Playing around with an EOG passed concept pass based on tasks

Author: oxisto

cpg-concepts/src/integrationTest/kotlin/de/fraunhofer/aisec/cpg/concepts/ConfigurationPassTest.kt

@@ -39,9 +39,11 @@ import de.fraunhofer.aisec.cpg.graph.concepts.config.ReadConfigurationOption
 import de.fraunhofer.aisec.cpg.graph.concepts.config.RegisterConfigurationGroup
 import de.fraunhofer.aisec.cpg.graph.concepts.config.RegisterConfigurationOption
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.SubscriptExpression
-import de.fraunhofer.aisec.cpg.passes.concepts.config.ProvideConfigPass
-import de.fraunhofer.aisec.cpg.passes.concepts.config.ini.IniFileConfigurationSourcePass
-import de.fraunhofer.aisec.cpg.passes.concepts.config.python.PythonStdLibConfigurationPass
+import de.fraunhofer.aisec.cpg.passes.PassConfiguration
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
+import de.fraunhofer.aisec.cpg.passes.concepts.config.ProvideConfigTask
+import de.fraunhofer.aisec.cpg.passes.concepts.config.ini.IniFileConfigurationSourceTask
+import de.fraunhofer.aisec.cpg.passes.concepts.config.python.PythonStdLibConfigurationTask
 import de.fraunhofer.aisec.cpg.test.analyze
 import java.io.File
 import kotlin.test.Test
@@ -57,9 +59,13 @@ class ConfigurationPassTest {
             analyze(listOf(), topLevel.toPath(), true) {
                 it.registerLanguage<PythonLanguage>()
                 it.registerLanguage<IniFileLanguage>()
-                it.registerPass<IniFileConfigurationSourcePass>()
-                it.registerPass<PythonStdLibConfigurationPass>()
-                it.registerPass<ProvideConfigPass>()
+                it.registerPass<ConceptPass>()
+                it.configurePass<ConceptPass>(
+                    PassConfiguration()
+                        .registerTask<IniFileConfigurationSourceTask>()
+                        .registerTask<PythonStdLibConfigurationTask>()
+                        .registerTask<ProvideConfigTask>()
+                )
                 it.softwareComponents(
                     mutableMapOf(
                         "conf" to listOf(topLevel.resolve("conf")),

cpg-concepts/src/integrationTest/kotlin/de/fraunhofer/aisec/cpg/concepts/DynamicLoadingTest.kt

@@ -33,7 +33,11 @@ import de.fraunhofer.aisec.cpg.graph.concepts.memory.LoadLibrary
 import de.fraunhofer.aisec.cpg.graph.concepts.memory.LoadSymbol
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
-import de.fraunhofer.aisec.cpg.passes.concepts.memory.cxx.CXXDynamicLoadingPass
+import de.fraunhofer.aisec.cpg.passes.ImportResolver
+import de.fraunhofer.aisec.cpg.passes.PassConfiguration
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
+import de.fraunhofer.aisec.cpg.passes.concepts.memory.cxx.CXXDynamicLoadingImportTask
+import de.fraunhofer.aisec.cpg.passes.concepts.memory.cxx.CXXDynamicLoadingTask
 import de.fraunhofer.aisec.cpg.test.analyze
 import de.fraunhofer.aisec.cpg.test.assertInvokes
 import java.io.File
@@ -50,7 +54,13 @@ class DynamicLoadingTest {
         val result =
             analyze(listOf(), topLevel.toPath(), true) {
                 it.registerLanguage<CLanguage>()
-                it.registerPass<CXXDynamicLoadingPass>()
+                it.registerPass<ConceptPass>()
+                it.configurePass<ConceptPass>(
+                    PassConfiguration().registerTask<CXXDynamicLoadingTask>()
+                )
+                it.configurePass<ImportResolver>(
+                    PassConfiguration().registerTask<CXXDynamicLoadingImportTask>()
+                )
                 it.softwareComponents(
                     mutableMapOf(
                         "main" to listOf(topLevel.resolve("main")),
@@ -120,7 +130,13 @@ class DynamicLoadingTest {
         val result =
             analyze(listOf(), topLevel.toPath(), true) {
                 it.registerLanguage<CLanguage>()
-                it.registerPass<CXXDynamicLoadingPass>()
+                it.registerPass<ConceptPass>()
+                it.configurePass<ConceptPass>(
+                    PassConfiguration().registerTask<CXXDynamicLoadingTask>()
+                )
+                it.configurePass<ImportResolver>(
+                    PassConfiguration().registerTask<CXXDynamicLoadingImportTask>()
+                )
                 it.softwareComponents(
                     mutableMapOf(
                         "winmain" to listOf(topLevel.resolve("winmain")),
@@ -146,6 +162,7 @@ class DynamicLoadingTest {
             loadLibrary.what,
             "\"what\" of the LoadLibrary should be the winexample component",
         )
+        assertEquals(1, loadLibrary.entryPoints.size)
         assertEquals(
             dllMain,
             loadLibrary.entryPoints.singleOrNull()?.underlyingNode,

cpg-concepts/src/integrationTest/kotlin/de/fraunhofer/aisec/cpg/concepts/EntryPointTest.kt

