C#: Use SummarizedCallable external instead of the internal.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll

@@ -256,9 +256,7 @@ newtype TDataFlowCallable =
 
 class DataFlowCallable extends TDataFlowCallable {
   /** Get the underlying source code callable, if any. */
-  DotNet::Callable asCallable() {
-    this = TDotNetCallable(result) or this = TSummarizedCallable(result)
-  }
+  DotNet::Callable asCallable() { this = TDotNetCallable(result) }
 
   /** Get the underlying summarized callable, if any. */
   FlowSummary::SummarizedCallable asSummarizedCallable() { this = TSummarizedCallable(result) }

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll

@@ -506,10 +506,10 @@ private predicate fieldOrPropertyStore(Expr e, Content c, Expr src, Expr q, bool
       f instanceof InstanceFieldOrProperty
       or
       exists(
-        FlowSummary::SummarizedCallable callable,
+        FlowSummaryImpl::Public::SummarizedCallable sc,
         FlowSummaryImpl::Public::SummaryComponentStack input
       |
-        callable.propagatesFlow(input, _, _) and
+        sc.propagatesFlow(input, _, _) and
         input.contains(FlowSummary::SummaryComponent::content(f.getContent()))
       )
     )

csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll

@@ -910,33 +910,6 @@ module Private {
       }
     }
 
-    private class SummarizedCallableExternal extends SummarizedCallable {
-      SummarizedCallableExternal() { summaryElement(this, _, _, _, _) }
-
-      private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) {
-        summaryElement(this, inSpec, outSpec, kind, false)
-        or
-        summaryElement(this, inSpec, outSpec, kind, true) and
-        not summaryElement(this, _, _, _, false)
-      }
-
-      override predicate propagatesFlow(
-        SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue
-      ) {
-        exists(AccessPath inSpec, AccessPath outSpec, string kind |
-          this.relevantSummaryElement(inSpec, outSpec, kind) and
-          interpretSpec(inSpec, input) and
-          interpretSpec(outSpec, output)
-        |
-          kind = "value" and preservesValue = true
-          or
-          kind = "taint" and preservesValue = false
-        )
-      }
-
-      override predicate isAutoGenerated() { summaryElement(this, _, _, _, true) }
-    }
-
     /** Holds if component `c` of specification `spec` cannot be parsed. */
     predicate invalidSpecComponent(AccessPath spec, string c) {
       c = spec.getToken(_) and

csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll

@@ -99,6 +99,27 @@ private predicate summaryElement0(
 private class SummarizedCallableExternal extends FlowSummary::SummarizedCallable {
   SummarizedCallableExternal() { summaryElement0(this, _, _, _, _) }
 
+  private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) {
+    summaryElement0(this, inSpec, outSpec, kind, false)
+    or
+    summaryElement0(this, inSpec, outSpec, kind, true) and
+    not summaryElement0(this, _, _, _, false)
+  }
+
+  override predicate propagatesFlow(
+    SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue
+  ) {
+    exists(AccessPath inSpec, AccessPath outSpec, string kind |
+      this.relevantSummaryElement(inSpec, outSpec, kind) and
+      External::interpretSpec(inSpec, input) and
+      External::interpretSpec(outSpec, output)
+    |
+      kind = "value" and preservesValue = true
+      or
+      kind = "taint" and preservesValue = false
+    )
+  }
+
   override predicate isAutoGenerated() { summaryElement0(this, _, _, _, true) }
 }
 

csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll

@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as Impl
 private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dataflow.FlowSummary
 
@@ -48,11 +47,11 @@ private class SystemCollectionIEnumerableFlowModelCsv extends SummaryModelCsv {
 }
 
