Merge pull request #9182 from erik-krogh/useStringComp

erik-krogh · web-flow · commit fff70da650fc · 2022-05-19T10:42:37.000+02:00
use string equality instead of regexps to compare constant strings
diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Printf.qll b/cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
@@ -872,7 +872,7 @@ class FormatLiteral extends Literal {
 
   private Type getConversionType1(int n) {
     exists(string cnv | cnv = this.getConversionChar(n) |
-      cnv.regexpMatch("d|i") and
+      cnv = ["d", "i"] and
       result = this.getIntegralConversion(n) and
       not result.getUnderlyingType().(IntegralType).isExplicitlySigned() and
       not result.getUnderlyingType().(IntegralType).isExplicitlyUnsigned()
@@ -912,15 +912,15 @@ class FormatLiteral extends Literal {
 
   private Type getConversionType2(int n) {
     exists(string cnv | cnv = this.getConversionChar(n) |
-      cnv.regexpMatch("o|u|x|X") and
+      cnv = ["o", "u", "x", "X"] and
       result = this.getIntegralConversion(n) and
       result.getUnderlyingType().(IntegralType).isUnsigned()
     )
   }
 
   private Type getConversionType3(int n) {
     exists(string cnv | cnv = this.getConversionChar(n) |
-      cnv.regexpMatch("a|A|e|E|f|F|g|G") and result = this.getFloatingPointConversion(n)
+      cnv = ["a", "A", "e", "E", "f", "F", "g", "G"] and result = this.getFloatingPointConversion(n)
     )
   }
 
diff --git a/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql b/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql
@@ -19,7 +19,7 @@ predicate whitelist(Function f) {
       "nearbyintl", "rint", "rintf", "rintl", "round", "roundf", "roundl", "trunc", "truncf",
       "truncl"
     ] or
-  f.getName().matches("__builtin_%")
+  f.getName().matches("\\_\\_builtin\\_%")
 }
 
 predicate whitelistPow(FunctionCall fc) {
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
@@ -58,7 +58,7 @@ where
       // unfortunately cannot use numeric value here because // O_CREAT is defined differently on different OSes:
       // https://github.com/red/red/blob/92feb0c0d5f91e087ab35fface6906afbf99b603/runtime/definitions.reds#L477-L491
       // this may introduce false negatives
-      fctmp.getArgument(1).(BitwiseOrExpr).getAChild*().getValueText().matches("O_CREAT") or
+      fctmp.getArgument(1).(BitwiseOrExpr).getAChild*().getValueText() = "O_CREAT" or
       fctmp.getArgument(1).getValueText().matches("%O_CREAT%")
     ) and
     fctmp.getNumberOfArguments() = 2 and
diff --git a/cpp/ql/src/jsf/4.05 Libraries/AV Rule 23.ql b/cpp/ql/src/jsf/4.05 Libraries/AV Rule 23.ql
@@ -13,7 +13,7 @@ import cpp
 
 from Function f
 where
-  f.getName().regexpMatch("atof|atoi|atol") and
+  f.getName() = ["atof", "atoi", "atol"] and
   f.getFile().getAbsolutePath().matches("%stdlib.h")
 select f.getACallToThisFunction(),
   "AV Rule 23: The library functions atof, atoi and atol from library <stdlib.h> shall not be used."
diff --git a/cpp/ql/src/jsf/4.05 Libraries/AV Rule 24.ql b/cpp/ql/src/jsf/4.05 Libraries/AV Rule 24.ql
@@ -13,7 +13,7 @@ import cpp
 
 from Function f
 where
-  f.getName().regexpMatch("abort|exit|getenv|system") and
+  f.getName() = ["abort", "exit", "getenv", "system"] and
   f.getFile().getAbsolutePath().matches("%stdlib.h")
 select f.getACallToThisFunction(),
   "The library functions abort, exit, getenv and system from library <stdlib.h> should not be used."
diff --git a/csharp/ql/src/Likely Bugs/LeapYear/UnsafeYearConstruction.ql b/csharp/ql/src/Likely Bugs/LeapYear/UnsafeYearConstruction.ql
@@ -20,7 +20,7 @@ class UnsafeYearCreationFromArithmeticConfiguration extends TaintTracking::Confi
   override predicate isSource(DataFlow::Node source) {
     exists(ArithmeticOperation ao, PropertyAccess pa | ao = source.asExpr() |
       pa = ao.getAChild*() and
-      pa.getProperty().getQualifiedName().matches("System.DateTime.Year")
+      pa.getProperty().hasQualifiedName("System.DateTime.Year")
     )
   }
 
