Merge pull request #67 from joernio/claudiu/qstyle

Tweak notation for queries

src/main/scala/io/joern/scanners/c/CopyLoops.scala

@@ -22,21 +22,22 @@ object CopyLoops extends QueryBundle {
         |""".stripMargin,
       score = 2,
       withStrRep({ cpg =>
-        cpg.assignment.target.isArrayAccess
-          .map { access =>
+        // format: off
+        cpg.assignment.target.isArrayAccess.
+          map { access =>
             (access.array, access.subscripts.code.toSet)
-          }
-          .filter {
+          }.
+          filter {
             case (buf, subscripts) =>
-              val incIdentifiers = buf.inAst.isControlStructure.astChildren
-                .filterNot(_.isBlock)
-                .assignments
-                .target
-                .code
-                .toSet
+              val incIdentifiers = buf.inAst.isControlStructure.astChildren.
+                filterNot(_.isBlock).
+                assignments.
+                target.
+                code.
+                toSet
               (incIdentifiers & subscripts).nonEmpty
-          }
-          .map(_._1)
+          }.map(_._1)
+        // format: on
       }),
     )
 

src/main/scala/io/joern/scanners/c/CredentialDrop.scala

@@ -25,10 +25,12 @@ object CredentialDrop extends QueryBundle {
         |""".stripMargin,
       score = 2,
       withStrRep({ cpg =>
-        cpg
-          .method("set(res|re|e|)uid")
-          .callIn
-          .whereNot(_.dominatedBy.isCall.name("set(res|re|e|)?gid"))
+        // format: off
+        cpg.
+          method("set(res|re|e|)uid").
+          callIn.
+          whereNot(_.dominatedBy.isCall.name("set(res|re|e|)?gid"))
+        // format: on
       }),
       tags = List(QueryTags.setxid)
     )
@@ -48,10 +50,12 @@ object CredentialDrop extends QueryBundle {
         |""".stripMargin,
       score = 2,
       withStrRep({ cpg =>
-        cpg
-          .method("set(res|re|e|)gid")
-          .callIn
-          .whereNot(_.dominatedBy.isCall.name("setgroups"))
+        // format: off
+        cpg.
+          method("set(res|re|e|)gid").
+          callIn.
+          whereNot(_.dominatedBy.isCall.name("setgroups"))
+        // format: on
       }),
       tags = List(QueryTags.setxid)
     )

src/main/scala/io/joern/scanners/c/DangerousFunctions.scala

@@ -23,7 +23,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 8,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("gets").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -42,14 +44,16 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
-        cpg
-          .method("printf")
-          .callIn
-          .whereNot(_.argument.order(1).isLiteral) ++
-          cpg
-            .method("(sprintf|vsprintf)")
-            .callIn
-            .whereNot(_.argument.order(2).isLiteral)
+        // format: off
+        cpg.
+          method("printf").
+          callIn.
+          whereNot(_.argument.order(1).isLiteral) ++
+          cpg.
+            method("(sprintf|vsprintf)").
+            callIn.
+            whereNot(_.argument.order(2).isLiteral)
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -67,7 +71,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("scanf").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -86,7 +92,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("(strcat|strncat)").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -107,7 +115,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("(strcpy|strncpy)").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -127,7 +137,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("strtok").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )
@@ -145,7 +157,9 @@ object DangerousFunctions extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         cpg.method("getwd").callIn
+        // format: on
       }),
       tags = List(QueryTags.badfn)
     )

src/main/scala/io/joern/scanners/c/HeapBasedOverflow.scala

@@ -27,25 +27,25 @@ object HeapBasedOverflow extends QueryBundle {
       description = "-",
       score = 4,
       withStrRep({ cpg =>
-        val src = cpg
-          .method(".*malloc$")
-          .callIn
-          .where(_.argument(1).arithmetics)
-          .l
+        // format: off
+        val src = cpg.
+          method(".*malloc$").
+          callIn.
+          where(_.argument(1).arithmetics).l
 
-        cpg
-          .method("memcpy")
-          .callIn
-          .l
-          .filter { memcpyCall =>
-            memcpyCall
-              .argument(1)
-              .reachableBy(src)
-              .where(
-                _.inAssignment.target.codeExact(memcpyCall.argument(1).code))
-              .whereNot(_.argument(1).codeExact(memcpyCall.argument(3).code))
-              .hasNext
+        cpg.
+          method("memcpy").
+          callIn.l.
+          filter { memcpyCall =>
+            memcpyCall.
+              argument(1).
+              reachableBy(src).
+              where(
+                _.inAssignment.target.codeExact(memcpyCall.argument(1).code)).
+              whereNot(_.argument(1).codeExact(memcpyCall.argument(3).code)).
+              hasNext
           }
+        // format: on
       }),
       tags = List(QueryTags.integers)
     )