 /** Clear content for Clear methods in all subtypes of `System.Collections.IEnumerable`. */
-private class SystemCollectionsIEnumerableClearFlow extends Impl::Public::SummarizedCallable {
+private class SystemCollectionsIEnumerableClearFlow extends SummarizedCallable {
   SystemCollectionsIEnumerableClearFlow() {
-    this.asCallable().getDeclaringType().(RefType).getABaseType*() instanceof
+    this.getDeclaringType().(RefType).getABaseType*() instanceof
       SystemCollectionsIEnumerableInterface and
-    this.asCallable().hasName("Clear")
+    this.hasName("Clear")
   }
 
   override predicate clearsContent(ParameterPosition pos, DataFlow::ContentSet content) {

csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll

@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as Impl
 private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dataflow.FlowSummary
 
@@ -28,9 +27,9 @@ class SystemTextStringBuilderClass extends SystemTextClass {
 }
 
 /** Clear content for `System.Text.StringBuilder.Clear`. */
-private class SystemTextStringBuilderClearFlow extends Impl::Public::SummarizedCallable {
+private class SystemTextStringBuilderClearFlow extends SummarizedCallable {
   SystemTextStringBuilderClearFlow() {
-    this.asCallable() = any(SystemTextStringBuilderClass s).getAMethod("Clear")
+    this = any(SystemTextStringBuilderClass s).getAMethod("Clear")
   }
 
   override predicate clearsContent(ParameterPosition pos, DataFlow::ContentSet content) {

csharp/ql/src/Telemetry/ExternalApi.qll

@@ -8,7 +8,6 @@ private import semmle.code.csharp.dataflow.FlowSummary
 private import semmle.code.csharp.dataflow.internal.DataFlowImplCommon as DataFlowImplCommon
 private import semmle.code.csharp.dataflow.internal.DataFlowPrivate
 private import semmle.code.csharp.dataflow.internal.DataFlowDispatch as DataFlowDispatch
-private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as Impl
 private import semmle.code.csharp.dataflow.internal.TaintTrackingPrivate
 private import semmle.code.csharp.security.dataflow.flowsources.Remote
 
@@ -81,7 +80,8 @@ class ExternalApi extends DotNet::Callable {
 
   /** Holds if this API has a supported summary. */
   predicate hasSummary() {
-    exists(Impl::Public::SummarizedCallable sc | sc.asCallable() = this) or
+    this instanceof SummarizedCallable
+    or
     defaultAdditionalTaintStep(this.getAnInput(), _)
   }
 

csharp/ql/test/library-tests/dataflow/library/FlowSummaries.ql

@@ -1,6 +1,5 @@
 import shared.FlowSummaries
-private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
 
 private class IncludeAllSummarizedCallable extends IncludeSummarizedCallable {
-  IncludeAllSummarizedCallable() { this instanceof FlowSummaryImpl::Public::SummarizedCallable }
+  IncludeAllSummarizedCallable() { this instanceof SummarizedCallable }
 }

csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.ql

@@ -1,12 +1,9 @@
 import shared.FlowSummaries
-private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
 private import semmle.code.csharp.dataflow.internal.DataFlowPrivate::Csv
 private import semmle.code.csharp.dataflow.ExternalFlow
 
 class IncludeFilteredSummarizedCallable extends IncludeSummarizedCallable {
-  IncludeFilteredSummarizedCallable() {
-    this instanceof FlowSummaryImpl::Public::SummarizedCallable
-  }
+  IncludeFilteredSummarizedCallable() { this instanceof SummarizedCallable }
 
   /**
    * Holds if flow is propagated between `input` and `output` and
@@ -18,9 +15,9 @@ class IncludeFilteredSummarizedCallable extends IncludeSummarizedCallable {
   ) {
     this.propagatesFlow(input, output, preservesValue) and
     not exists(IncludeSummarizedCallable rsc |
-      isBaseCallableOrPrototype(rsc.asCallable()) and
+      isBaseCallableOrPrototype(rsc) and
       rsc.propagatesFlow(input, output, preservesValue) and
-      this.asCallable().(UnboundCallable).overridesOrImplementsUnbound(rsc.asCallable())
+      this.(UnboundCallable).overridesOrImplementsUnbound(rsc)
     )
   }
 }