diff --git a/java/ql/lib/semmle/code/java/Collections.qll b/java/ql/lib/semmle/code/java/Collections.qll
@@ -92,7 +92,7 @@ class CollectionMutation extends MethodAccess {
 /** A method that queries the contents of a collection without mutating it. */
 class CollectionQueryMethod extends CollectionMethod {
   CollectionQueryMethod() {
-    pragma[only_bind_into](this).getName().regexpMatch("contains|containsAll|get|size|peek")
+    pragma[only_bind_into](this).getName() = ["contains", "containsAll", "get", "size", "peek"]
   }
 }
 
diff --git a/java/ql/lib/semmle/code/java/Maps.qll b/java/ql/lib/semmle/code/java/Maps.qll
@@ -59,9 +59,8 @@ class MapMutation extends MethodAccess {
 /** A method that queries the contents of the map it belongs to without mutating it. */
 class MapQueryMethod extends MapMethod {
   MapQueryMethod() {
-    pragma[only_bind_into](this)
-        .getName()
-        .regexpMatch("get|containsKey|containsValue|entrySet|keySet|values|isEmpty|size")
+    pragma[only_bind_into](this).getName() =
+      ["get", "containsKey", "containsValue", "entrySet", "keySet", "values", "isEmpty", "size"]
   }
 }
 
diff --git a/java/ql/lib/semmle/code/java/Type.qll b/java/ql/lib/semmle/code/java/Type.qll
@@ -1002,7 +1002,9 @@ class FunctionalInterface extends Interface {
  * and `double`.
  */
 class PrimitiveType extends Type, @primitive {
-  PrimitiveType() { this.getName().regexpMatch("float|double|int|boolean|short|byte|char|long") }
+  PrimitiveType() {
+    this.getName() = ["float", "double", "int", "boolean", "short", "byte", "char", "long"]
+  }
 
   /** Gets the boxed type corresponding to this primitive type. */
   BoxedType getBoxedType() { result.getPrimitiveType() = this }
@@ -1217,9 +1219,9 @@ predicate erasedHaveIntersection(RefType t1, RefType t2) {
 class IntegralType extends Type {
   IntegralType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
-      name.regexpMatch("byte|char|short|int|long")
+      name = ["byte", "char", "short", "int", "long"]
     )
   }
 }
@@ -1228,7 +1230,7 @@ class IntegralType extends Type {
 class BooleanType extends Type {
   BooleanType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
       name = "boolean"
     )
@@ -1239,7 +1241,7 @@ class BooleanType extends Type {
 class CharacterType extends Type {
   CharacterType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
       name = "char"
     )
@@ -1250,10 +1252,9 @@ class CharacterType extends Type {
 class NumericType extends Type {
   NumericType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or
-      name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
-      name.regexpMatch("byte|short|int|long|double|float")
+      name = ["byte", "short", "int", "long", "double", "float"]
     )
   }
 }
@@ -1262,9 +1263,9 @@ class NumericType extends Type {
 class NumericOrCharType extends Type {
   NumericOrCharType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
-      name.regexpMatch("byte|char|short|int|long|double|float")
+      name = ["byte", "char", "short", "int", "long", "double", "float"]
     )
   }
 }
@@ -1273,9 +1274,9 @@ class NumericOrCharType extends Type {
 class FloatingPointType extends Type {
   FloatingPointType() {
     exists(string name |
-      name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()
+      name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]
     |
-      name.regexpMatch("float|double")
+      name = ["float", "double"]
     )
   }
 }
diff --git a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll
@@ -337,15 +337,15 @@ private predicate safeCast(Type fromtyp, Type totyp) {
   exists(PrimitiveType pfrom, PrimitiveType pto | pfrom = fromtyp and pto = totyp |
     pfrom = pto
     or
-    pfrom.hasName("char") and pto.getName().regexpMatch("int|long|float|double")
+    pfrom.hasName("char") and pto.hasName(["int", "long", "float", "double"])
     or
-    pfrom.hasName("byte") and pto.getName().regexpMatch("short|int|long|float|double")
+    pfrom.hasName("byte") and pto.hasName(["short", "int", "long", "float", "double"])
     or
-    pfrom.hasName("short") and pto.getName().regexpMatch("int|long|float|double")
+    pfrom.hasName("short") and pto.hasName(["int", "long", "float", "double"])
     or
-    pfrom.hasName("int") and pto.getName().regexpMatch("long|float|double")
+    pfrom.hasName("int") and pto.hasName(["long", "float", "double"])
     or
-    pfrom.hasName("long") and pto.getName().regexpMatch("float|double")
+    pfrom.hasName("long") and pto.hasName(["float", "double"])
     or
     pfrom.hasName("float") and pto.hasName("double")
     or
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
@@ -190,7 +190,7 @@ private predicate localAdditionalTaintUpdateStep(Expr src, Expr sink) {
 