@@ -31,7 +31,9 @@ import de.fraunhofer.aisec.cpg.graph.concepts.arch.POSIX
 import de.fraunhofer.aisec.cpg.graph.concepts.arch.Win32
 import de.fraunhofer.aisec.cpg.graph.concepts.flows.Main
 import de.fraunhofer.aisec.cpg.graph.get
-import de.fraunhofer.aisec.cpg.passes.concepts.flows.cxx.CXXEntryPointsPass
+import de.fraunhofer.aisec.cpg.passes.PassConfiguration
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
+import de.fraunhofer.aisec.cpg.passes.concepts.flows.cxx.CXXEntryPointTask
 import de.fraunhofer.aisec.cpg.test.analyze
 import java.io.File
 import kotlin.test.assertIs
@@ -45,7 +47,8 @@ class EntryPointTest {
         val result =
             analyze(listOf(), topLevel.toPath(), true) {
                 it.registerLanguage<CLanguage>()
-                it.registerPass<CXXEntryPointsPass>()
+                it.registerPass<ConceptPass>()
+                it.configurePass<ConceptPass>(PassConfiguration().registerTask<CXXEntryPointTask>())
                 it.softwareComponents(
                     mutableMapOf(
                         "main" to listOf(topLevel.resolve("main")),

cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/ConceptPass.kt

@@ -26,63 +26,86 @@
 package de.fraunhofer.aisec.cpg.passes.concepts
 
 import de.fraunhofer.aisec.cpg.TranslationContext
+import de.fraunhofer.aisec.cpg.graph.Component
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.allEOGStarters
-import de.fraunhofer.aisec.cpg.graph.component
 import de.fraunhofer.aisec.cpg.graph.conceptNodes
 import de.fraunhofer.aisec.cpg.graph.concepts.Concept
 import de.fraunhofer.aisec.cpg.graph.concepts.Operation
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.TranslationUnitPass
+import de.fraunhofer.aisec.cpg.passes.ComponentPass
+import de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass
+import de.fraunhofer.aisec.cpg.passes.DynamicInvokeResolver
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
+import de.fraunhofer.aisec.cpg.passes.Task
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 
+typealias ConceptTask = Task<Component, ConceptPass>
+
 /**
- * An abstract pass that is used to identify and create [Concept] and [Operation] nodes in the
- * graph.
+ * A pass that is used to identify and create [Concept] and [Operation] nodes in the graph. The idea
+ * is that developers that add concepts do not need to implement a full pass, but can just implement
+ * a small [Task] that handles the nodes relevant for the concept.
  */
-abstract class ConceptPass(ctx: TranslationContext) : TranslationUnitPass(ctx) {
+@DependsOn(SymbolResolver::class)
+@DependsOn(ControlFlowSensitiveDFGPass::class)
+@ExecuteBefore(DynamicInvokeResolver::class)
+class ConceptPass(ctx: TranslationContext) : ComponentPass(ctx) {
 
     lateinit var walker: SubgraphWalker.ScopedWalker
 
-    override fun accept(tu: TranslationUnitDeclaration) {
-        ctx.currentComponent = tu.component
+    override fun accept(c: Component) {
+        ctx.currentComponent = c
         walker = SubgraphWalker.ScopedWalker(ctx.scopeManager)
         walker.strategy = Strategy::EOG_FORWARD
-        walker.registerHandler { node -> handleNode(node, tu) }
+        walker.registerHandler { node -> handleNode(node) }
+
+        // Process nodes in our translation units in the order depending on their import
+        // dependencies
+        for (tu in (Strategy::TRANSLATION_UNITS_LEAST_IMPORTS)(c)) {
+            log.debug("Processing concepts of translation unit {}", tu.name)
 
-        // Gather all resolution EOG starters; and make sure they really do not have a
-        // predecessor, otherwise we might analyze a node multiple times
-        val nodes = tu.allEOGStarters.filter { it.prevEOGEdges.isEmpty() }
+            // Gather all resolution EOG starters; and make sure they really do not have a
+            // predecessor, otherwise we might analyze a node multiple times
+            val nodes = tu.allEOGStarters.filter { it.prevEOGEdges.isEmpty() }
 
-        for (node in nodes) {
-            walker.iterate(node)
+            for (node in nodes) {
+                walker.iterate(node)
+            }
         }
     }
 
