-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathStmts.qll
More file actions
300 lines (269 loc) · 9.43 KB
/
Stmts.qll
File metadata and controls
300 lines (269 loc) · 9.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
/**
* Statement nodes in the AST.
*/
private import AstNodes
private import Idents
private import Expr
private import Calls
private import Misc
private import Types
private import internal.AstNodes
private import internal.TreeSitter
private import internal.Stmts
private import internal.AssertStatement
private import internal.ForStatement
private import internal.IfStatement
private import internal.ImportStatement
private import internal.ImportWithStatement
private import internal.Infrastructure
private import internal.UsingStatement
private import internal.Parameter
private import internal.Parameters
private import internal.ParameterDeclaration
private import internal.OutputDeclaration
// CFG
private import codeql.bicep.CFG
private import codeql.bicep.controlflow.internal.ControlFlowGraphImpl as CfgImpl
/**
* The base class for all statements in the AST.
*
* This class represents all types of statements in Bicep, including
* declarations, control flow statements, and other top-level constructs.
* Statements are the primary building blocks of Bicep programs.
*/
class Stmts extends AstNode instanceof StmtsImpl {
/**
* Gets a control-flow node for this statement, if any.
*
* Control-flow nodes represent this statement in the control-flow graph,
* which models the flow of execution through the program.
*
* @return A control-flow node for this statement
*/
CfgImpl::AstCfgNode getAControlFlowNode() { result.getAstNode() = this }
/**
* Gets a control-flow entry node for this statement, if any.
*
* Entry nodes represent the point where execution enters this statement
* in the control-flow graph.
*
* @return A control-flow entry node for this statement
*/
AstNode getAControlFlowEntryNode() { result = CfgImpl::getAControlFlowEntryNode(this) }
Expr getExpr() { result = StmtsImpl.super.getExpr() }
}
/**
* A sequence of statements in the PHP AST.
*
* This represents a list of statements that appear together in sequence.
*/
class StmtSequence extends AstNode instanceof StmtSequenceImpl {
/**
* Gets all statements in this sequence.
*/
Stmts getStmts() { none() }
/**
* Gets the statement at the specified index within this sequence.
*/
Stmts getStmt(int index) { none() }
/**
* Get all callables defined in this program.
*/
Callable getCallables() {
result = this.getStmts()
}
/**
* Get a callable by its name.
*/
Callable getCallable(string name) {
exists(Callable c | c = this.getCallables() and c.getName() = name | result = c)
}
/**
* Gets the number of statements in this sequence.
*/
int getNumberOfStatements() { result = count(int i | exists(this.getStmt(i))) }
/**
* Gets the last statement of the sequence
*/
Stmts getLastStmt() { result = this.getStmt(this.getNumberOfStatements() - 1) }
}
/**
* An assert statement in the AST.
*
* Represents an assertion in Bicep, which checks a condition at runtime
* and raises an error if the condition is false. Assert statements are
* useful for validating assumptions and ensuring inputs meet expected criteria.
*/
class AssertStatement extends Stmts instanceof AssertStatementImpl { }
/**
* An import statement in the AST.
*
* Represents an import statement in Bicep, which brings external modules,
* namespaces, or resources into the current scope. Import statements enable
* code reuse and modularization of Bicep templates.
*/
class ImportStatement extends Stmts instanceof ImportStatementImpl { }
/**
* An infrastructure node in the AST.
*
* Represents the root node of a Bicep file, which contains all the top-level
* statements and declarations that define the infrastructure to be deployed.
* This is essentially the entry point of a Bicep program.
*/
class Infrastructure extends StmtSequence instanceof InfrastructureImpl {
override Stmts getStmts() { result = InfrastructureImpl.super.getStmts() }
override Stmts getStmt(int index) { result = InfrastructureImpl.super.getStmt(index) }
}
/**
* Represents a parameter declaration node in the AST.
*
* Parameters in Bicep are used to accept input values when deploying the template.
* They enable customization of deployments without modifying the template code.
* A parameter declaration includes a name, a type, and optionally a default value
* and/or allowed values.
*/
class ParameterDeclaration extends Stmts instanceof ParameterDeclarationImpl {
/**
* Gets the identifier of the parameter declaration.