 private class BulkData extends RefType {
   BulkData() {
-    this.(Array).getElementType().(PrimitiveType).getName().regexpMatch("byte|char")
+    this.(Array).getElementType().(PrimitiveType).hasName(["byte", "char"])
     or
     exists(RefType t | this.getASourceSupertype*() = t |
       t.hasQualifiedName("java.io", "InputStream") or
@@ -321,15 +321,15 @@ private predicate argToMethodStep(Expr tracked, MethodAccess sink) {
   exists(Method springResponseEntityOfOk |
     sink.getMethod() = springResponseEntityOfOk and
     springResponseEntityOfOk.getDeclaringType() instanceof SpringResponseEntity and
-    springResponseEntityOfOk.getName().regexpMatch("ok|of") and
+    springResponseEntityOfOk.hasName(["ok", "of"]) and
     tracked = sink.getArgument(0) and
     tracked.getType() instanceof TypeString
   )
   or
   exists(Method springResponseEntityBody |
     sink.getMethod() = springResponseEntityBody and
     springResponseEntityBody.getDeclaringType() instanceof SpringResponseEntityBodyBuilder and
-    springResponseEntityBody.getName().regexpMatch("body") and
+    springResponseEntityBody.hasName("body") and
     tracked = sink.getArgument(0) and
     tracked.getType() instanceof TypeString
   )
diff --git a/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll
@@ -13,7 +13,7 @@ class FitFixtureEntryPoint extends CallableEntryPoint {
  * FitNesse entry points externally defined.
  */
 class FitNesseSlimEntryPointData extends ExternalData {
-  FitNesseSlimEntryPointData() { getDataPath().matches("fitnesse.csv") }
+  FitNesseSlimEntryPointData() { getDataPath() = "fitnesse.csv" }
 
   /**
    * Gets the class name.
diff --git a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll
@@ -85,7 +85,7 @@ class MockitoInitedTest extends Class {
  */
 class MockitoAnnotation extends Annotation {
   MockitoAnnotation() {
-    this.getType().getPackage().getName().matches("org.mockito") or
+    this.getType().getPackage().hasName("org.mockito") or
     this.getType().getPackage().getName().matches("org.mockito.%")
   }
 }
diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll b/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll
@@ -37,7 +37,7 @@ private class SliceProviderLifecycleStep extends AdditionalValueStep {
 
 private class SliceActionsInheritTaint extends DataFlow::SyntheticFieldContent,
   TaintInheritingContent {
-  SliceActionsInheritTaint() { this.getField().matches("androidx.slice.Slice.action") }
+  SliceActionsInheritTaint() { this.getField() = "androidx.slice.Slice.action" }
 }
 
