Java: Improve the Api sources implementation.

Author: michaelnebel

java/ql/lib/semmle/code/java/dataflow/ApiSources.qll

@@ -2,68 +2,33 @@
 
 private import semmle.code.java.dataflow.DataFlow
 private import semmle.code.java.dataflow.ExternalFlow
+private import semmle.code.java.dataflow.FlowSources as FlowSources
 
-/**
- * A data flow source node.
- */
-abstract class SourceNode extends DataFlow::Node { }
+class SourceNode = FlowSources::ApiSourceNode;
 
 /**
  * Module that adds all API like sources to `SourceNode`, excluding some sources for cryptography based
  * queries, and queries where sources are not succifiently defined (eg. using broad method name matching).
  */
-private module ApiSources {
-  private import FlowSources as FlowSources
-  private import semmle.code.java.security.ArbitraryApkInstallation as ArbitraryApkInstallation
-  private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery as CleartextStorageAndroidDatabaseQuery
-  private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery as CleartextStorageAndroidFilesystemQuery
-  private import semmle.code.java.security.CleartextStorageCookieQuery as CleartextStorageCookieQuery
-  private import semmle.code.java.security.CleartextStorageSharedPrefsQuery as CleartextStorageSharedPrefsQuery
-  private import semmle.code.java.security.ImplicitPendingIntentsQuery as ImplicitPendingIntentsQuery
-  private import semmle.code.java.security.ImproperIntentVerificationQuery as ImproperIntentVerificationQuery
-  private import semmle.code.java.security.InsecureTrustManager as InsecureTrustManager
-  private import semmle.code.java.security.JWT as Jwt
-  private import semmle.code.java.security.StackTraceExposureQuery as StackTraceExposureQuery
-  private import semmle.code.java.security.ZipSlipQuery as ZipSlipQuery
-
-  private class FlowSourcesSourceNode extends SourceNode instanceof FlowSources::SourceNode { }
-
-  private class ArbitraryApkInstallationSources extends SourceNode instanceof ArbitraryApkInstallation::ExternalApkSource
-  { }
-
-  private class CleartextStorageAndroidDatabaseQuerySources extends SourceNode instanceof CleartextStorageAndroidDatabaseQuery::LocalDatabaseOpenMethodCallSource
-  { }
-
-  private class CleartextStorageAndroidFilesystemQuerySources extends SourceNode instanceof CleartextStorageAndroidFilesystemQuery::LocalFileOpenCallSource
-  { }
-
-  private class CleartextStorageCookieQuerySources extends SourceNode instanceof CleartextStorageCookieQuery::CookieSource
-  { }
-
-  private class CleartextStorageSharedPrefsQuerySources extends SourceNode instanceof CleartextStorageSharedPrefsQuery::SharedPreferencesEditorMethodCallSource
-  { }
-
-  private class ImplicitPendingIntentsQuerySources extends SourceNode instanceof ImplicitPendingIntentsQuery::ImplicitPendingIntentSource
-  { }
-
-  private class ImproperIntentVerificationQuerySources extends SourceNode instanceof ImproperIntentVerificationQuery::VerifiedIntentConfigSource
-  { }
-
-  private class InsecureTrustManagerSources extends SourceNode instanceof InsecureTrustManager::InsecureTrustManagerSource
-  { }
-
-  private class JwtSources extends SourceNode instanceof Jwt::JwtParserWithInsecureParseSource { }
-
-  private class StackTraceExposureQuerySources extends SourceNode instanceof StackTraceExposureQuery::GetMessageFlowSource
-  { }
-
-  private class ZipSlipQuerySources extends SourceNode instanceof ZipSlipQuery::ArchiveEntryNameMethodSource
-  { }
+private module AllApiSources {
+  private import semmle.code.java.security.ArbitraryApkInstallation
+  private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery
+  private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery
+  private import semmle.code.java.security.CleartextStorageCookieQuery
+  private import semmle.code.java.security.CleartextStorageSharedPrefsQuery
+  private import semmle.code.java.security.ImplicitPendingIntentsQuery
+  private import semmle.code.java.security.ImproperIntentVerificationQuery
+  private import semmle.code.java.security.InsecureTrustManager
+  private import semmle.code.java.security.JWT
+  private import semmle.code.java.security.StackTraceExposureQuery
+  private import semmle.code.java.security.ZipSlipQuery
+
+  private class AddSourceNode extends SourceNode instanceof FlowSources::SourceNode { }
 
   /**
    * Add all models as data sources.
    */
-  private class SourceNodeExternal extends SourceNode {
-    SourceNodeExternal() { sourceNode(this, _) }
+  private class ApiSourceNodeExternal extends SourceNode {
+    ApiSourceNodeExternal() { sourceNode(this, _) }
   }
 }

java/ql/lib/semmle/code/java/dataflow/FlowSources.qll

@@ -387,3 +387,9 @@ class AndroidJavascriptInterfaceMethodParameter extends RemoteFlowSource {
     result = "Parameter of method with JavascriptInterface annotation"
   }
 }
+
+/**
+ * A data flow source node for an API, which should be considered
+ * supported for a modelling perspective.
+ */
+abstract class ApiSourceNode extends DataFlow::Node { }

java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll

@@ -69,7 +69,7 @@ class UriConstructorMethod extends Method {
  * A dataflow source representing the URIs which an APK not controlled by the
  * application may come from. Including external storage and web URLs.
  */
-class ExternalApkSource extends DataFlow::Node {
+class ExternalApkSource extends ApiSourceNode {
   ExternalApkSource() {
     sourceNode(this, "android-external-storage-dir") or
     this.asExpr().(MethodCall).getMethod() instanceof UriConstructorMethod or