src/main/scala/io/joern/scanners/c/IntegerTruncations.scala

@@ -29,12 +29,14 @@ object IntegerTruncations extends QueryBundle {
         |""".stripMargin,
       score = 2,
       withStrRep({ cpg =>
-        cpg
-          .method("strlen")
-          .callIn
-          .inAssignment
-          .target
-          .evalType("(g?)int")
+        // format: off
+        cpg.
+          method("strlen").
+          callIn.
+          inAssignment.
+          target.
+          evalType("(g?)int")
+        // format: on
       }),
       tags = List(QueryTags.integers)
     )

src/main/scala/io/joern/scanners/c/Metrics.scala

@@ -17,7 +17,9 @@ object Metrics extends QueryBundle {
         s"This query identifies functions with more than $n formal parameters",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal.filter(_.parameter.size > n)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )
@@ -32,7 +34,9 @@ object Metrics extends QueryBundle {
         s"This query identifies functions with a cyclomatic complexity higher than $n",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal.filter(_.controlStructure.size > n)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )
@@ -47,7 +51,9 @@ object Metrics extends QueryBundle {
         s"This query identifies functions that are more than $n lines long",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal.filter(_.numberOfLines > n)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )
@@ -61,7 +67,9 @@ object Metrics extends QueryBundle {
       description = "This query identifies functions with more than one return",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal.filter(_.ast.isReturn.l.size > 1)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )
@@ -75,11 +83,13 @@ object Metrics extends QueryBundle {
       description = s"This query identifies functions with more than $n loops",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal
           .filter(
             _.ast.isControlStructure
               .parserTypeName("(For|Do|While).*")
               .size > n)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )
@@ -94,7 +104,9 @@ object Metrics extends QueryBundle {
         s"This query identifies functions with a nesting level higher than $n",
       score = 1.0,
       withStrRep({ cpg =>
+        // format: off
         cpg.method.internal.filter(_.depth(_.isControlStructure) > n)
+        // format: on
       }),
       tags = List(QueryTags.metrics)
     )

src/main/scala/io/joern/scanners/c/NullTermination.scala

@@ -27,6 +27,7 @@ object NullTermination extends QueryBundle {
         |""".stripMargin,
       score = 4,
       withStrRep({ cpg =>
+        // format: off
         val allocations = cpg.method(".*malloc$").callIn.argument(1).l
         cpg
           .method("strncpy")
@@ -37,14 +38,14 @@ object NullTermination extends QueryBundle {
           .filter {
             case (method, dst, size) =>
               dst.reachableBy(allocations).codeExact(size.code).nonEmpty &&
-                method.assignments
-                  .where(_.target.isArrayAccess.code(s"${dst.code}.*\\[.*"))
-                  .source
-                  .isLiteral
-                  .code(".*0.*")
-                  .isEmpty
-          }
-          .map(_._2)
+                method.assignments.
+                  where(_.target.isArrayAccess.code(s"${dst.code}.*\\[.*")).
+                  source.
+                  isLiteral.
+                  code(".*0.*").
+                  isEmpty
+          }.map(_._2)
+        // format: on
       }),
       tags = List(QueryTags.strings)
     )

src/main/scala/io/joern/scanners/c/RetvalChecks.scala

@@ -21,24 +21,25 @@ object RetvalChecks extends QueryBundle {
       |""".stripMargin,
       score = 3.0,
       withStrRep({ cpg =>
+        // format: off
         implicit val noResolve: NoResolve.type = NoResolve
-        val callsNotDirectlyChecked = cpg
-          .method("(read|recv|malloc)")
-          .callIn
-          .filterNot { y =>
+        val callsNotDirectlyChecked = cpg.
+          method("(read|recv|malloc)").
+          callIn.
+          filterNot { y =>
             val code = y.code
             y.inAstMinusLeaf.isControlStructure.condition.code.exists { x =>
               x.contains(code)
             }
-          }
-          .l
+          }.l
 
         callsNotDirectlyChecked.filterNot { call =>
           val inConditions = call.method.controlStructure.condition.ast.l;
           val checkedVars = inConditions.isIdentifier.name.toSet ++ inConditions.isCall.code.toSet;
           val targets = call.inAssignment.target.code.toSet
           (targets & checkedVars).nonEmpty
         }
+        // format: on
       }),
     )
 

src/main/scala/io/joern/scanners/c/SignedLeftShift.scala

@@ -21,10 +21,13 @@ object SignedLeftShift extends QueryBundle {
         |""".stripMargin,
       score = 2,
       withStrRep({ cpg =>
-        cpg.call
-          .nameExact(Operators.shiftLeft, Operators.assignmentShiftLeft)
-          .where(_.argument(1).typ.fullNameExact("int", "long"))
-          .filterNot(_.argument.isLiteral.size == 2) // assume such constant values produces a correct result
+        // format: off
+        cpg.
+          call.
+          nameExact(Operators.shiftLeft, Operators.assignmentShiftLeft).
+          where(_.argument(1).typ.fullNameExact("int", "long")).
+          filterNot(_.argument.isLiteral.size == 2) // assume such constant values produces a correct result
+        // format: on
       }),
     )