 private class SliceBuildersSummaryModels extends SummaryModelCsv {
diff --git a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll
@@ -20,7 +20,7 @@ private class DefaultSafeExternalApiMethod extends SafeExternalApiMethod {
   DefaultSafeExternalApiMethod() {
     this instanceof EqualsMethod
     or
-    this.getName().regexpMatch("size|length|compareTo|getClass|lastIndexOf")
+    this.hasName(["size", "length", "compareTo", "getClass", "lastIndexOf"])
     or
     this.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "Validate")
     or
@@ -42,7 +42,7 @@ private class DefaultSafeExternalApiMethod extends SafeExternalApiMethod {
     this.getName() = "isDigit"
     or
     this.getDeclaringType().hasQualifiedName("java.lang", "String") and
-    this.getName().regexpMatch("equalsIgnoreCase|regionMatches")
+    this.hasName(["equalsIgnoreCase", "regionMatches"])
     or
     this.getDeclaringType().hasQualifiedName("java.lang", "Boolean") and
     this.getName() = "parseBoolean"
@@ -51,7 +51,7 @@ private class DefaultSafeExternalApiMethod extends SafeExternalApiMethod {
     this.getName() = "closeQuietly"
     or
     this.getDeclaringType().hasQualifiedName("org.springframework.util", "StringUtils") and
-    this.getName().regexpMatch("hasText|isEmpty")
+    this.hasName(["hasText", "isEmpty"])
   }
 }
 
diff --git a/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflectionLib.qll b/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflectionLib.qll
@@ -35,7 +35,7 @@ predicate looksLikeResolveClassStep(DataFlow::Node fromNode, DataFlow::Node toNo
     m = ma.getMethod() and arg = ma.getArgument(i)
   |
     m.getReturnType() instanceof TypeClass and
-    m.getName().toLowerCase().regexpMatch("resolve|load|class|type") and
+    m.getName().toLowerCase() = ["resolve", "load", "class", "type"] and
     arg.getType() instanceof TypeString and
     arg = fromNode.asExpr() and
     ma = toNode.asExpr()
@@ -52,7 +52,7 @@ predicate looksLikeInstantiateClassStep(DataFlow::Node fromNode, DataFlow::Node
     m = ma.getMethod() and arg = ma.getArgument(i)
   |
     m.getReturnType() instanceof TypeObject and
-    m.getName().toLowerCase().regexpMatch("instantiate|instance|create|make|getbean") and
+    m.getName().toLowerCase() = ["instantiate", "instance", "create", "make", "getbean"] and
     arg.getType() instanceof TypeClass and
     arg = fromNode.asExpr() and
     ma = toNode.asExpr()
diff --git a/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.qll b/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.qll
@@ -134,6 +134,6 @@ predicate springUrlRedirectTaintStep(DataFlow::Node fromNode, DataFlow::Node toN
 predicate nonLocationHeaderSanitizer(DataFlow::Node node) {
   exists(HttpHeadersAddSetMethodAccess ma, Argument firstArg | node.asExpr() = ma.getArgument(1) |
     firstArg = ma.getArgument(0) and
-    not firstArg.(CompileTimeConstantExpr).getStringValue().matches("Location")
+    not firstArg.(CompileTimeConstantExpr).getStringValue() = "Location"
   )
 }
diff --git a/java/ql/src/utils/model-generator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/model-generator/internal/CaptureModelsSpecific.qll
@@ -111,7 +111,7 @@ string asPartialModel(TargetApiSpecific api) {
 }
 
 private predicate isPrimitiveTypeUsedForBulkData(J::Type t) {
-  t.getName().regexpMatch("byte|char|Byte|Character")
+  t.hasName(["byte", "char", "Byte", "Character"])
 }
 
 /**
diff --git a/javascript/ql/lib/semmle/javascript/Expr.qll b/javascript/ql/lib/semmle/javascript/Expr.qll
@@ -2286,9 +2286,7 @@ class ComprehensionExpr extends @comprehension_expr, Expr {
 