java/ql/lib/semmle/code/java/security/CleartextStorageAndroidDatabaseQuery.qll

@@ -6,6 +6,7 @@ import semmle.code.java.frameworks.android.ContentProviders
 import semmle.code.java.frameworks.android.Intent
 import semmle.code.java.frameworks.android.SQLite
 import semmle.code.java.security.CleartextStorageQuery
+private import semmle.code.java.dataflow.FlowSources
 
 private class LocalDatabaseCleartextStorageSink extends CleartextStorageSink {
   LocalDatabaseCleartextStorageSink() { localDatabaseInput(_, this.asExpr()) }
@@ -99,7 +100,7 @@ private predicate localDatabaseStore(DataFlow::Node database, MethodCall store)
 /**
  * A class of local database open method call source nodes.
  */
-class LocalDatabaseOpenMethodCallSource extends DataFlow::Node {
+class LocalDatabaseOpenMethodCallSource extends ApiSourceNode {
   LocalDatabaseOpenMethodCallSource() { this.asExpr() instanceof LocalDatabaseOpenMethodCall }
 }
 

java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll

@@ -6,6 +6,7 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 private import semmle.code.java.dataflow.ExternalFlow
+private import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.CleartextStorageQuery
 import semmle.code.xml.AndroidManifest
 
@@ -82,7 +83,7 @@ private class CloseFileMethod extends Method {
 /**
  * A class of local file open call source nodes.
  */
-class LocalFileOpenCallSource extends DataFlow::Node {
+class LocalFileOpenCallSource extends ApiSourceNode {
   LocalFileOpenCallSource() { this.asExpr() instanceof LocalFileOpenCall }
 }
 

java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll

@@ -4,6 +4,7 @@ import java
 import semmle.code.java.dataflow.DataFlow
 deprecated import semmle.code.java.dataflow.DataFlow3
 import semmle.code.java.security.CleartextStorageQuery
+private import semmle.code.java.dataflow.FlowSources
 
 private class CookieCleartextStorageSink extends CleartextStorageSink {
   CookieCleartextStorageSink() { this.asExpr() = cookieInput(_) }
@@ -40,7 +41,7 @@ private predicate cookieStore(DataFlow::Node cookie, Expr store) {
 /**
  * A class of cookie source nodes.
  */
-class CookieSource extends DataFlow::Node {
+class CookieSource extends ApiSourceNode {
   CookieSource() { this.asExpr() instanceof Cookie }
 }
 

java/ql/lib/semmle/code/java/security/CleartextStorageSharedPrefsQuery.qll

@@ -4,6 +4,7 @@ import java
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.frameworks.android.SharedPreferences
 import semmle.code.java.security.CleartextStorageQuery
+private import semmle.code.java.dataflow.FlowSources
 
 private class SharedPrefsCleartextStorageSink extends CleartextStorageSink {
   SharedPrefsCleartextStorageSink() {
@@ -70,7 +71,7 @@ private predicate sharedPreferencesStore(DataFlow::Node editor, MethodCall m) {
 /**
  * A shared preferences editor method call source nodes.
  */
-class SharedPreferencesEditorMethodCallSource extends DataFlow::Node {
+class SharedPreferencesEditorMethodCallSource extends ApiSourceNode {
   SharedPreferencesEditorMethodCallSource() {
     this.asExpr() instanceof SharedPreferencesEditorMethodCall
   }

java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll

@@ -2,6 +2,7 @@
 
 import java
 private import semmle.code.java.dataflow.ExternalFlow
+private import semmle.code.java.dataflow.FlowSources
 private import semmle.code.java.dataflow.TaintTracking
 private import semmle.code.java.frameworks.android.Intent
 private import semmle.code.java.frameworks.android.PendingIntent
@@ -27,7 +28,7 @@ class NoState extends PendingIntentState, TNoState {
 }
 
 /** A source for an implicit `PendingIntent` flow. */
-abstract class ImplicitPendingIntentSource extends DataFlow::Node {
+abstract class ImplicitPendingIntentSource extends ApiSourceNode {
   /**
    * DEPRECATED: Open-ended flow state is not intended to be part of the extension points.
    *

java/ql/lib/semmle/code/java/security/ImproperIntentVerificationQuery.qll

@@ -4,6 +4,7 @@ import java
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.xml.AndroidManifest
 import semmle.code.java.frameworks.android.Intent
+private import semmle.code.java.dataflow.FlowSources
 
 /** An `onReceive` method of a `BroadcastReceiver` */
 private class OnReceiveMethod extends Method {
@@ -16,7 +17,7 @@ private class OnReceiveMethod extends Method {
 /**
  * A class of verified intent source nodes.
  */
-class VerifiedIntentConfigSource extends DataFlow::Node {
+class VerifiedIntentConfigSource extends ApiSourceNode {
   VerifiedIntentConfigSource() {
     this.asParameter() = any(OnReceiveMethod orm).getIntentParameter()
   }

java/ql/lib/semmle/code/java/security/InsecureTrustManager.qll

@@ -1,12 +1,13 @@
 /** Provides classes and predicates to reason about insecure `TrustManager`s. */
 
 import java
+private import semmle.code.java.dataflow.FlowSources
 private import semmle.code.java.controlflow.Guards
 private import semmle.code.java.security.Encryption
 private import semmle.code.java.security.SecurityFlag
 
 /** The creation of an insecure `TrustManager`. */
-abstract class InsecureTrustManagerSource extends DataFlow::Node { }
+abstract class InsecureTrustManagerSource extends ApiSourceNode { }
 
 private class DefaultInsecureTrustManagerSource extends InsecureTrustManagerSource {
   DefaultInsecureTrustManagerSource() {