     /**
-     * This function is called for each node in the graph. It needs to be overridden by subclasses
-     * to handle the specific node.
-     */
-    abstract fun handleNode(node: Node, tu: TranslationUnitDeclaration)
-
-    /**
-     * Gets concept of type [T] for this [TranslationUnitDeclaration] or creates a new one if it
-     * does not exist.
+     * This function is called for each node in the graph. It will invoke all plugins that are
+     * registered in the pass configuration.
      */
-    internal inline fun <reified T : Concept> TranslationUnitDeclaration.getConceptOrCreate(
-        noinline init: ((T) -> Unit)? = null
-    ): T {
-        var concept = this.conceptNodes.filterIsInstance<T>().singleOrNull()
-        if (concept == null) {
-            concept = T::class.constructors.first().call(this)
-            init?.invoke(concept)
+    fun handleNode(node: Node) {
+        // Execute tasks
+        for (task in tasks) {
+            task.handleNode(node)
         }
-
-        return concept
     }
 
     override fun cleanup() {
         // Nothing to do
     }
 }
+
+/**
+ * Gets concept of type [T] for this [TranslationUnitDeclaration] or creates a new one if it does
+ * not exist.
+ */
+inline fun <reified T : Concept> TranslationUnitDeclaration.getConceptOrCreate(
+    noinline init: ((T) -> Unit)? = null
+): T {
+    var concept = this.conceptNodes.filterIsInstance<T>().singleOrNull()
+    if (concept == null) {
+        concept = T::class.constructors.first().call(this)
+        init?.invoke(concept)
+    }
+
+    return concept
+}

cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/ProvideConfigPass.kt cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/ProvideConfigTask.kt

@@ -26,6 +26,7 @@
 package de.fraunhofer.aisec.cpg.passes.concepts.config
 
 import de.fraunhofer.aisec.cpg.TranslationContext
+import de.fraunhofer.aisec.cpg.graph.Component
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.conceptNodes
 import de.fraunhofer.aisec.cpg.graph.concepts.config.Configuration
@@ -43,37 +44,44 @@ import de.fraunhofer.aisec.cpg.graph.operationNodes
 import de.fraunhofer.aisec.cpg.graph.translationResult
 import de.fraunhofer.aisec.cpg.helpers.Util
 import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptTask
 import de.fraunhofer.aisec.cpg.passes.concepts.config.python.stringValues
 
 /**
  * This is a generic pass that is responsible for creating [ProvideConfiguration] nodes based on the
  * configuration sources found in the graph. It connects a [ConfigurationSource] with a matching
  * [Configuration].
  */
-class ProvideConfigPass(ctx: TranslationContext) : ConceptPass(ctx) {
-    override fun handleNode(node: Node, tu: TranslationUnitDeclaration) {
+class ProvideConfigTask(target: Component, pass: ConceptPass, ctx: TranslationContext) :
+    ConceptTask(target, pass, ctx) {
+    override fun handleNode(node: Node) {
         when (node) {
             is TranslationUnitDeclaration -> handleTranslationUnit(node)
         }
     }
 
     private fun handleTranslationUnit(
         tu: TranslationUnitDeclaration
-    ): List<ConfigurationOperation> {
-        // Loop through all configuration sources
-        return tu.conceptNodes.filterIsInstance<ConfigurationSource>().flatMap { source ->
-            // Find all LoadConfigurationFile operations that match the INI file name
-            val loadConfigOps =
-                tu.translationResult
-                    ?.operationNodes
-                    ?.filterIsInstance<LoadConfiguration>()
-                    ?.filter {
-                        it.fileExpression.stringValues?.contains(source.name.toString()) == true
-                    }
-
-            // And create a ProvideConfiguration node for each of them
-            loadConfigOps?.flatMap { handleConfiguration(source, it.conf, tu, it) } ?: listOf()
-        }
+    ): List<ConfigurationOperation>? {
+        return tu.translationResult
+            ?.operationNodes
+            ?.filterIsInstance<LoadConfiguration>()
+            ?.flatMap { loadConfig ->
+                // Loop through all configuration sources
+                val sources =
+                    tu.translationResult
+                        ?.conceptNodes
+                        ?.filterIsInstance<ConfigurationSource>()
+                        ?.filter { source ->
+                            loadConfig.fileExpression.stringValues?.contains(
+                                source.name.toString()
+                            ) == true
+                        }
+
+                // And create a ProvideConfiguration node for each source
+                sources?.flatMap { handleConfiguration(it, loadConfig.conf, tu, loadConfig) }
+                    ?: listOf()
+            }
     }
 
     private fun handleConfiguration(

cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/ini/IniFileConfigurationSourcePass.kt cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/ini/IniFileConfigurationSourceTask.kt