   /** Holds if this is a legacy postfix comprehension expression. */
   predicate isPostfix() {
-    exists(Token tk | tk = this.getFirstToken().getNextToken() |
-      not tk.getValue().regexpMatch("if|for")
-    )
+    exists(Token tk | tk = this.getFirstToken().getNextToken() | not tk.getValue() = ["if", "for"])
   }
 
   override string getAPrimaryQlClass() { result = "ComprehensionExpr" }
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/xUnit.qll b/javascript/ql/lib/semmle/javascript/frameworks/xUnit.qll
@@ -19,7 +19,7 @@ private predicate xUnitDetected() {
 private predicate possiblyAttribute(Expr e, string name) {
   exists(Identifier id | id = e or id = e.(CallExpr).getCallee() |
     name = id.getName() and
-    name.regexpMatch("Async|Data|Fact|Fixture|Import|ImportJson|Skip|Trait")
+    name = ["Async", "Data", "Fact", "Fixture", "Import", "ImportJson", "Skip", "Trait"]
   )
 }
 
diff --git a/javascript/ql/src/Declarations/DeadStoreOfGlobal.ql b/javascript/ql/src/Declarations/DeadStoreOfGlobal.ql
@@ -24,7 +24,7 @@ where
   // 'v' is not externally declared...
   not exists(ExternalVarDecl d | d.getName() = v.getName() |
     // ...as a member of {Window,Worker,WebWorker}.prototype
-    d.(ExternalInstanceMemberDecl).getBaseName().regexpMatch("Window|Worker|WebWorker")
+    d.(ExternalInstanceMemberDecl).getBaseName() = ["Window", "Worker", "WebWorker"]
     or
     // ...or as a member of window
     d.(ExternalStaticMemberDecl).getBaseName() = "window"
diff --git a/javascript/ql/src/LanguageFeatures/ArgumentsCallerCallee.ql b/javascript/ql/src/LanguageFeatures/ArgumentsCallerCallee.ql
@@ -15,7 +15,7 @@ import javascript
 from PropAccess acc, ArgumentsVariable args
 where
   acc.getBase() = args.getAnAccess() and
-  acc.getPropertyName().regexpMatch("caller|callee") and
+  acc.getPropertyName() = ["caller", "callee"] and
   // don't flag cases where the variable can never contain an arguments object
   not exists(Function fn | args = fn.getVariable()) and
   not exists(Parameter p | args = p.getAVariable()) and
diff --git a/javascript/ql/src/LanguageFeatures/BadTypeof.ql b/javascript/ql/src/LanguageFeatures/BadTypeof.ql
@@ -50,8 +50,11 @@ from EqOrSwitch et, TypeofExpr typeof, ConstantString str
 where
   typeof = et.getAnOperand().getUnderlyingValue() and
   str = et.getAnOperand().getUnderlyingValue() and
-  not str.getStringValue()
-      .regexpMatch("undefined|boolean|number|string|object|function|symbol|unknown|date|bigint")
+  not str.getStringValue() =
+    [
+      "undefined", "boolean", "number", "string", "object", "function", "symbol", "unknown", "date",
+      "bigint"
+    ]
 select typeof,
   "The result of this 'typeof' expression is compared to '$@', but the two can never be equal.",
   str, str.getStringValue()
diff --git a/python/ql/src/experimental/semmle/python/libraries/Authlib.qll b/python/ql/src/experimental/semmle/python/libraries/Authlib.qll
@@ -43,7 +43,7 @@ private module Authlib {
     override DataFlow::Node getAlgorithm() {
       exists(KeyValuePair headerDict |
         headerDict = this.getArg(0).asExpr().(Dict).getItem(_) and
-        headerDict.getKey().(Str_).getS().matches("alg") and
+        headerDict.getKey().(Str_).getS() = "alg" and
         result.asExpr() = headerDict.getValue()
       )
     }
diff --git a/python/ql/src/external/Thrift.qll b/python/ql/src/external/Thrift.qll
diff --git a/ql/ql/src/queries/style/UseStringComp.ql b/ql/ql/src/queries/style/UseStringComp.ql
diff --git a/ruby/ql/lib/codeql/ruby/security/internal/CleartextSources.qll b/ruby/ql/lib/codeql/ruby/security/internal/CleartextSources.qll

