C++: Move ExternalAPI files into query directory to prevent out-of-tree use.

Author: MathiasVP

config/identical-files.json

@@ -359,12 +359,12 @@
     "python/ql/test/TestUtilities/InlineExpectationsTest.qll"
   ],
   "C++ ExternalAPIs": [
-    "cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll",
-    "cpp/ql/src/semmle/code/cpp/security/ir/ExternalAPIs.qll"
+    "cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll",
+    "cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll"
   ],
   "C++ SafeExternalAPIFunction": [
-    "cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll",
-    "cpp/ql/src/semmle/code/cpp/security/ir/implementation/SafeExternalAPIFunction.qll"
+    "cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll",
+    "cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll"
   ],
   "XML": [
     "cpp/ql/src/semmle/code/cpp/XML.qll",

cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql

@@ -9,7 +9,7 @@
  */
 
 import cpp
-import semmle.code.cpp.security.ExternalAPIs
+import ExternalAPIs
 
 from ExternalAPIUsedWithUntrustedData externalAPI
 select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,

cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll renamed to cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll

@@ -6,7 +6,7 @@
 private import cpp
 private import semmle.code.cpp.models.interfaces.DataFlow
 private import semmle.code.cpp.models.interfaces.Taint
-import implementation.ExternalAPIsSpecific
+import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
 class UntrustedExternalAPIDataNode extends ExternalAPIDataNode {

cpp/ql/src/semmle/code/cpp/security/implementation/ExternalAPIsSpecific.qll renamed to cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll

@@ -9,7 +9,7 @@
  */
 
 import cpp
-import semmle.code.cpp.security.ir.ExternalAPIs
+import ir.ExternalAPIs
 
 from ExternalAPIUsedWithUntrustedData externalAPI
 select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,

cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql

@@ -10,7 +10,7 @@
 
 import cpp
 import semmle.code.cpp.ir.dataflow.TaintTracking
-import semmle.code.cpp.security.ir.ExternalAPIs
+import ir.ExternalAPIs
 import semmle.code.cpp.security.FlowSources
 import DataFlow::PathGraph
 

cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql

@@ -3,6 +3,7 @@
  */
 
 private import cpp
+private import semmle.code.cpp.models.implementations.Pure
 
 /**
  * A `Function` that is considered a "safe" external API from a security perspective.

cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll renamed to cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll

@@ -10,7 +10,7 @@
 
 import cpp
 import semmle.code.cpp.dataflow.TaintTracking
-import semmle.code.cpp.security.ExternalAPIs
+import ExternalAPIs
 import DataFlow::PathGraph
 
 from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink

cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql

@@ -6,7 +6,7 @@
 private import cpp
 private import semmle.code.cpp.models.interfaces.DataFlow
 private import semmle.code.cpp.models.interfaces.Taint
-import implementation.ExternalAPIsSpecific
+import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
 class UntrustedExternalAPIDataNode extends ExternalAPIDataNode {