@@ -26,27 +26,32 @@
 package de.fraunhofer.aisec.cpg.passes.concepts.config.ini
 
 import de.fraunhofer.aisec.cpg.TranslationContext
+import de.fraunhofer.aisec.cpg.graph.Component
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.conceptNodes
-import de.fraunhofer.aisec.cpg.graph.concepts.config.*
+import de.fraunhofer.aisec.cpg.graph.concepts.config.ConfigurationGroupSource
+import de.fraunhofer.aisec.cpg.graph.concepts.config.ConfigurationOptionSource
+import de.fraunhofer.aisec.cpg.graph.concepts.config.ConfigurationSource
 import de.fraunhofer.aisec.cpg.graph.declarations.FieldDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
+import de.fraunhofer.aisec.cpg.graph.translationUnit
 import de.fraunhofer.aisec.cpg.helpers.Util.warnWithFileLocation
-import de.fraunhofer.aisec.cpg.passes.ImportResolver
 import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
-import de.fraunhofer.aisec.cpg.passes.concepts.config.ProvideConfigPass
-import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptTask
+import de.fraunhofer.aisec.cpg.passes.concepts.config.ProvideConfigTask
 import de.fraunhofer.aisec.cpg.passes.configuration.ExecuteBefore
-import kotlin.collections.singleOrNull
 
 /**
  * This pass is responsible for creating [ConfigurationSource] nodes based on the INI file frontend.
  */
-@DependsOn(ImportResolver::class)
-@ExecuteBefore(ProvideConfigPass::class)
-class IniFileConfigurationSourcePass(ctx: TranslationContext) : ConceptPass(ctx) {
-    override fun handleNode(node: Node, tu: TranslationUnitDeclaration) {
+@ExecuteBefore(ProvideConfigTask::class)
+class IniFileConfigurationSourceTask(
+    target: Component,
+    pass: ConceptPass,
+    ctx: TranslationContext,
+) : ConceptTask(target, pass, ctx) {
+    override fun handleNode(node: Node) {
         // Since we cannot directly depend on the ini frontend, we have to check the language here
         // based on the node's language.
         if (node.language.name.localName != "IniFileLanguage") {
@@ -55,7 +60,7 @@ class IniFileConfigurationSourcePass(ctx: TranslationContext) : ConceptPass(ctx)
 
         when (node) {
             is TranslationUnitDeclaration -> handleTranslationUnit(node)
-            is RecordDeclaration -> handleRecordDeclaration(node, tu)
+            is RecordDeclaration -> handleRecordDeclaration(node, node.translationUnit!!)
             is FieldDeclaration -> handleFieldDeclaration(node)
         }
     }

cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/python/PythonStdLibConfigurationPass.kt cpg-concepts/src/main/kotlin/de/fraunhofer/aisec/cpg/passes/concepts/config/python/PythonStdLibConfigurationTask.kt

@@ -27,36 +27,23 @@ package de.fraunhofer.aisec.cpg.passes.concepts.config.python
 
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.analysis.MultiValueEvaluator
-import de.fraunhofer.aisec.cpg.graph.Backward
-import de.fraunhofer.aisec.cpg.graph.GraphToFollow
-import de.fraunhofer.aisec.cpg.graph.Name
-import de.fraunhofer.aisec.cpg.graph.Node
+import de.fraunhofer.aisec.cpg.graph.*
 import de.fraunhofer.aisec.cpg.graph.concepts.config.*
-import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.graph.evaluate
-import de.fraunhofer.aisec.cpg.graph.followDFGEdgesUntilHit
-import de.fraunhofer.aisec.cpg.graph.followPrevDFG
-import de.fraunhofer.aisec.cpg.graph.fqn
-import de.fraunhofer.aisec.cpg.graph.implicit
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.ConstructExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.SubscriptExpression
 import de.fraunhofer.aisec.cpg.helpers.Util.warnWithFileLocation
-import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.concepts.ConceptPass
-import de.fraunhofer.aisec.cpg.passes.concepts.config.ProvideConfigPass
-import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
-import de.fraunhofer.aisec.cpg.passes.configuration.ExecuteBefore
+import de.fraunhofer.aisec.cpg.passes.concepts.ConceptTask
 
 /**
  * This pass is responsible for creating [ConfigurationOperation] nodes based on the
  * [`configparser`](https://docs.python.org/3/library/configparser.html) module of the Python
  * standard library.
  */
-@DependsOn(SymbolResolver::class)
-@ExecuteBefore(ProvideConfigPass::class)
-class PythonStdLibConfigurationPass(ctx: TranslationContext) : ConceptPass(ctx) {
-    override fun handleNode(node: Node, tu: TranslationUnitDeclaration) {
+class PythonStdLibConfigurationTask(target: Component, pass: ConceptPass, ctx: TranslationContext) :
+    ConceptTask(target, pass, ctx) {
+    override fun handleNode(node: Node) {
         when (node) {
             is ConstructExpression -> handleConstructExpression(node)
             is MemberCallExpression -> handleMemberCallExpression(node)