Original file line number	Diff line number	Diff line change
`@@ -872,7 +872,7 @@ class FormatLiteral extends Literal {`
`872`	`872`
`873`	`873`	`private Type getConversionType1(int n) {`
`874`	`874`	`exists(string cnv \| cnv = this.getConversionChar(n) \|`
`875`		`- cnv.regexpMatch("d\|i") and`
	`875`	`+ cnv = ["d", "i"] and`
`876`	`876`	`result = this.getIntegralConversion(n) and`
`877`	`877`	`not result.getUnderlyingType().(IntegralType).isExplicitlySigned() and`
`878`	`878`	`not result.getUnderlyingType().(IntegralType).isExplicitlyUnsigned()`
`@@ -912,15 +912,15 @@ class FormatLiteral extends Literal {`
`912`	`912`
`913`	`913`	`private Type getConversionType2(int n) {`
`914`	`914`	`exists(string cnv \| cnv = this.getConversionChar(n) \|`
`915`		`- cnv.regexpMatch("o\|u\|x\|X") and`
	`915`	`+ cnv = ["o", "u", "x", "X"] and`
`916`	`916`	`result = this.getIntegralConversion(n) and`
`917`	`917`	`result.getUnderlyingType().(IntegralType).isUnsigned()`
`918`	`918`	`)`
`919`	`919`	`}`
`920`	`920`
`921`	`921`	`private Type getConversionType3(int n) {`
`922`	`922`	`exists(string cnv \| cnv = this.getConversionChar(n) \|`
`923`		`- cnv.regexpMatch("a\|A\|e\|E\|f\|F\|g\|G") and result = this.getFloatingPointConversion(n)`
	`923`	`+ cnv = ["a", "A", "e", "E", "f", "F", "g", "G"] and result = this.getFloatingPointConversion(n)`
`924`	`924`	`)`
`925`	`925`	`}`
`926`	`926`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ predicate whitelist(Function f) {`
`19`	`19`	`"nearbyintl", "rint", "rintf", "rintl", "round", "roundf", "roundl", "trunc", "truncf",`
`20`	`20`	`"truncl"`
`21`	`21`	`] or`
`22`		`- f.getName().matches("__builtin_%")`
	`22`	`+ f.getName().matches("\\_\\_builtin\\_%")`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`predicate whitelistPow(FunctionCall fc) {`
Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ class UnsafeYearCreationFromArithmeticConfiguration extends TaintTracking::Confi`
`20`	`20`	`override predicate isSource(DataFlow::Node source) {`
`21`	`21`	`exists(ArithmeticOperation ao, PropertyAccess pa \| ao = source.asExpr() \|`
`22`	`22`	`pa = ao.getAChild*() and`
`23`		`- pa.getProperty().getQualifiedName().matches("System.DateTime.Year")`
	`23`	`+ pa.getProperty().hasQualifiedName("System.DateTime.Year")`
`24`	`24`	`)`
`25`	`25`	`}`
`26`	`26`
Original file line number	Diff line number	Diff line change
`@@ -92,7 +92,7 @@ class CollectionMutation extends MethodAccess {`
`92`	`92`	`/** A method that queries the contents of a collection without mutating it. */`
`93`	`93`	`class CollectionQueryMethod extends CollectionMethod {`
`94`	`94`	`CollectionQueryMethod() {`
`95`		`- pragma[only_bind_into](this).getName().regexpMatch("contains\|containsAll\|get\|size\|peek")`
	`95`	`+ pragma[only_bind_into](this).getName() = ["contains", "containsAll", "get", "size", "peek"]`
`96`	`96`	`}`
`97`	`97`	`}`
`98`	`98`
Original file line number	Diff line number	Diff line change
`@@ -59,9 +59,8 @@ class MapMutation extends MethodAccess {`
`59`	`59`	`/** A method that queries the contents of the map it belongs to without mutating it. */`
`60`	`60`	`class MapQueryMethod extends MapMethod {`
`61`	`61`	`MapQueryMethod() {`
`62`		`- pragma[only_bind_into](this)`
`63`		`- .getName()`
`64`		`- .regexpMatch("get\|containsKey\|containsValue\|entrySet\|keySet\|values\|isEmpty\|size")`
	`62`	`+ pragma[only_bind_into](this).getName() =`
	`63`	`+ ["get", "containsKey", "containsValue", "entrySet", "keySet", "values", "isEmpty", "size"]`
`65`	`64`	`}`
`66`	`65`	`}`
`67`	`66`
Original file line number	Diff line number	Diff line change
