() {
+    this.(Call).getTarget().getName() in [
+        "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF"
+      ]
+  }
+
+  override Expr getOutputArg() { result = this.(Call).getArgument(1) }
+
+  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
+    result = EVPFinal.super.getOutputArtifact()
+  }
+
+  override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
+    result = EVPFinal.super.getInputConsumer()
+  }
+}

cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll

@@ -8,7 +8,7 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgor
 class OpenSSLCall extends Call { }
 
 /**
- * All OpenSSL operations.
+ * A class for all OpenSSL operations.
  */
 abstract class OpenSSLOperation extends Crypto::OperationInstance instanceof OpenSSLCall {
   /**
@@ -37,12 +37,12 @@ abstract class OpenSSLOperation extends Crypto::OperationInstance instanceof Ope
  */
 abstract class EVPInitialize extends OpenSSLCall {
   /**
-   * The context argument that ties together initialization, updates and/or final calls.
+   * Gets the context argument that ties together initialization, updates and/or final calls.
    */
   Expr getContextArg() { result = this.(Call).getArgument(0) }
 
   /**
-   * The type of key operation, none if not applicable.
+   * Gets the type of key operation, none if not applicable.
    */
   Crypto::KeyOperationSubtype getKeyOperationSubtype() { none() }
 
@@ -54,12 +54,12 @@ abstract class EVPInitialize extends OpenSSLCall {
   Expr getAlgorithmArg() { none() }
 
   /**
-   * The key for the operation, none if not applicable.
+   * Gets the key for the operation, none if not applicable.
    */
   Expr getKeyArg() { none() }
 
   /**
-   * The IV/nonce, none if not applicable.
+   * Gets the IV/nonce, none if not applicable.
    */
   Expr getIVArg() { none() }
 }
@@ -71,7 +71,7 @@ abstract class EVPInitialize extends OpenSSLCall {
  */
 abstract class EVPUpdate extends OpenSSLCall {
   /**
-   * The context argument that ties together initialization, updates and/or final calls.
+   * Gets the context argument that ties together initialization, updates and/or final calls.
    */
   Expr getContextArg() { result = this.(Call).getArgument(0) }
 
@@ -108,7 +108,7 @@ private module AlgGetterToAlgConsumerFlow = DataFlow::Global<AlgGetterToAlgConsu
  */
 abstract class EVPOperation extends OpenSSLOperation {
   /**
-   * The context argument that ties together initialization, updates and/or final calls.
+   * Gets the context argument that ties together initialization, updates and/or final calls.
    */
   Expr getContextArg() { result = this.(Call).getArgument(0) }
 
@@ -126,9 +126,7 @@ abstract class EVPOperation extends OpenSSLOperation {
   /**
    * Overwrite with an explicitly specified algorithm or leave base implementation to find it in the initialization call.
    */
-  override Expr getAlgorithmArg() {
-    if exists(this.getInitCall()) then result = this.getInitCall().getAlgorithmArg() else none()
-  }
+  override Expr getAlgorithmArg() { result = this.getInitCall().getAlgorithmArg() }
 
   /**
    * Finds the initialization call, may be none.
@@ -165,13 +163,13 @@ abstract class EVPFinal extends EVPOperation {
   }
 
   /**
-   * The input data was provided to all update calls.
+   * Gets the input data provided to all update calls.
    * If more input data was provided in the final call, override the method.
    */
   override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() }
 
   /**
-   * The output data was provided to all update calls.
+   * Gets the output data provided to all update calls.
    * If more output data was provided in the final call, override the method.
    */
   override Expr getOutputArg() { result = this.getUpdateCalls().getOutputArg() }

cpp/ql/lib/semmle/code/cpp/Namespace.qll

@@ -174,7 +174,27 @@ class UsingDeclarationEntry extends UsingEntry {
    */
   Declaration getDeclaration() { usings(underlyingElement(this), unresolveElement(result), _, _) }
 
-  override string toString() { result = "using " + this.getDeclaration().getDescription() }
+  /**
+   * Gets the member that is referenced by this using declaration, where the member depends on a
+   * type template parameter.
+   *
+   * For example:
+   * ```
+   * template <typename T>
+   * class A {
+   *   using T::m;
+   * };
+   * ```
+   * Here, `getReferencedMember()` yields the member `m` of `T`. Observe that,
+   * as `T` is not instantiated, `m` is represented by a `Literal` and not
+   * a `Declaration`.
+   */
+  Literal getReferencedMember() { usings(underlyingElement(this), unresolveElement(result), _, _) }
+
+  override string toString() {
+    result = "using " + this.getDeclaration().getDescription() or
+    result = "using " + this.getReferencedMember()
+  }
 }
 
 /**

cpp/ql/test/experimental/library-tests/quantum/openssl/hash_operations.expected

@@ -1,2 +1,2 @@
 | openssl_basic.c:133:13:133:30 | HashOperation | openssl_basic.c:133:39:133:44 | Digest | openssl_basic.c:125:38:125:47 | HashAlgorithm | openssl_basic.c:129:37:129:43 | Message |
-| openssl_basic.c:153:13:153:22 | HashOperation | openssl_basic.c:153:46:153:51 | Digest | openssl_basic.c:153:67:153:73 | HashAlgorithm | openssl_basic.c:153:24:153:30 | Message |
+| openssl_basic.c:153:13:153:22 | HashOperation | openssl_basic.c:153:46:153:51 | Digest | openssl_basic.c:153:67:153:73 | HashAlgorithm | openssl_basic.c:153:24:153:30 | Message |

cpp/ql/test/library-tests/comments/binding/commentBinding.expected

@@ -9,3 +9,6 @@
 | multi.c:5:27:5:36 | // Multi 3 | declaration of multi3 |
 | templates.cpp:3:3:3:8 | // Foo | declaration of foo |
 | templates.cpp:7:3:7:8 | // Bar | definition of bar |
+| templates.cpp:16:3:16:20 | // using T::member | using member |
+| templates.cpp:19:3:19:28 | // using T::nested::member | using member |
+| templates.cpp:25:3:25:20 | // using T::member | using member |

cpp/ql/test/library-tests/comments/binding/templates.cpp

@@ -10,3 +10,18 @@ class Cl {
   }
 };
 
+
+template <typename T>
+class Derived : public T {
+  // using T::member
+  using T::member;
+
+  // using T::nested::member
+  using T::nested::member;
+};
+
+template <typename T>
+class Base {
+  // using T::member
+  using T::member;
+};