use NegativeEndpointType class; replace link to slack discussion

Stephan Brandauer · Stephan Brandauer · commit f7f6f104d079 · 2023-05-02T13:15:30.000+02:00
diff --git a/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll b/java/ql/src/Telemetry/AutomodelEndpointCharacteristics.qll
@@ -21,9 +21,7 @@ module CandidatesImpl implements SharedCharacteristics::CandidateSig {
 
   class EndpointType = AutomodelEndpointTypes::EndpointType;
 
-  predicate isNegative(AutomodelEndpointTypes::EndpointType t) {
-    t instanceof AutomodelEndpointTypes::NegativeSinkType
-  }
+  class NegativeEndpointType = AutomodelEndpointTypes::NegativeSinkType;
 
   // Sanitizers are currently not modeled in MaD. TODO: check if this has large negative impact.
   predicate isSanitizer(Endpoint e, EndpointType t) { none() }
@@ -95,7 +93,13 @@ module CandidatesImpl implements SharedCharacteristics::CandidateSig {
       hasMetadata(e, package, type, name, signature, input, isFinal, isStatic, isPublic,
         calleeJavaDoc) and
       (if isFinal = true or isStatic = true then subtypes = false else subtypes = true) and
-      ext = "" and // see https://github.slack.com/archives/CP9127VUK/p1673979477496069
+      ext = "" and
+      /*
+       *       "ext" will always be empty for automodeling; it's a mechanism for
+       *       specifying that the model should apply for parameters that have
+       *        a certain annotation.
+       */
+
       provenance = "ai-generated" and
       metadata =
         "{" //
diff --git a/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll b/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll
@@ -16,6 +16,11 @@ signature module CandidateSig {
 
   class EndpointType;
 
+  /**
+   * An EndpointType that denotes the absence of any sink.
+   */
+  class NegativeEndpointType extends EndpointType;
+
   /** Gets the string representing the file+range of the endpoint. */
   string getLocationString(Endpoint e);
 
@@ -24,12 +29,6 @@ signature module CandidateSig {
    */
   predicate isKnownLabel(string label, string humanReadableLabel, EndpointType type);
 
-  /**
-   * EndpointType must have a 'negative' type that denotes the absence of any sink.
-   * This predicate should hold for that type, and that type only.
-   */
-  predicate isNegative(EndpointType t);
-
   /**
    * Should hold for any endpoint that is a flow sanitizer.
    */
@@ -68,8 +67,6 @@ signature module CandidateSig {
  *   implementations of endpoint characteristics exported by this module.
  */
 module SharedCharacteristics<CandidateSig Candidate> {
-  predicate isNegative(Candidate::EndpointType e) { Candidate::isNegative(e) }
-
   predicate isSink(Candidate::Endpoint e, string label) { Candidate::isSink(e, label) }
 
   predicate isNeutral(Candidate::Endpoint e) { Candidate::isNeutral(e) }
@@ -80,7 +77,7 @@ module SharedCharacteristics<CandidateSig Candidate> {
   predicate isKnownSink(Candidate::Endpoint sink, Candidate::EndpointType endpointType) {
     // If the list of characteristics includes positive indicators with maximal confidence for this class, then it's a
     // known sink for the class.
-    not isNegative(endpointType) and
+    not endpointType instanceof Candidate::NegativeEndpointType and
     exists(EndpointCharacteristic characteristic |
       characteristic.appliesToEndpoint(sink) and
       characteristic.hasImplications(endpointType, true, maximalConfidence())
@@ -93,7 +90,7 @@ module SharedCharacteristics<CandidateSig Candidate> {
    * characteristics.
    */
   predicate isSinkCandidate(Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType) {
-    not isNegative(sinkType) and
+    not sinkType instanceof Candidate::NegativeEndpointType and
     not exists(getAReasonSinkExcluded(candidateSink, sinkType))
   }
 
@@ -109,13 +106,13 @@ module SharedCharacteristics<CandidateSig Candidate> {
     Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType
   ) {
     // An endpoint is a sink candidate if none of its characteristics give much indication whether or not it is a sink.
-    not isNegative(sinkType) and
+    not sinkType instanceof Candidate::NegativeEndpointType and
     result.appliesToEndpoint(candidateSink) and
     // Exclude endpoints that have a characteristic that implies they're not sinks for _any_ sink type.
     (
       exists(float confidence |
         confidence >= mediumConfidence() and
-        result.hasImplications(any(Candidate::EndpointType t | isNegative(t)), true, confidence)
+        result.hasImplications(any(Candidate::NegativeEndpointType t), true, confidence)
       )
       or
       // Exclude endpoints that have a characteristic that implies they're not sinks for _this particular_ sink type.
@@ -195,7 +192,7 @@ module SharedCharacteristics<CandidateSig Candidate> {
     override predicate hasImplications(
       Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence
     ) {
-      Candidate::isNegative(endpointType) and
+      endpointType instanceof Candidate::NegativeEndpointType and
       isPositiveIndicator = true and
       confidence = highConfidence()
     }
@@ -214,7 +211,7 @@ module SharedCharacteristics<CandidateSig Candidate> {
     override predicate hasImplications(
       Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence
     ) {
-      Candidate::isNegative(endpointType) and
+      endpointType instanceof Candidate::NegativeEndpointType and
       isPositiveIndicator = true and
       confidence = mediumConfidence()
     }
@@ -235,7 +232,7 @@ module SharedCharacteristics<CandidateSig Candidate> {
     override predicate hasImplications(
       Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence
     ) {
-      Candidate::isNegative(endpointType) and
+      endpointType instanceof Candidate::NegativeEndpointType and
       isPositiveIndicator = true and
       confidence = mediumConfidence()
     }