`@@ -1002,7 +1002,9 @@ class FunctionalInterface extends Interface {`
`1002`	`1002`	* and `double`.
`1003`	`1003`	`*/`
`1004`	`1004`	`class PrimitiveType extends Type, @primitive {`
`1005`		`- PrimitiveType() { this.getName().regexpMatch("float\|double\|int\|boolean\|short\|byte\|char\|long") }`
	`1005`	`+ PrimitiveType() {`
	`1006`	`+ this.getName() = ["float", "double", "int", "boolean", "short", "byte", "char", "long"]`
	`1007`	`+ }`
`1006`	`1008`
`1007`	`1009`	`/** Gets the boxed type corresponding to this primitive type. */`
`1008`	`1010`	`BoxedType getBoxedType() { result.getPrimitiveType() = this }`
`@@ -1217,9 +1219,9 @@ predicate erasedHaveIntersection(RefType t1, RefType t2) {`
`1217`	`1219`	`class IntegralType extends Type {`
`1218`	`1220`	`IntegralType() {`
`1219`	`1221`	`exists(string name \|`
`1220`		`- name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()`
	`1222`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1221`	`1223`	`\|`
`1222`		`- name.regexpMatch("byte\|char\|short\|int\|long")`
	`1224`	`+ name = ["byte", "char", "short", "int", "long"]`
`1223`	`1225`	`)`
`1224`	`1226`	`}`
`1225`	`1227`	`}`
`@@ -1228,7 +1230,7 @@ class IntegralType extends Type {`
`1228`	`1230`	`class BooleanType extends Type {`
`1229`	`1231`	`BooleanType() {`
`1230`	`1232`	`exists(string name \|`
`1231`		`- name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()`
	`1233`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1232`	`1234`	`\|`
`1233`	`1235`	`name = "boolean"`
`1234`	`1236`	`)`
`@@ -1239,7 +1241,7 @@ class BooleanType extends Type {`
`1239`	`1241`	`class CharacterType extends Type {`
`1240`	`1242`	`CharacterType() {`
`1241`	`1243`	`exists(string name \|`
`1242`		`- name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()`
	`1244`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1243`	`1245`	`\|`
`1244`	`1246`	`name = "char"`
`1245`	`1247`	`)`
`@@ -1250,10 +1252,9 @@ class CharacterType extends Type {`
`1250`	`1252`	`class NumericType extends Type {`
`1251`	`1253`	`NumericType() {`
`1252`	`1254`	`exists(string name \|`
`1253`		`- name = this.(PrimitiveType).getName() or`
`1254`		`- name = this.(BoxedType).getPrimitiveType().getName()`
	`1255`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1255`	`1256`	`\|`
`1256`		`- name.regexpMatch("byte\|short\|int\|long\|double\|float")`
	`1257`	`+ name = ["byte", "short", "int", "long", "double", "float"]`
`1257`	`1258`	`)`
`1258`	`1259`	`}`
`1259`	`1260`	`}`
`@@ -1262,9 +1263,9 @@ class NumericType extends Type {`
`1262`	`1263`	`class NumericOrCharType extends Type {`
`1263`	`1264`	`NumericOrCharType() {`
`1264`	`1265`	`exists(string name \|`
`1265`		`- name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()`
	`1266`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1266`	`1267`	`\|`
`1267`		`- name.regexpMatch("byte\|char\|short\|int\|long\|double\|float")`
	`1268`	`+ name = ["byte", "char", "short", "int", "long", "double", "float"]`
`1268`	`1269`	`)`
`1269`	`1270`	`}`
`1270`	`1271`	`}`
`@@ -1273,9 +1274,9 @@ class NumericOrCharType extends Type {`
`1273`	`1274`	`class FloatingPointType extends Type {`
`1274`	`1275`	`FloatingPointType() {`
`1275`	`1276`	`exists(string name \|`
`1276`		`- name = this.(PrimitiveType).getName() or name = this.(BoxedType).getPrimitiveType().getName()`
	`1277`	`+ name = [this.(PrimitiveType).getName(), this.(BoxedType).getPrimitiveType().getName()]`
`1277`	`1278`	`\|`
`1278`		`- name.regexpMatch("float\|double")`
	`1279`	`+ name = ["float", "double"]`
`1279`	`1280`	`)`
`1280`	`1281`	`}`
`1281`	`1282`	`}`