Only generate models for local supertypes

Avoid generating models for classes
implementing external SPI (e.g. `FileFilter`).
Keep `toString` models intact as they're
commonly used as taint-propagation method
(e.g. see `Joiner`).

java/ql/src/utils/model-generator/CaptureSourceModels.ql

@@ -29,7 +29,7 @@ class FromSourceConfiguration extends TaintTracking::Configuration {
   }
 }
 
-// TODO: better way than rely on internals?
+// TODO: better way than rely on internals to capture kind?
 cached
 predicate specificSourceNode(DataFlow::Node node, string output, string kind) {
   exists(InterpretNode n | Private::External::isSourceNode(n, output, kind) and n.asNode() = node)

java/ql/src/utils/model-generator/CaptureSummaryModels.ql

@@ -130,10 +130,6 @@ predicate isRelevantType(Type t) {
   not t.(CollectionType).getElementType() instanceof BoxedType
 }
 
-// TODO: "com.google.common.base;Converter;true;convertAll;(Iterable);;Element of Argument[0];Element of ReturnValue;taint",
-// TODO: infer interface from multiple implementations? e.g. UriComponentsContributor
-// TODO: distinguish between taint and value flows. If we find a value flow, omit the taint flow
-// TODO: merge param->return value with param->parameter flow?
 from TargetAPI api, string flow
 where flow = captureFlow(api)
 select flow order by flow

java/ql/src/utils/model-generator/ModelGeneratorUtils.qll

@@ -69,7 +69,7 @@ string asSourceModel(Callable api, string output, string kind) {
  */
 private string asPartialModel(Callable api) {
   result =
-    asModelName(api) + ";" //
+    typeAsSummaryModel(api) + ";" //
       + isExtensible(api.getDeclaringType()).toString() + ";" //
       + api.getName() + ";" //
       + paramsString(api) + ";" //
@@ -80,12 +80,20 @@ private string asPartialModel(Callable api) {
  * Returns the appropriate type name for the model. Either the type
  * declaring the method or the supertype introducing the method.
  */
-private string asModelName(Callable api) {
-  if api.(Method).getASourceOverriddenMethod().fromSource()
-  then result = typeAsModel(api.(Method).getASourceOverriddenMethod().getDeclaringType())
+private string typeAsSummaryModel(Callable api) {
+  if exists(superImpl(api.(Method)))
+  then
+    superImpl(api.(Method)).fromSource() and
+    result = typeAsModel(superImpl(api.(Method)).getDeclaringType())
   else result = typeAsModel(api.getDeclaringType())
 }
 
+Method superImpl(Method m) {
+  result = m.getAnOverride() and
+  not exists(result.getAnOverride()) and
+  not m instanceof ToStringMethod
+}
+
 private string typeAsModel(RefType type) {
   result = type.getCompilationUnit().getPackage().getName() + ";" + type.nestedName()
 }

java/ql/test/utils/model-generator/p/AbstractImplOfExternalSPI.java

@@ -0,0 +1,13 @@
+package p;
+
+import java.io.File;
+import java.io.FileFilter;
+
+public abstract class AbstractImplOfExternalSPI implements FileFilter {
+
+    @Override
+    public boolean accept(File pathname) {
+        return false;
+    }
+
+}

java/ql/test/utils/model-generator/p/ImplOfExternalSPI.java

@@ -0,0 +1,19 @@
+package p;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+
+public class ImplOfExternalSPI extends AbstractImplOfExternalSPI {
+
+    @Override
+    public boolean accept(File pathname) {
+        try {
+            Files.createFile(pathname.toPath());
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        return false;
+    }
+
+}

java/ql/test/utils/model-generator/p/MultipleImpls.java

@@ -1,9 +1,13 @@
 package p;
 
+import java.io.File;
+import java.io.FileFilter;
+import java.io.IOException;
+import java.nio.file.Files;
 import java.util.concurrent.Callable;
 
 public class MultipleImpls {
-    
+
     public static interface Strategy {
         String doSomething(String value);
     }
@@ -22,7 +26,7 @@ public class MultipleImpls {
             return null;
         }
 
-    }
+    }    
     public static class Strat2 implements Strategy {
         private String foo;