*
* This is the name token of the parameter as it appears in the source code.
*
* @return The identifier node of the parameter
*/
Identifier getIdentifier() { result = ParameterDeclarationImpl.super.getName() }
/**
* Gets the name of the parameter declaration as a string.
*
* This is a convenience method that returns the name from the identifier.
*
* @return The name of the parameter
*/
string getName() { result = this.getIdentifier().getName() }
/**
* Gets the type of the parameter declaration.
*
* This specifies what kind of values are allowed for this parameter,
* such as 'string', 'int', 'bool', or more complex types.
*
* @return The type node of the parameter
*/
Type getType() { result = ParameterDeclarationImpl.super.getType() }
/**
* Gets the default value of the parameter declaration, if any.
*
* If provided, this value will be used when no explicit value is
* provided during deployment.
*
* @return The default value expression, if one exists
*/
Expr getDefaultValue() { result = ParameterDeclarationImpl.super.getDefaultValue() }
}
/**
* Represents an output declaration node in the AST.
*
* Outputs in Bicep allow exposing values from the deployment, such as resource
* properties, calculated values, or other results. They are typically used to
* return information about deployed resources or to pass values to parent templates
* in nested deployments.
*/
class OutputDeclaration extends Stmts instanceof OutputDeclarationImpl {
/**
* Gets the identifier of the output declaration.
*
* This is the name token of the output as it appears in the source code.
*
* @return The identifier node of the output
*/
Identifier getIdentifier() { result = OutputDeclarationImpl.super.getIdentifier() }
/**
* Gets the name of the output declaration as a string.
*
* This is a convenience method that returns the name from the identifier.
*
* @return The name of the output
*/
string getName() { result = this.getIdentifier().getName() }
/**
* Gets the type of the output declaration.
*
* This specifies what kind of value is being exposed by this output,
* such as 'string', 'int', 'bool', or more complex types.
*
* @return The type node of the output
*/
Type getType() { result = OutputDeclarationImpl.super.getType() }
/**
* Gets the value expression of the output declaration.
*
* This is the expression that will be evaluated to determine the
* value of the output when the template is deployed.
*
* @return The value expression of the output
*/
Expr getValue() { result = OutputDeclarationImpl.super.getValue() }
}
/**
* Represents a function parameter node in the AST.
*
* Parameters define the inputs that a function accepts. Each parameter has a name
* and a type, which constrains the kind of values that can be passed to the function
* for that parameter.
*/
class Parameter extends Expr instanceof ParameterImpl {
/**
* Gets the identifier of the parameter.
*
* This is the name token of the parameter as it appears in the function declaration.
*
* @return The identifier node of the parameter
*/
Idents getIdentifier() { result = ParameterImpl.super.getName() }
/**
* Gets the name of the parameter as a string.
*
* This is a convenience method that returns the name from the identifier.
*
* @return The name of the parameter
*/
string getName() { result = this.getIdentifier().getName() }
/**
* Gets the type of the parameter.
*
* This specifies what kind of values are allowed for this parameter,
* such as 'string', 'int', 'bool', or more complex types.
*
* @return The type node of the parameter
*/
Type getType() { result = ParameterImpl.super.getType() }
}
/**
* Represents a parameters collection node in the AST.
*
* This class represents the collection of parameters in a function declaration,
* allowing access to the individual parameter nodes.
*/
class Parameters extends Expr instanceof ParametersImpl {
/**
* Gets the parameter at the specified index.
*
* @param index The zero-based index of the parameter to retrieve
* @return The parameter node at the specified index
*/
Parameter getParameter(int index) { result = ParametersImpl.super.getParameter(index) }
}
/**
* An import-with statement in the AST.
*
* Represents an import statement with additional configuration options in Bicep.
* Import-with statements allow importing external modules with specific settings
* or transformations applied to the imported items.
*/
class ImportWithStatement extends Stmts instanceof ImportWithStatementImpl { }
/**
* A using statement in the AST.
*
* Represents a using statement in Bicep, which introduces a local name for
* an imported module or namespace. Using statements help improve readability
* by allowing shorter references to external resources.
*/
class UsingStatement extends Stmts instanceof UsingStatementImpl { }